Cyber security analyst jobs in Nashville, TN - 70 jobs

Title: Temporary - Cyber Security Analyst Under the directive of the Information Security Officer, the cyber security analyst will implement security strategies and best practices in accordance with regulatory standards. ESSENTIAL JOB FUNCTIONS/JOB DUTIES AND RESPONSIBILITIES Conduct or coordinate vulnerability scans and document findings and risk mitigation strategies. Implement, monitor and maintain preventive and detective controls. Operate, administer and monitor network and host-based intrusion detection/prevention systems. Operate, administer and monitor Microsoft Defender SIEM. Analyze network traffic, intrusion attempts, activity logs and system alerts for trends, anomalies and potential security breaches. Analyze compromised computing resources to improve security design and policy compliance. Research, analyze, test and implement new security software solutions. Enforce security policies and procedures by administering and monitoring security profiles. Perform other duties as assigned. REQUIRED QUALIFICATIONS High School Diploma or GED One year of experience in information security and compliance regulations. Proficiency with Microsoft applications. PREFERRED QUALIFICATIONS Certificate in information security, i.e., Security+, Pen+, Ethical Hacker. Experience with SIEM (Microsoft Defender). Experience in phishing campaign/training. KNOWLEDGE, SKILLS AND ABILITIES Basic knowledge of incident response procedures. Knowledge of OSI Model and concepts. Knowledge of Information Security Concepts. Strong analytical, organizational and writing skills. Knowledge of NIST, CIS and FERPA controls. Interpersonal skills to effectively collaborate with both technical and non-technical personnel across different organizational levels. Experience utilizing IT security systems and tools, including analyzing logs for security breaches. Ability to adhere to department processes and procedures. Demonstrated skills applying security controls to computer software and hardware. Basic proficiency in reading and interpreting security logs. Fundamental knowledge of vulnerability scanning and Basic knowledge of risk assessments procedures. Open Until Filled: Yes Rate of Pay: $20.00 per hour Work Hours: Up to 28 hours per week Special Instructions to Applicants: Unofficial transcripts are acceptable for the application process. Official transcripts are required upon hire. Applicants may be subject to a background check. Nashville State offers flexible work arrangements for positions that qualify.

Title: Temporary - Cyber Security Analyst Under the directive of the Information Security Officer, the cyber security analyst will implement security strategies and best practices in accordance with regulatory standards. ESSENTIAL JOB FUNCTIONS/JOB DUTIES AND RESPONSIBILITIES Conduct or coordinate vulnerability scans and document findings and risk mitigation strategies. Implement, monitor and maintain preventive and detective controls. Operate, administer and monitor network and host-based intrusion detection/prevention systems. Operate, administer and monitor Microsoft Defender SIEM. Analyze network traffic, intrusion attempts, activity logs and system alerts for trends, anomalies and potential security breaches. Analyze compromised computing resources to improve security design and policy compliance. Research, analyze, test and implement new security software solutions. Enforce security policies and procedures by administering and monitoring security profiles. Perform other duties as assigned. REQUIRED QUALIFICATIONS High School Diploma or GED One year of experience in information security and compliance regulations. Proficiency with Microsoft applications. PREFERRED QUALIFICATIONS Certificate in information security, i.e., Security+, Pen+, Ethical Hacker. Experience with SIEM (Microsoft Defender). Experience in phishing campaign/training. KNOWLEDGE, SKILLS AND ABILITIES Basic knowledge of incident response procedures. Knowledge of OSI Model and concepts. Knowledge of Information Security Concepts. Strong analytical, organizational and writing skills. Knowledge of NIST, CIS and FERPA controls. Interpersonal skills to effectively collaborate with both technical and non-technical personnel across different organizational levels. Experience utilizing IT security systems and tools, including analyzing logs for security breaches. Ability to adhere to department processes and procedures. Demonstrated skills applying security controls to computer software and hardware. Basic proficiency in reading and interpreting security logs. Fundamental knowledge of vulnerability scanning and Basic knowledge of risk assessments procedures. Open Until Filled: Yes Rate of Pay: $20.00 per hour Work Hours: Up to 28 hours per week Special Instructions to Applicants: Unofficial transcripts are acceptable for the application process. Official transcripts are required upon hire. Applicants may be subject to a background check. Nashville State offers flexible work arrangements for positions that qualify.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Job Description OUR MISSION We exist to create a more connected, compassionate, and confident experience for people with cancer and those who care for them. We make it easier to get answers, access high-quality care quickly, and feel supported throughout treatment and beyond. Today, Thyme Care is a market-leading value-based oncology care enabler, partnering with national and regional health plans, providers, and employers to deliver better outcomes and lower costs for thousands of people across the country. Our model combines high-touch human support with powerful technology and AI to bring together everyone involved in a person's cancer journey: caregivers, oncologists, health plans, and employers. As a tech-native organization, we believe technology should strengthen the human connection at the center of care. Through data science, automation, and AI, we simplify complexity, improve collaboration, and help care teams focus on what matters most: supporting people through cancer. Looking ahead, our vision is bold: to become a household name in cancer care, where every person diagnosed asks for Thyme Care by name. If you're inspired to make cancer care more human and to help reimagine what's possible, we'd love to meet you. Together, we can build a future where every person with cancer feels truly cared for, in every