Cyber security analyst jobs in North Highlands, CA - 37 jobs

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actionable insights by quantifying IT and business risk to increase resilience while driving a security culture. Reporting to the Senior Manager, in this role, we are seeking a highly experienced and strategic individual contributor to lead the development, implementation, and governance of our enterprise-wide Business Continuity and Disaster Recovery (BC/DR) program. This role will be responsible for ensuring organizational resilience through effective planning, risk assessment, and coordination across business units and technology teams. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years of prior relevant experience Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience is a plus Experience partnering with all levels of management required Driven, energetic, team player with superior oral and written communication skills Proven track record of leading enterprise BC/DR programs in complex environments Requires deep understanding of BC/DR frameworks, methodologies, and technologies. Strong analytical, organizational, and project management skills. Ability to work independently and influence cross-functional teams. Desire one or more of the following: CBCP (Certified Business Continuity Planning Professional)- highly desired, CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) Your Work In this role, you will: Program Development & Governance Design and implement a comprehensive Business Continuity (BC)/Disaster Recovery (DR) framework aligned with industry standards (e.g., ISO 22301, NIST SP 800-34), including an incident command center. Establish governance structures, policies, and procedures to support BC/DR initiatives. Develop and maintain BC/DR program documentation, including charters, plans, and metrics Establish and implement critical technology to support management of plans and alerts for enterprise Risk Assessment & Impact Analysis Conduct Business Impact Analyses (BIAs) and risk assessments to identify critical business functions and dependencies. Collaborate with stakeholders to define Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). Plan Development & Maintenance Lead the creation and maintenance of Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) across departments. Ensure plans are updated regularly to reflect changes in business operations, technology, and risk landscape across departments. Develop and implement an incident command center, includes but not limited to, defining playbooks, critical roles and responsibilities, plan and roadmap. Testing & Exercises Design and execute BC/DR testing strategies, including tabletop exercises, failover tests, and full-scale simulations. Analyze test results and drive continuous improvement initiatives. Identify and assign high risk findings to be addressed by owners Audit & Compliance Ensure compliance with regulatory requirements, association mandates, and internal audit standards. Prepare and present reports to senior leadership and auditors. Vendor & Third-Party Coordination Assess and coordinate with third-party BC/DR capabilities and ensure alignment with organizational standards.

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actional insights by quantifying IT and business risk to increase resilience while driving a security culture. We are seeking an Information Security Risk & Governance Specialist who will report to the Senior Manager. The successful candidate will be a highly experienced and proactive professional to lead regulatory compliance initiatives across the organization, with a focus on healthcare and technology-related standards. This senior individual contributor will be responsible for overseeing assessments and audits related to HIPAA, PCI-DSS, SOC 2, and other applicable frameworks, ensuring the organization maintains a strong security posture and meets all regulatory obligations. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years of prior relevant experience Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience a plus Experience partnering with all levels of management required Driven, energetic, team player with superior oral and written communication skills Strong analytical, organizational, and project management skills. Requires deep understanding of IT control frameworks; Artificial Intelligence Risk Management Framework is strongly preferred Desire one or more of the following: CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) Your Work In this role, you will: Regulatory Program Leadership Serve as the primary point of contact for external audits, assessments, and regulatory inquiries. Develop and maintain compliance documentation, including policies, procedures, control matrices, and evidence repositories. Build plan and lead required assessments to comply with mandates and certifications (HIPAA, PCI DSS, SOC II, Type 2, etc.). Assessment & Audit Management Conduct internal gap analyses and risk assessments to identify areas of non-compliance or control weaknesses. Track and report on audit findings, remediation efforts, and compliance status to senior leadership. Cross-Functional Collaboration Partner with teams across the enterprise to ensure alignment with regulatory requirements and enterprise risk objectives. Provide subject matter expertise during product development, vendor onboarding, and system implementations to ensure compliance is embedded in processes. Policy & Control Frameworks Partner to maintain and enhance internal control frameworks aligned with regulatory standards and industry best practices (e.g., NIST, HITRUST, ISO 27001). Partner to ensure policies and procedures are up-to-date and reflect current regulatory expectations and organizational practices. Monitoring & Reporting Implement continuous monitoring processes for key compliance controls, findings and mitigation plans. Prepare and present compliance metrics, dashboards, and executive summaries to leadership and governance committees.