moment that matters. WHAT YOU'LL DO As a Senior Security Engineer, you strengthen Thyme Care's security posture across our platform and infrastructure. You work closely with our Platform engineering team, IT, and virtual CISO to identify risks, harden our architecture, and embed security by design across engineering. You balance hands-on technical execution with coaching engineers to build secure practices by default. Proactively identify and close gaps in cloud, network, and application security architecture Lead security reviews of code and infrastructure, conduct threat modeling and partner with Eng squads on secure-by-default design Configure, tune, and monitor key security tools (e.g., Nightfall, GuardDuty, endpoint agents) to surface actionable alerts Triage and approve incoming security-related requests (applications, packages, Chrome extensions) Own technical response during a live security incident - from triage and log analysis to containment - in partnership with CISO, Engineering, and IT Build additional and low-friction security automation into CI/CD pipelines (dependency checks, SAST/DAST, IaC scanning) Partner with engineers to establish best practices and elevate secure coding practices without slowing delivery WHAT YOU'VE DONE Experience in application and infrastructure security, ideally in a healthcare or regulated environment Expertise with cloud security (AWS), IAM, CI/CD pipelines, and core security tools Background in securing public-facing APIs, web apps, and data platforms Knowledge of security monitoring, alerting, and incident response practices Ability to triage and operationalize security requests with pragmatism and rigor Comfortability working in fast-paced, scaling environments where priorities shift quickly WHAT LEADS TO SUCCESS Act with our members in mind. You protect sensitive health data with urgency and care. Move with purpose. You take initiative, surface risks, and close them. Seek diverse perspectives. You collaborate with engineers, IT, and leadership, and know when to pull in external expertise. Technical ability. You bring confidence and depth to lead reviews and guide secure outcomes. Clear communication. You translate complex security concepts for technical and non-technical audiences. Calm under pressure. You take ownership during incidents and drive resolution. OUR VALUES At Thyme Care, our core values guide us in everything we do: Act with our members in mind, Move with purpose, and Seek diverse perspectives. They anchor our business decisions, including how we grow, the products we make, and the paths we choose-or don't choose. Our salary ranges are based on paying competitively for our size and industry, and are one part of the total compensation package that also includes equity, benefits, and other opportunities at Thyme Care. Individual pay decisions are based on several factors, including qualifications, experience level, skillset, and balancing internal equity relative to other Thyme Care employees. The base salary for this role is $175,500 to $195,000. The salary range could be lower or higher than this if the role is hired at another level. We recognize a history of inequality in healthcare. We're here to challenge the status quo and create a culture of inclusion through the care we give and the company we build. We embrace and celebrate a diversity of perspectives in reflection of our members and the members we serve. We are an equal-opportunity employer. Be cautious of recruitment fraud , and always confirm that communications are coming from an official Thyme Care email.

Arctiq is a leader in professional IT services and managed services across three core Centers of Excellence: Enterprise Security, Modern Infrastructure and Platform Engineering. Renowned for our ability to architect intelligence, we connect, protect, and transform organizations, empowering them to thrive in today's digital landscape. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries. Job Summary: Do you have an analytical and flexible mindset, a demonstrated strong work ethic and are motivated to seek out and solve complex security problems? If so, Arctiq invites you to join their Security Operations Center team. As a Night Shift Security Operations Centre (SOC) Analyst, you will be responsible for handling cybersecurity events. Analyze and respond to alerts, compromise, breaches and proactively develop defensive measures and capabilities. Handle information security incidents and other adverse security events. Responsibilities: Monitor and triage security events, incidents, and alerts in a 24/7/365 environment. Conduct initial triage and analysis of security events and incidents. Escalate complex incidents to Tier 2/3 analysts as needed. Respond to security incidents in accordance with established incident response procedures. Participate in incident response activities and provide status updates to stakeholders. Document and maintain an accurate record of all security incidents, events, and alerts. Maintain a high level of awareness of current and emerging security threats and trends. Collaborate with other teams and departments within the organization to resolve security incidents. Continuously improve processes and procedures for incident response and security event management. Provide excellent quality of Customer Service. Meet or exceed customer expectation. Understand the overall processes and procedures of the Arctiq SOC and the relevance of the procedures to the managed client. Work non-traditional hours in a 24 x 7 service environment. Experience 2+ years in an IT security role or IT support role with significant security responsibilities. Demonstrated expertise in one or more of the following domains Data Security, Digital Forensics, Incident Response and Analysis, IT Systems and Operations, Network Security, Systems and Applications Security or Vulnerability Management. Excellent oral and written communication skills. Individuals will be required to submit to a background examination. Demonstrated ability in effective communication and collaborating in a high-performance team environment. Demonstrated commitment to customer service. Experience functioning in diverse workgroups Experience working with a SIEM Arctiq is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply. We thank you for your interest in joining the Arctiq team! While we welcome all applicants, only those who are selected for an interview will be contacted.

Job Requirements & Qualifications: •Designs, put into practice, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner. •Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services). •Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC. •Maintains knowledge of current and up-and-coming security, compliance, and technical developments. Identifies present and prospective future vulnerabilities and collaborates with suitable leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines. •Works with the information security management team to administer, maintain, and continuously improve HIPAA, PCI DSS, SOX, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans. •Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements. •Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security. •Guide and cross-train junior department team members lead meetings construct and uphold strong partnerships with multiple departments coordinate vendor support engagements etc. Knowledge, Skills, and Abilities •Knowledgeable with and ability to apply time-proven, generally-accepted security management concepts, techniques, and methodologies. •Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources. •Strong, efficient written and verbal communication skills that enables effective communications to multiple audiences. •Ability to occasionally work unscheduled shifts and in an on-call capacity and be available for occasional travel (up to 25%). •Strong internal (security recommendations) and external (vendor support) negotiation skills. •Ability to influence and encourage others. •Strong understanding of PCI, HIPAA, and SOC regulatory requirements. •Development/analysis proficiency in one or more scripting languages. •Development/analysis proficiency in TSQL. •Capability to learn and preserve new skills required to adapt to growing business and technical environments. •Strong perceptive of present and emergent information security technologies and trends. Qualifications Work Experience and/or Education •Bachelor's and/or Master's degree in information security or computer information systems. •6+ years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives. •Active CISA, CISSP, or CISM certification. •Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AS400, PAN OS, AIX, Cisco IOS, etc.) enterprise services (e.g. directory services, email, web publishing, database, virtualization, etc.) content management, client-server, and collaboration, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc. •Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management. Additional Information

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Description This position administers the enforcement of corporate, regulatory, and risk management policies and assists in developing, implementing, and achieving the strategic goals of the Information Security Program. The Information Security program includes policies, standards, procedures, and controls (technical, administrative, and physical) to protect customer, consumer, and proprietary information against reasonably foreseeable risks. This role is responsible for management of or auditing and reporting on intrusion prevention systems, content filtering systems, SIEM and event management systems, Antivirus, and vulnerability assessment programs.ESSENTIAL FUNCTIONS: Leading efforts to reduce overall risk by monitoring and tuning security alerts and investigating incidents. Defining, planning, implementing, maintaining, and upgrading security measures, policies and controls. Implement products and services as required to maintain compliance with existing, new, or changing regulations and auditing recommendations. Administer security policies to control access to resources observing least privilege. Manage and maintain patch installation for operating systems, software applications and Hardware as part of the overall vulnerability management system. Create and maintain security documentation to include policies, standards, procedures, and reports as required to support the Information Security program. Protect systems by defining access privileges, control structures, and resources. Work closely with technology and compliance teams for troubleshooting security related problems as well as identifying and implementing security strategy. Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity, and make recommendations based on those findings, Research attempts to compromise security posture and recommend solutions. Manage the user awareness training program and provide additional end-user training as needed. Design, implement, and report on security system activity, and perform end-user activity audits. Work with vendors to arrange for upgrades, updates, patches and replacements on software and hardware. Assist with 3rd party due diligence as pertains to cybersecurity best practices. Perform other duties as assigned KNOWLEDGE, SKILLS & ABILITIES: Education: A Bachelor's degree or 5 years of related experience. Experience: 3+ years relevant Information Security or IT Audit experience. Certifications & Licenses: Relevant security or IT Audit certification. FirstBank does not accept unsolicited resumes from agencies and staffing firms. Recruitment agencies and consultants may not submit resumes directly to managers. FirstBank will not pay fees to any third-party agency or company that does not have a signed agreement as an approved vendor. FirstBank in an Equal Opportunity Employer, including disability.