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actional insights by quantifying IT and business risk to increase resilience while driving a security culture. We are seeking an Information Security Risk & Governance Specialist who will report to the Senior Manager. The successful candidate will be a highly experienced and proactive professional to lead regulatory compliance initiatives across the organization, with a focus on healthcare and technology-related standards. This senior individual contributor will be responsible for overseeing assessments and audits related to HIPAA, PCI-DSS, SOC 2, and other applicable frameworks, ensuring the organization maintains a strong security posture and meets all regulatory obligations. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Integrated Resources, Inc., is led by a seasoned team with combined decades in the industry. We deliver strategic workforce solutions that help you manage your talent and business more efficiently and effectively. Since launching in 1996, IRI has attracted, assembled and retained key employees who are experts in their fields. This has helped us expand into new sectors and steadily grow. We've stayed true to our focus of finding qualified and experienced professionals in our specialty areas. Our partner-employers know that they can rely on us to find the right match between their needs and the abilities of our top-tier candidates. By continually exceeding their expectations, we have built successful ongoing partnerships that help us stay true to our commitments of performance and integrity. Our team works hard to deliver a tailored approach for each and every client, critical in matching the right employers with the right candidates. We forge partnerships that are meant for the long term and align skills and cultures. At IRI, we know that our success is directly tied to our clients' success. Job Description Hi, Hope you are doing well, I am sending you below job open with one of my direct client, Send me your most updated copy of your resume in word document ASAP Position: Security Engineer Location: Sacramento CA Duration 1 Year + Start Date : 15th April 2016 Basic Qualifications (minimum 2 years' experience) • Modern security, monitoring, and logging practices for system administration • Modern continuous monitoring tools • Experience with OAuth 2.0, Identity Management systems, and API authorization methods • Experience with code quality tools, especially pertaining to code security vulnerabilities • Experience with network level and application level security threats (i.e., SQL injection, DDOS, man in the middle attacks, etc.) Nice to Have Skills (minimum 2 years' experience): • Experience working with NIST 800-53 controls • Experience working with IBM Main Frame permissions (i.e. RACF) Additional Information Thanks nagesh 732-429-1641

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Pacific Coast Producers | Full-Time | On-Site | Exempt Salary Range: $110,000-$140,000/year (based on experience) Pacific Coast Producers (PCP) , a growing agricultural cooperative with food production facilities across the West Coast, is seeking a talented and innovative OT/ICS Security Engineer to join our team in Woodland, CA . PCP is dedicated to investing in its people and fostering a culture of service, where each employee can do their best to make affordable, high-quality food for customers across North America. We are seeking a highly skilled OT/ICS Security Engineer enhance the security posture of our Operational Technology (OT) and Industrial Control Systems (ICS) environments. This role is critical in ensuring the integrity, availability, and confidentiality of industrial networks, protecting critical infrastructure, and implementing robust cybersecurity strategies tailored to the unique needs of our industrial environments. Primary Duties & Responsibilities: This is a hands-on role that involves administering and implementing solutions, planning strategically, and resolving issues as they arise-all while maintaining sensitivity to plant and distribution center operations. Implement and Support OT/ICS security strategies that align with business goals and meet industry standards and regulatory requirements. Conduct risk assessments, manage vulnerabilities, and conduct security audits across operational technology systems. Collaborate with engineering, IT, and operations teams to integrate cybersecurity best practices into servers, PCs, SCADA, DCS, PLCs, and other industrial control systems. Monitor for cybersecurity threats, incidents, and anomalies impacting industrial assets, and coordinate appropriate response actions. Maintain OT security policies, procedures, and training programs to build awareness and strengthen security practices. Work closely with the CIO/CISO, VP of Operations, and Director of Engineering-teamwork and collaboration are critical to success in this role. Review existing architectures, identify security gaps, and recommend prioritized improvements with a risk-aware approach. Partner with external vendors and consultants to evaluate and implement new security technologies and solutions. Ensure security initiatives align with frameworks such as NIST CSF, ISA/IEC 62443, CIS Controls, and MITRE ATT&CK for ICS. Participate in incident response efforts for OT-related breaches, including forensic investigations and corrective action planning. Collaborate cross-functionally to audit and test networks, servers, and OT/ICS equipment to ensure system integrity and security Qualified candidates must have the following experience, education and skills: Bachelor's degree in Cybersecurity, Computer Science, Industrial Engineering, or a related field. 