Job Title: Security Engineer Job Summary: This is not a passive, monitor-the-dashboard role - it is designed for a builder. The Security Engineer at RevSpring will lead efforts to secure infrastructure by owning, integrating, and optimizing the full lifecycle of security tools. From SIEM and CSPM to EDR and SOAR, each control will be made actionable, automated, and aligned to risk. Collaboration across teams will be essential to embed security into systems and processes, driving measurable maturity and delivering real protection - not just checklists. The role also supports compliance initiatives, leads risk assessments, manages security frameworks (NIST, HITRUST, ISO 27001), and responds to emerging threats with a solid understanding of both offensive and defensive security practices. Positioned at the intersection of security engineering, architecture, and strategy, this is a high-impact opportunity. This position is part of a high-impact team focused on building the security backbone for an organization that enables critical communications in healthcare, finance, and beyond. The work contributes directly to securing the ways millions of people connect with the services they depend on - confidently and securely. For professionals who view security maturity not as a project, but as an ongoing discipline, this role offers the ideal environment to thrive. Essential Functions: Tool Ownership & Security Architecture Own the lifecycle of security platforms including EDR/XDR, SIEM, SOAR, CSPM, IAM, and vulnerability management. Integrate and automate security tools and workflows across IT, cloud, and SOC environments. Continuously tune alerting, dashboards, and policies to reduce noise and improve signal quality. Maintain security control maps and maturity metrics. Security Maturity & Measurement Build and maintain RevSpring's Security Tool Maturity Roadmap. Track and report key performance indicators (KPIs) and return on investment (ROI) for all tools. Map control capabilities to frameworks such as NIST CSF, HITRUST, ISO 27001, and CIS Controls. Identify coverage gaps and eliminate redundant tools. Security Engineering & Compliance Conduct regular security risk assessments and audits across systems, applications, and networks. Design and implement new security solutions, collaborating closely with infrastructure, cloud, and AppSec teams. Support and maintain compliance with HIPAA, HITRUST, PCI-DSS, SOX, NIST, and GLBA. Formulate and manage IT security incident response strategies. Automation & Enablement Develop scripts and integrations using Python, PowerShell, Bash, and REST APIs to automate security operations. Embed security controls into CI/CD pipelines and infrastructure as code. Maintain documentation, runbooks, and diagrams to support repeatable security improvements. Governance & Cross-Functional Collaboration Partner with procurement, risk, and compliance teams to manage tool renewals, licensing, and governance. Communicate security tool performance, maturity, and improvements to leadership in clear, data-driven ways. Translate complex technical issues into business-relevant language. Minimum Requirements: Specific Job Skills: Strong understanding of at least three areas of the modern security stack: SIEM, EDR/XDR, SOAR, CSPM, IAM, or vulnerability management. Experience in cloud security (AWS, Azure, or GCP) and implementing security controls across cloud platforms. Experience with security assessments, architecture design, and risk-based security implementation. Familiarity with standards/frameworks: NIST CSF, HITRUST, ISO 27001/27002, COBIT, ITIL, CIS. Proficient in scripting/automation (e.g., Python, PowerShell) and integrating APIs. Experience with penetration testing, ethical hacking, or advanced threat detection tools. Ability to support compliance requirements and perform security reviews for internal and external stakeholders. Experience building or managing a security tool governance or maturity framework. Certifications such as GDSA, GCIA, AWS Security Specialty, CISSP, CISM, or similar. Familiarity with MITRE ATT&CK, secure coding practices, and modern DevSecOps workflows. Strong project management, reporting, and stakeholder communication skills. Analytical mindset with the ability to break down complex problems. Strong written and verbal communication skills - technical and non-technical audiences. Proven ability to work independently and as part of a team. Flexible and adaptable to evolving business and technical priorities. Passion for continuous learning and measurable security outcomes. Education: N/A Experience: 3-7 years of hands-on experience in Security Engineering, SOC Engineering, or DevSecOps. Supervision: N/A Certifications: N/A Language Skills: Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures or governmental regulations. Ability to write reports, business correspondence and procedure manuals. Ability to effectively present information and respond to questions from a variety of both internal and external sources. Physical Capabilities: Standard categories The physical capabilities described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel; reach with hands and arms; and talk or hear. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus. RevSpring is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Note: This may not describe all of the job responsibilities and standards assigned to this position. The duties may change from time to time. RevSpring does not discriminate against any group in hiring or employment practices. Nothing in this job description constitutes a contract for employment.

Education Level: (1) A bachelor's degree, or (2) achievement of formal certifications recognized in the industry as equivalent to a bachelor's degree (e.g. information technology certifications in lieu of a degree). Preferred Certifications include Security+ (CompTIA), CySA+ (CompTIA), or SSCP (ISC 2 ). Job Type: Full Time VEVRAA Federal Contractor Request Priority Referral of Protected Veterans EOE Protected Veterans/Disabled Robert C. Matthews, email: ******************************* Role: The Information Security and Fraud Analyst is responsible for developing and managing appropriate security measures for the bank's information systems, managing third-party vendor security risk, and investigating incidents of fraud and attempted fraud. Essential Functions & Responsibilities: E 35% Risk Management. Coordinates organizational risk assessments. Performs third party vendor risk assessments. Conducts information security Vendor Risk Assessments (VRA) on all in-scope third-party requests. Communicates at all levels and with all business units in providing support in the onboarding of third-party vendors with respect to the assessment of Information Security posture of the vendor. Creates and manages relationships with business units and stakeholders of the Third-Party Vendor Risk Management process. Performs assessment of third-party security and related due diligence documentation (such as SOC). E 30% Information Security. Monitors computer networks for security issues. Documents and investigates security breaches and other cybersecurity incidents. Stays current on IT security trends and news. Develops company-wide best practices for IT security. Research security enhancements and makes recommendations to management. Implements both internal and external security audits. Analyzes security issues thoroughly to identify the root cause. E 30% Fraud Investigations. Assists in the investigation of fraud incidents and recovery of funds; Maintains records of incidents, losses, recoveries, and prevention. Provides customer education to increase awareness of the fraud risk and effective techniques customers can use to mitigate the risk. Coaches staff on determination of fraud incidents and communication with customers. Interacts with external partners such as law enforcement agencies, vendors, and banks to validate information to check fraudulent activities. N 5% Performs other related duties as assigned or requested. Performance Measurements: 1. To comply with the letter and with the spirit of the bank's Code of Business Conduct and Ethics 2. To ensure that the bank suffers no losses due to failure to comply with operational procedures. 3. To provide friendly, professional, and accurate service and support to all customers both internal and external. 4. To maintain and build knowledge of auditing procedures through continued learning and research. 5. To acquire and maintain a working knowledge of regulations and bank procedures; to comply with the provisions of the Bank Secrecy Act and other laws and regulations. 6. To maintain the confidentiality of customer and any other sensitive information. 7. To complete required training and undertake additional training as needed to increase job knowledge and maximize productivity. Knowledge and Skills: Experience Three yeas to five years of similar or related experience. Education (1) A bachelor's degree, or (2) achievement of formal certifications recognized in the industry as equivalent to a bachelor's degree (e.g. information technology certifications in lieu of a degree). Preferred Certifications include Security+ (CompTIA), CySA+ (CompTIA), or SSCP (ISC 2 ). Interpersonal Skills Work involves much personal contact with others inside and/or outside the organization for the purpose of first-level conflict resolution, building relationships, and soliciting cooperation. Discussions involve a higher degree of confidentiality and discretion, requiring diplomacy and tact in communication. Other Skills 1. Knowledge in all areas of accounting and audit procedures and the ability to work independently. 2. Working knowledge of spreadsheets and word processing software; must be able to use PC and other types of general office equipment. Physical Requirements The person in this position needs to frequently move about inside the office to interact with associates or clients and access office machinery and file cabinets. The person in the position constantly operates a computer and other office productivity machinery, such as a calculator, photocopier, and printer. Work Environment This job operates in a professional office environment and may require travel to branches and other locations. This role routinely uses standard office equipment such as calculators, computers, phones, photocopier, filing cabinets and fax machines.

Remote | Product and Development | Full-Time WHO WE ARE Headquartered in Nashville, Tenn., Ncontracts leads the industry in integrated risk management and compliance solutions, serving over 5,000 financial institutions nationwide. As a seven-time Inc. 5000 Fastest Growing Companies honoree and consistent year-over-year recipient of "Best Places to Work" awards, we offer a thriving, work environment where career growth and life-work balance go hand in hand. At Ncontracts, you'll join a team of industry experts dedicated to strengthening the financial services sector through innovation and thought leadership. We're seeking creative, collaborative, and self-driven professionals across all areas of our business - from developing cutting-edge solutions to sales, marketing, customer support, and beyond. Join us in our mission to make the financial industry stronger and more resilient, while advancing your career in a supportive, dynamic environment that values your unique skills and perspectives. THE ROLE We're looking for a Product Security Engineer to embed security throughout our software development lifecycle. You'll work closely with engineering teams to secure our financial services platform, with particular focus on emerging AI technologies including Agentic AI systems. This role offers the opportunity to shape security practices in a cutting-edge fintech environment. WHAT YOU DO Participate in security architecture reviews and threat modeling for new features and systems Perform code reviews with focus on security vulnerabilities and best practices Design and implement security controls for cloud infrastructure (AWS, Azure, GCP) Participate in security assessments of AI/ML systems, including Agentic AI implementations Contribute to secure coding guidelines and security testing frameworks Integrate