2+ years of cybersecurity experience, with at least 1 year specifically focused on OT/ICS environments. Strong networking background. Knowledge of SCADA, PLCs, DCS, HMIs, IIoT, and industrial network protocols such as Modbus, DNP3, OPC-UA, and BACnet. Some Hands-on experience with firewalls, IDS/IPS, network segmentation, and endpoint protection in OT environments. Strong analytical skills in threat detection, vulnerability management, and incident response. Excellent communication skills, with the ability to collaborate effectively with both technical and non-technical teams. Preferred Qualifications: Familiarity with risk management methodologies and compliance standards such as NERC CIP, ISO 27001, GDPR, and CISA guidelines . While not required, the following certifications are considered a plus: CISSP, GICSP, GRID, CISM, ISA/IEC 62443 Expert . The ability to strategize, document, and implement business continuity and disaster recovery. Salary Range $110,000-$140,000 per year; candidate will be paid based on their work experience and skills. This is a full-time , on-site role based at our Production Facility in Woodland, CA. Occasional travel to our other locations in California and Oregon will be required; frequency may vary based on business needs. The base salary range reflects the reasonable expectation for what the company anticipates paying for this role at the time of posting. The actual salary offered will depend on factors including, but not limited to: Relevant skills, education, and experience Job-related qualifications and certifications Internal pay equity Market conditions and business needs Why Join PCP? At PCP, we take care of our people. Here are just a few of the benefits full-time employees enjoy: Competitive pay with opportunities for advancement. This position is eligible for our annual profit-sharing bonus program. Medical, dental, and vision coverage for you and your family, starting the first of the month after you join us. Retirement plans to support your long-term security. Paid time off including vacation, holidays, parental leave, sick leave, and bereavement. Life and disability insurance plus an Employee Assistance Program. Development opportunities through online courses, classroom training, and on-the-job growth. The stability of a farmer-owned cooperative with more than 50 years of success. A mission-driven culture focused on feeding families across North America . If you are enthusiastic about securing industrial environments and ready to take on a leadership role in OT/ICS cybersecurity , we encourage you to apply and be part of our mission in safeguarding critical infrastructure. Sponsorship : This role is not eligible for current or future visa sponsorship. About PCP Summary Pacific Coast Producers, a cooperative owned by more than 165 family farmers who cultivate and transport diverse produce like tomatoes, peaches, pears, grapes, cherries, and others, was founded in 1971. The company operates processing and packaging facilities in California and Oregon and has a workforce of over 3,000 employees. PCP is committed to delivering top-quality products to customers in all channels of trade, such as foodservice distributors and grocery retailers throughout the United States and Canada. Our facility is located in Woodland, CA, a charming city in Yolo County, known for its rich agricultural history and small-town charm. With a historic downtown area, a thriving arts scene, and close proximity to Sacramento, Woodland offers a unique blend of rural and urban living. Additionally, the city has a strong economy and a growing business community, making it an ideal place to work and grow your career. AA/EEO Policy Statement Pacific Coast Producers is an affirmative action and equal opportunity employer. No employee or applicant will be discriminated against in any condition of employment because of race, color, national origin, sex, religion, age, disability, veteran status, or any other status protected by law.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Introduction This examination is being given to fill one vacancy in the Information Systems Department and to establish an eligible list which may be used to fill future vacancies. Resumes will not be accepted in lieu of an application. A completed application must be postmarked or received online by the final filing deadline. NOTE: All correspondences relating to this recruitment will be delivered via e-mail. The e-mail account used will be the one provided on your employment application during time of submittal. Please be sure to check your e-mail often for updates. If you do not have an e-mail account on file, Human Resources will send you correspondences via US Mail. DEFINITION Under direction, performs specialized and advanced professional computer and related systems support work within the Information Systems Division; troubleshoots, analyzes and resolves difficult systems and applications hardware and software problems; and performs other related