security tools into CI/CD pipelines (SAST, DAST, dependency scanning) Collaborate with DevOps team on infrastructure-as-code security practices Investigate and remediate security vulnerabilities across the technology stack Create security documentation for development teams and architectural decisions Support penetration testing activities and coordinate remediation efforts Research emerging threats and security technologies, particularly in AI/ML space WHAT YOU NEED 2+ years of experience in application security or product security engineering Bachelor's degree in computer science, Cybersecurity, or related technical field Strong programming skills in modern languages (Python, Ruby, Java, C#, JavaScript, PowerShell) Strong database experience with proficiency in SQL and PostgreSQL Deep understanding of web application security (OWASP Top 10, API security) Experience with cloud security architectures and containerization (Docker, Kubernetes) Experience with server administration across Linux and Windows environments Knowledge of security testing tools and methodologies (SAST, DAST, penetration testing) Experience applying risk assessment methodologies (DREAD, CVSS) to analyze security findings and establish data-driven remediation priorities Understanding of secure software development lifecycle (SSDLC) practices Experience with version control systems (Git) and CI/CD pipelines Experience with infrastructure automation using Ansible Demonstrated ability to communicate technical security concepts to diverse stakeholders and influence remediation efforts Self-motivated with ability to work independently and drive security initiatives to completion Experience collaborating with development teams to implement security fixes NICE TO HAVE Professional certifications (SAA-C03, PJPT, CSSLP, CEH, OSCP, AZ-400, AWS DevOps, or equivalent) Experience with AI/ML security, including model security and adversarial attacks Knowledge of financial services security requirements and data protection Experience with infrastructure-as-code tools (Terraform, CloudFormation) Background in threat modeling frameworks (STRIDE, PASTA, OCTAVE) Experience with security orchestration and automation platforms WE OFFER A fun, fast-paced work environment Responsible PTO Plan that meets or exceeds state and local medical and family leave laws 11 paid holidays Community and social events to keep you connected and engaged Mental Health Benefits Medical, Dental and Vision insurance Company-paid Group Life Insurance, Short- and Long-Term Disability Flexible Spending Account & Health Savings Account Aflac Benefits - Critical Illness, Cancer Protection, & Hospital Choice Pet Insurance 401 (k) with company match with eligibility on Day 1 of employment 2 Paid Volunteer Time Off Days And much more! Compensation Information Pursuant to state and local law disclosure requirements, the pay range for this role, with final offer amount dependent on education, skills, experience and location is $80,000 to $100,000 per year. This position may be eligible for an annual discretionary incentive award. The incentive award amount is dependent upon company performance and your personal performance and is not guaranteed. AAP/EEO Statement Ncontracts provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

The Security Engineer is responsible for ensuring that technical and procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices. The position works closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC. The Security Engineer will assist in managing Security Systems such as various endpoints, network logging, monitoring, physical access methods, and preventive systems as needed. The Security Engineer must focus on continuous improvement of response capabilities through automation and critical thinking. The professional is responsible for scrutinizing malware, targeted attacks, and intrusion detection. The Security Engineer will identify, investigate, and respond to information security alerts. They play an active role in searching through datasets, alerts, and notifications to detect any threats and anomalies. The security engineer will help resolve any issues related to network perimeter and security infrastructure devices. They must help resolve Windows and other security vulnerabilities. The Security Engineer must be able to dissect network, host, memory, and other artifacts that are originating from multiple operating systems and applications. The engineer will perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the security engineer to develop alerting and detection strategies to investigate any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics. The Security professional must be involved in incident response and investigations. The Information Security Engineer may suggest tools and techniques to achieve security goals. The Security Engineer may perform well-researched security enhancement suggestions to the ISO which meet security standards that protect the organization from possible security breaches. Essential Responsibilities * Security Alerts: Review, respond, and remediate where applicable; * Vulnerability remediation (may also be tasked with vulnerability administration, enhancements, scans, and automation development opportunities); * Phish campaign monitoring and resolution; * Analyze security systems and seek improvements on a continuous basis; * Report possible threats or software issues; * Research weaknesses and determine ways to counter them; * Understand software, hardware, and internet needs while adjusting them according to our business environment; * Assist fellow employees with cybersecurity, software, hardware, or IT needs; * Carry out and support information security plans and policies; * Respond to, investigate, and assist in recovery efforts related to a security breach; * Assist in Security Awareness training development and support; * Troubleshoot security and network problems; * Ensure the organization's data and infrastructure are protected by enabling and/or recommending appropriate security controls; * Participate and follow the change management process; * Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed or directed; * Administer, configure, and troubleshoot security infrastructure devices such as Varonis; * Test new software and firmware, as needed or directed. Operational Management * Work closely with IS Engineering, Security Engineers/Analysts, and other IS departments on corporate technology development to fully secure information, computer, network, and processing systems; * Recommend and implement changes, where appropriate, related to security policies and practices in accordance with changes in local and federal law; * Creatively provide resolution to security issues/problems in a cost-effective manner; * Collaborate with the Information Security Officer to establish and maintain systems for ensuring security and privacy policies are met. * Other security responsibilities as directed by the Information Security Officer Other Qualifications * Minimum of 1 - 3 years progressive experience in Cybersecurity technology development/engineering, with an emphasis on cybersecurity technology installations projects, administration, development, support, and related security tools/technology implementations; * Position requires a 4-year degree in Information Systems, Computer Science, Information Security or similar. An equivalent combination of education and experience will be considered; * For those not meeting the minimum education, additional work-related experience will be deemed equivalent; * CISSP or related certification is an advantage; * Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR [specifically Microsoft o365/E5], IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.; * Working knowledge and experience in the following areas: * Cloud computing security in Azure/Windows environments, security controls, security capabilities identification; * Experience in working on Microsoft products and can learn new systems quickly; * Experience with Nessus, Sentinel, Log Analytics, M365 Security stack, penetration testing, security patching, AppLocker, etc.; * Strong verbal and written communication skills required; * Must be able to handle multiple, simultaneous tasks effectively and efficiently while maintaining a professional, courteous manner; * Must be able to work well with others; * Must be detail oriented and organized; * High integrity, including maintenance of confidential information; * Must be able to exercise good judgement and positively influence others, including handling confrontations/conflict with poise and efficiency; * Focus on continuously improving skillset to meet security changes and challenges; * Based on business need, ability to work a flexible schedule, including some evenings and weekends as approved in advance or as required to support a security issue; * Regular and reliable attendance required.

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we're all a part of something bigger than ourselves. Are you ready to change the way the world moves? The Enterprise Cyber Security Cloud Security team is responsible for working with other security and cloud services teams to ensure alignment and collaboration in securing Ford's public cloud infrastructure. The teams work closely together to identify security gaps in the cloud environments and address them. The Cloud Security team is responsible for identifying, evaluating, and recommending cloud security tools and functions to enhance security around Ford's public cloud. The team is also responsible for developing and managing the following Security Services in Ford's public cloud environments: - Cloud Security Automation Development - GCP/Azure Security Compliance - GCP VPC Service Control - GCP Cloud Armor/ Azure WAF **What you'll do...** + Partner with other Cloud Security team members to identify and develop automation for security related workflows and audits (VPC SC, DLP, Exceptions, Org Policy, etc..). + Lead evaluation and develop an understanding of tools needed to address security gaps. + Lead/Collaborate with EPEO Services teams on security gap remediation. **You'll have...** + Bachelor's degree in Computer Science, Information Technology or related OR a combination of education and experience + 5+ years of scripting and automation experience + Proven experience in developing and implementing automation using scripting languages such as + Python, PowerShell, or Go, particularly for API integrations, security tool orchestration, and custom audit scripts. + Solid understanding and practical experience with Git and GitHub for version control, collaborative development, and security automation pipeline management. + Familiarity with CI/CD pipelines and automated deployment tools (e.g., Jenkins, Azure DevOps, GitHub Actions) to integrate security automation into the software development lifecycle. + Knowledge of Infrastructure-as-Code (IaC) principles and tools like Terraform. + Strong knowledge of security best practices and guidelines (at the enterprise-level) related to GCP and Azure Cloud deployments as well as common web application frameworks + Understand the functionality and secure usage of various GCP services: VPCs, IAM, security groups, compute engine, cloud storage, Security Command Center, VPC Service Control, Cloud DLP and Cloud Armor + Customer focused and strong team orientation + Self-starter and fast-learner + Strong communication and interpersonal skills + Strong problem solving and Analytical/Reasoning skills + Strong drive for results and ability to work independently + Demonstrated commitment to quality and project timing + Familiarity with the agile project planning process and use of Rally. + Document processes & procedures and developing other documentation. **Even better, you may have...** + Understand the functionality and secure usage of various Azure services: Virtual Machines, Virtual Networks, Azure Active Directory, App Services, Azure SQL Databases, Storage Accounts, Kubernetes, Containers, Key vaults. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including: - Immediate medical, dental, vision and prescription drug coverage - Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more - Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more - Vehicle discount program for employees and family members and management leases - Tuition assistance - Established and active employee resource groups - Paid time off for individual and team community service - A generous schedule of paid holidays, including the week between Christmas and New Year's Day - Paid time off and the option to purchase additional vacation time. For a detailed look at our benefits, click here: ******************************* This position is a range of salary grades 7-8. Visa sponsorship is not available for this position. SOUTHEAST MI RESIDENTS: This role is posted as remote unless you reside within 50 miles of Dearborn, MI-in which case we request on-site presence up to 4 days a week. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call **************. \#LI-Remote **Requisition ID** : 54783