work as required in accordance with Rule 3, Section 3 of the Civil Service Rules. CLASS CHARACTERISTICS This is the advanced journey level class in the Information Systems Analyst series. Incumbents perform work of a professional nature, utilizing skills that require an advanced understanding of complex analytical procedures and processes while working with a significant amount of independent authority and judgment. As assigned, some positions may exercise technical supervision over lower level staff; however, these supervisory duties are ancillary in nature and are not considered to be the primary purpose of the class. The program assignment will determine the emphasis of an incumbent's duties as described below. This class is distinguished from the Information Systems Analyst II level by it's requirement for specialized, functional or technical expertise beyond the journey level. Incumbents perform the more difficult and responsible types of duties assigned to classes within the series including systems analysis, development and direct client/maintenance support to large and complex systems and applications. This class is distinguished from the Information Systems Analyst IV in that the latter provides highly advanced systems analysis, design and development support to one or more departments with highly complex systems and programs. Incumbents at the Information Systems Analyst IV level may also serve in the capacity of database administrator or as a project lead on a component of assigned information systems projects. TYPICAL DUTIES * Performs professional level specialized and complex duties to support information technology systems in assigned area; areas of responsibility include the analysis, evaluation, design, programming, development, testing, implementation, documentation and maintenance of large and complex systems, networks, programs and applications across multiple platforms and technologies. * Designs and develops components of current or new systems; serves on assigned projects for large and complex systems; in conjunction with project team members, analyzes user requirements and recommends technology solution; reviews and evaluates current and third party systems and applications; determines method of integrating new programming code into existing programs to meet user needs; develops data flow diagrams and other systems documentation; creates program specifications; designs data structures, screens, file structures, reports, forms, and menus; develops optimum system configurations; locates and downloads existing system data; develops and implements testing plan; performs quality assurance duties; determines whether new program meets the client's business and technology requirements; recommends changes as needed. * Serves as resource and provides highly specialized support to maintaining existing systems; assesses, reviews and conducts research on system operational problems and functionality; provides technical solutions to client on alternative systems or applications. * Performs a variety of complex analytical duties in planning, developing, installing, implementing, integrating, testing and evaluating the County's local and wide area networks; installs, configures and manages servers; coordinates the installation and maintenance of computers, circuits, data communications equipment, printers and other peripheral equipment. * Investigates, analyzes and resolves network-related problems; resolves compatibility problems; troubleshoots network failures, router problems and telecommunications problems; recommends and implements changes and improvements. * Monitors network security and performance; identifies unauthorized access and potential security risks; measures volume and performance of network traffic; identifies utilization and performance issues; recommends improvements to security and network performance. * Develops, implements and maintains the County's Internet and Intranet sites; recommends design and layouts; writes code; creates database connections; develops written technical procedures; implements interactive website components; provides Internet training for County staff. * Performs technical writing duties in the development and production of system documentation, instructional and procedural manuals. * Identifies training issues and coordinates training sessions for client users on assigned systems or applications; develops training schedule; designs training manuals; conducts training sessions. * Attends and participates in professional group meetings; stays abreast of new trends and innovations in the field of information technology. * May exercise technical supervision over lower level staff; assists in selecting, training, motivating and evaluating assigned staff; provides or coordinates staff training; works with employees to correct deficiencies. MINIMUM QUALIFICATIONS Note: The following special requirements were approved by the Director of Human Resources on May 19, 2025. Education: Graduation from an accredited four-year college or university with a major in computer science, information systems, mathematics, business administration or a related field. Experience: Two years of increasingly responsible professional, cybersecurity analytical and related systems work in an information systems environment. Substitution #1: Possession of an approved