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. **Required Skills:** Security Engineer - IR Threat Intelligence Responsibilities: 1. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 2. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 3. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 4. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems 5. Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions **Minimum Qualifications:** Minimum Qualifications: 6. 5+ years threat intelligence experience 7. Bachelor's degree or equivalent experience in Security 8. Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures 9. Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework 10. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 11. Proven track record of managing and executing on short term and long term projects 12. Ability to work with a team spanning multiple locations/time zones 13. Ability to prioritize and execute tasks with minimal direction or oversight 14. Ability to think critically and qualify assessments with solid communications skills 15. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 16. Experience close collaborating with incident responders on incident investigations 17. Familiarity with malware analysis or network traffic analysis 18. Familiarity with nation-state, sophisticated criminal, or supply chain threats 19. Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 20. Experience in one or more query languages such as SQL 21. Experience writing production code for threat intelligence tooling 22. Experience conducting large scale data analysis 23. Experience working across the broader security community **Public Compensation:** $154,000/year to $217,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

OUR MISSION We exist to create a more connected, compassionate, and confident experience for people with cancer and those who care for them. We make it easier to get answers, access high-quality care quickly, and feel supported throughout treatment and beyond. Today, Thyme Care is a market-leading value-based oncology care enabler, partnering with national and regional health plans, providers, and employers to deliver better outcomes and lower costs for thousands of people across the country. Our model combines high-touch human support with powerful technology and AI to bring together everyone involved in a person's cancer journey: caregivers, oncologists, health plans, and employers. As a tech-native organization, we believe technology should strengthen the human connection at the center of care. Through data science, automation, and AI, we simplify complexity, improve collaboration, and help care teams focus on what matters most: supporting people through cancer. Looking ahead, our vision is bold: to become a household name in cancer care, where every person diagnosed asks for Thyme Care by name. If you're inspired to make cancer care more human and to help reimagine what's possible, we'd love to meet you. Together, we can build a future where every person with cancer feels truly cared for, in every moment that matters. WHAT YOU'LL DO As a Senior Security Engineer, you strengthen Thyme Care's security posture across our platform and infrastructure. You work closely with our Platform engineering team, IT, and virtual CISO to identify risks, harden our architecture, and embed security by design across engineering. You balance hands-on technical execution with coaching engineers to build secure practices by default. Proactively identify and close gaps in cloud, network, and application security architecture Lead security reviews of code and infrastructure, conduct threat modeling and partner with Eng squads on secure-by-default design Configure, tune, and monitor key security tools (e.g., Nightfall, GuardDuty, endpoint agents) to surface actionable alerts Triage and approve incoming security-related requests (applications, packages, Chrome extensions) Own technical response during a live security incident - from triage and log analysis to containment - in partnership with CISO, Engineering, and IT Build additional and low-friction security automation into CI/CD pipelines (dependency checks, SAST/DAST, IaC scanning) Partner with engineers to establish best practices and elevate secure coding practices without slowing delivery WHAT YOU'VE DONE Experience in application and infrastructure security, ideally in a healthcare or regulated environment Expertise with cloud security (AWS), IAM, CI/CD pipelines, and core security tools Background in securing public-facing APIs, web apps, and data platforms Knowledge of security monitoring, alerting, and incident response practices Ability to triage and operationalize security requests with pragmatism and rigor Comfortability working in fast-paced, scaling environments where priorities shift quickly WHAT LEADS TO SUCCESS Act with our members in mind. You protect sensitive health data with urgency and care. Move with purpose. You take initiative, surface risks, and close them. Seek diverse perspectives. You collaborate with engineers, IT, and leadership, and know when to pull in external expertise. Technical ability. You bring confidence and depth to lead reviews and guide secure outcomes. Clear communication. You translate complex security concepts for technical and non-technical audiences. Calm under pressure. You take ownership during incidents and drive resolution. OUR VALUES At Thyme Care, our core values guide us in everything we do: Act with our members in mind, Move with purpose, and Seek diverse perspectives. They anchor our business decisions, including how we grow, the products we make, and the paths we choose-or don't choose. Our salary ranges are based on paying competitively for our size and industry, and are one part of the total compensation package that also includes equity, benefits, and other opportunities at Thyme Care. Individual pay decisions are based on several factors, including qualifications, experience level, skillset, and balancing internal equity relative to other Thyme Care employees. The base salary for this role is $175,500 to $195,000. The salary range could be lower or higher than this if the role is hired at another level. We recognize a history of inequality in healthcare. We're here to challenge the status quo and create a culture of inclusion through the care we give and the company we build. We embrace and celebrate a diversity of perspectives in reflection of our members and the members we serve. We are an equal-opportunity employer. Be cautious of recruitment fraud , and always confirm that communications are coming from an official Thyme Care email.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************