information systems technology certificate, or completion of an approved information systems training course may substitute for all or part of the above required education. A list of approved certificates and/or courses shall be maintained within the Human Resources Department. Substitution #2: Additional qualifying experience may substitute for the above required education on a year-for-year basis to a maximum of two years. Special Requirement: The above required experience and any certification used to qualify under substitution pattern #1, may need to be within the assigned specialist or functional area. KNOWLEDGE Operations, services and activities of a comprehensive information systems program across multiple operating platforms; advanced principles and practices of computer science and information systems; methods and techniques of highly complex system analysis, design and development; advanced methods and techniques of system hardware and software troubleshooting and installation; advanced principles and practices of structured programming; operational characteristics of systems hardware and software across multiple environments; methods and techniques of evaluating business operations to develop technology solutions; principles and procedures of quality assurance; methods and techniques of developing testing procedures; methods and techniques of designing, implementing and maintaining internet and intranet web sites; operations, services and activities of local and wide area network design, development, security and administration; local and wide area network protocols, routing techniques and installation methods; methods and techniques of installing and maintaining and administering network servers, hardware and software; pertinent Federal, State and local codes, laws and regulations. ABILITY Provide advanced level technical support for system analysis, implementation and maintenance; detect, isolate and resolve complex information system problems; recommend, design, implement and install systems and programs; independently perform complex systems and applications programming and analysis duties; design, configure, install and test local and wide area network servers, hardware, software, routers and associated components; analyze procedures and data to develop logical solutions to complex systems problems; troubleshoot and analyze complex local and wide area network operating system or hardware and software problems; learn to analyze and assess the technological needs of departments with large and highly complex systems; learn operations and characteristics of database management systems, tools and utilities; learn and apply concepts and principles of database management and administration; learn principles, practices, methods and techniques of serving as project lead on assigned information systems projects; communicate clearly and concisely, both orally and in writing; establish and maintain effective working relationships with those contacted in the course of work. PHYSICAL/MENTAL REQUIREMENTS Mobility - Frequent use of keyboards; frequent sitting, standing or walking for long periods; occasional pushing/pulling, bending, squatting and crawling; driving. Lifting - frequently 5-30 pounds; occasionally 70 pounds or less. Vision - constant use of good overall vision; frequent reading/close-up work; occasional color, depth and peripheral vision. Dexterity - frequent repetitive motion; frequent writing; frequent grasping, holding, reaching. Hearing/Talking - frequent talking/hearing in person and on the telephone. Emotional/Psychological - frequent decision making and concentration; frequent public contact; occasional working alone, working nights and traveling. Environmental - frequent exposure to noise. San Joaquin County complies with the Americans with Disabilities Act and, upon request, will consider reasonable accommodations to enable individuals with disabilities to perform essential job functions. Equal Opportunity Employer San Joaquin County is an Equal Employment Opportunity (EEO) Employer and is committed to providing equal employment to all without regard to age, ancestry, color, creed, marital status, medical condition, national origin, physical or mental disability, political affiliation or belief, pregnancy, race, religion, sex, or sexual orientation. For more information go to Equal Employment Opportunity Division (sjgov.org). Accommodations for those covered by the Americans with Disabilities Act (ADA): San Joaquin County complies with the Americans with Disabilities Act and, upon request, will consider reasonable accommodations to enable individuals with disabilities to perform essential job functions. BENEFITS Employees hired into this classification are members of a bargaining unit which is represented by SEIU Local 1021. Health Insurance: San Joaquin County provides employees with a choice of three health plans: a Kaiser Plan, a Select Plan, and a Premier Plan. Employees pay a portion of the cost of the premium. Dependent coverage is also available. Dental Insurance: The County provides employees with a choice of two dental plans: Delta Dental and United Health Care-Select Managed Care Direct Compensation Plan. There is no cost for employee only coverage in either plan; dependent coverage is available at the employee's expense. Vision Insurance: The County provides vision coverage through Vision Service Plan (VSP). There is no cost for employee only coverage; dependent coverage is available at the employee's expense. For more detailed information on the County's benefits program, visit our website at ************* under Human Resources/Employee Benefits. Life Insurance: The County provides eligible employees with life insurance coverage as follows: 1 but less than 3 years of continuous service: $1,000 3 but less than 5 years of continuous service: $3,000 5 but less than 10 years of continuous service: $5,000 10 years of continuous service or more: $10,000 Employee may purchase additional term life insurance at the group rate. 125 Flexible Benefits Plan: This is a voluntary program that allows employees to use pre-tax dollars to pay for health-related expenses that are not paid by a medical, dental or vision plan (Health Flexible Spending Account $2550 annual limit with a $500 carry over); and dependent care costs (Dependent Care Assistance Plan $5000 annual limit). Retirement Plan: Employees of the County are covered by the County Retirement Law of 1937. Please visit the San Joaquin County Employees' Retirement Association (SJCERA) at ************** for more information. NOTE: If you are receiving a retirement allowance from another California county covered by the County Employees' Retirement Act of 1937 or from any governmental agency covered by the California Public Employees' Retirement System (PERS), you are advised to contact the Retirement Officer of the Retirement Plan from which you retired to determine what effect employment in San Joaquin County would have on your retirement allowance. Deferred Compensation: The County maintains a deferred compensation plan under Section 457 of the IRS code. You may annually contribute $22,500 or 100% of your includible compensation, whichever is less. Individuals age 50 or older may contribute to their plan, up to $30,000. The Roth IRA (after tax) is also now available. Vacation: Maximum earned vacation is 10 days each year up to 3 years; 15 days after 3 years; 20 days after 10 years; and 23 days after 20 years. Holidays: Effective July 1, 2017, all civil service status employees earn 14 paid holidays each year. Please see the appopriate MOU for details regarding holidays, accruals, use, and cashability of accrued time. Sick Leave: 12 working days of sick leave annually with unlimited accumulation. Sick leave incentive: An employee is eligible to receive eight hours administrative leave if the leave balance equals at least one- half of the cumulative amount that the employee is eligible to accrue. The employee must also be on payroll during the entire calendar year. Bereavement Leave: 3 days of paid leave for the death of qualifying family member, 2 additional days of accrued leave for death of employee's spouse, domestic partner, parent or child. Merit Salary Increase: New employees will receive the starting salary, which is the first step of the salary range. After employees serve 52 weeks (2080 hours) on each step of the range, they are eligible for a merit increase to the next step. Job Sharing: Employees may agree to job-share a position, subject to approval by a Department Head and the Director of Human Resources. Educational Reimbursement Program: Eligible employees may be reimbursed for career-related course work up to a maximum of $850 per fiscal year. Eligible employees enrolled in an approved four (4) year College or University academic program may be reimbursed up to $800 per semester for a maximum of $1600 per fiscal year. Parking Supplemental Downtown Stockton: The County contributes up to $20 per pay period for employees who pay for parking and are assigned to work in the Downtown Core Area. School Activities: Employees may take up to 40 hours per year, but not more than eight (8) hours per month, to participate in their children's school activities. Selection Procedures Applicants who meet the minimum qualifications will go through the following examination process: * Written Exam: The civil service written exam is a multiple choice format. If the written exam is administered alone, it will be 100% of the overall score. Candidates must achieve a minimum rating of 70% in order to be placed on the eligible list. * Oral Exam: The oral exam is a structured interview process that will assess the candidate's education, training, and experience and may include a practical exercise. The oral exam selection process is not a hiring interview. A panel of up to four people will determine the candidate's score and rank for placement on the eligible list. Top candidates from the eligible list are referred for hiring interviews. If the oral exam is administered alone, it will be 100% of the overall score. Candidates must achieve a minimum rating of 70% in order to be placed on the eligible list. * Written & Oral Exam: If both a written exam and an oral exam is administered, the written exam is weighted at 60% and the oral exam is weighted at 40% unless otherwise indicated on the announcement. Candidates must achieve a minimum rating of 70% on each examination in order to be placed on the eligible list. * Rate-out: A rate-out is an examination that involves a paper rating of the candidate's application using the following criteria: education, training, and experience. Candidates will not be scheduled for the rate-out process. Note: The rating of 70 referred to may be the same or other than an arithmetic 70% of the total possible points. Testing Accommodation: Candidates who require testing accommodation under the Americans with Disabilities Act (ADA) must call Human Resources Division at ************** prior to the examination date. Veteran's Points: Eligible veterans, unmarried widows and widowers of veterans of the United States Armed Forces who have been honorably discharged and who have served during wartime shall be given veteran's points in initial appointment to County service. Eligible veterans receive 5 points and eligible disabled veterans receive 10 points. Disabled veterans must submit a recent award letter stating a 10% service connected disability issued by the United States Veterans Administration. Note: A copy of your DD214 showing the discharge type must be received in the Human Resources by the date of the examination. Acceptable wartime service dates: * September 16, 1940 to December 31, 1946 * June 27, 1950 to January 31, 1955 * August 5, 1964 to May 7, 1975 * Persian Gulf War, August 2, 1990, through a date to be set by law or Presidential Proclamation. Eligible Lists: Candidates who pass the examination will be placed on an eligible list for that classification. Eligible lists are effective for nine months, but may be extended by the Human Resources Director for a period which shall not exceed a total of three years from the date established. Certification/Referral: Names from the eligible list will be referred to the hiring department by the following methods. * Rule of the Rank: The top rank or ranks of eligibles will be referred for hiring interviews. The minimum number of names to be referred will be equal to the number of positions plus nine, or 10% of the eligible list, whichever is higher. When filling nine or more positions in a department at the same time, the top rank or ranks will be referred and the minimum number of names shall be two times the number of positions to be filled or 10% of the eligible list, whichever is higher. This applies only to open competitive recruitments. * Rule of Five: The top five names will be referred for hiring interviews. This applies only to department or countywide promotional examination. * Rule of the List: For classifications designated by the Director of Human Resources, the entire eligible list will be referred to the department. Physical Exam: Some classifications require physical examinations. Final appointment cannot be made until the eligible has passed the physical examination. The County pays for physical examinations administered in its medical facilities. Pre-Employment Drug Screening Exam: Some classifications require a new employee successfully pass a pre-employment drug screen as a condition of employment. Final appointment cannot be made until the eligible has passed the drug screen. The County pays for the initial drug screen. Employment of Relatives: Applicants who are relatives of employees in a department within the 3rd degree of relationship, (parent, child, grand parent, grand child or sibling) either by blood or marriage, may not be appointed, promoted, transferred into or within the department when; * They are related to the Appointing Authority or * The employment would result in one of them supervising the work of the other. Department Head may establish additional limitations on the hiring of relatives by departmental rule. Proof of Eligibility: If you are offered a job you will be required to provide proof of U.S. citizenship or other documents that establish your eligibility to be employed in the U.S. HOW TO APPLY Apply Online: *************/department/hr By mail or in person: San Joaquin County Human Resources 44 N. San Joaquin Street Suite 330 Stockton, CA 95202 Office hours: Monday - Friday 8:00 am to 5:00 pm; excluding holidays. Phone: ************** Job Line: For current employment opportunities please call our 24-hour job line at **************. When a final filing date is indicated, applications must be filed with the Human Resources Division before 5:00 p.m. or postmarked by the final filing date. Resumes will not be accepted in lieu of an application. Applications sent through county inter-office mail, which are not received by the final filing date, will not be accepted. (The County assumes no responsibility for mailed applications which are not received by the Human Resources Division). San Joaquin County Substance Abuse Policy: San Joaquin County has adopted a Substance Abuse Policy in compliance with the Federal Drug Free Workplace Act of 1988. This policy is enforced by all San Joaquin County Departments and applies to all San Joaquin County employees. Equal Opportunity Employer: San Joaquin County is an Equal Employment Opportunity (EEO) Employer and is committed to providing equal employment to all without regard to age, ancestry, color, creed, marital status, medical condition, national origin, physical or mental disability, political affiliation or belief, pregnancy, race, religion, sex, or sexual orientation. For more information go to *************/department/hr/eeo. Click on a link below to apply for this position:

Introduction This examination is being given to fill one vacancy in the Information Systems Department and to establish an eligible list which may be used to fill future vacancies. Resumes will not be accepted in lieu of an application. A completed application must be postmarked or received online by the final filing deadline. NOTE: All correspondences relating to this recruitment will be delivered via e-mail. The e-mail account used will be the one provided on your employment application during time of submittal. Please be sure to check your e-mail often for updates. If you do not have an e-mail account on file, Human Resources will send you correspondences via US Mail. DEFINITION Under direction, performs specialized and advanced professional computer and related systems support work within the Information Systems Division; troubleshoots, analyzes and resolves difficult systems and applications hardware and software problems; and performs other related work as required in accordance with Rule 3, Section 3 of the Civil Service Rules. CLASS CHARACTERISTICS This is the advanced journey level class in the Information Systems Analyst series. Incumbents perform work of a professional nature, utilizing skills that require an advanced understanding of complex analytical procedures and processes while working with a significant amount of independent authority and judgment. As assigned, some positions may exercise technical supervision over lower level staff; however, these supervisory duties are ancillary in nature and are not considered to be the primary purpose of the class. The program assignment will determine the emphasis of an incumbent's duties as described below. This class is distinguished from the Information Systems Analyst II level by it's requirement for specialized, functional or technical expertise beyond the journey level. Incumbents perform the more difficult and responsible types of duties assigned to classes within the series including systems analysis, development and direct client/maintenance support to large and complex systems and applications. This class is distinguished from the Information Systems Analyst IV in that the latter provides highly advanced systems analysis, design and development support to one or more departments with highly complex systems and programs. Incumbents at the Information Systems Analyst IV level may also serve in the capacity of database administrator or as a project lead on a component of assigned information systems projects. TYPICAL DUTIES Performs professional level specialized and complex duties to support information technology systems in assigned area; areas of responsibility include the analysis, evaluation, design, programming, development, testing, implementation, documentation and maintenance of large and complex systems, networks, programs and applications across multiple platforms and technologies. Designs and develops components of current or new systems; serves on assigned projects for large and complex systems; in conjunction with project team members, analyzes user requirements and recommends technology solution; reviews and evaluates current and third party systems and applications; determines method of integrating new programming code into existing programs to meet user needs; develops data flow diagrams and other systems documentation; creates program specifications; designs data structures, screens, file structures, reports, forms, and menus; develops optimum system configurations; locates and downloads existing system data; develops and implements testing plan; performs quality assurance duties; determines whether new program meets the client's business and technology requirements; recommends changes as needed. Serves as resource and provides highly specialized support to maintaining existing systems; assesses, reviews and conducts research on system operational problems and functionality; provides technical solutions to client on alternative systems or applications. Performs a variety of complex analytical duties in planning, developing, installing, implementing, integrating, testing and evaluating the County's local and wide area networks; installs, configures and manages servers; coordinates the installation and maintenance of computers, circuits, data communications equipment, printers and other peripheral equipment. Investigates, analyzes and resolves network-related problems; resolves compatibility problems; troubleshoots network failures, router problems and telecommunications problems; recommends and implements changes and improvements. Monitors network security and performance; identifies unauthorized access and potential security risks; measures volume and performance of network traffic; identifies utilization and performance issues; recommends improvements to security and network performance. Develops, implements and maintains the County's Internet and Intranet sites; recommends design and layouts; writes code; creates database connections; develops written technical procedures; implements interactive website components; provides Internet training for County staff. Performs technical writing duties in the development and production of system documentation, instructional and procedural manuals. Identifies training issues and coordinates training sessions for client users on assigned systems or applications; develops training schedule; designs training manuals; conducts training sessions. Attends and participates in professional group meetings; stays abreast of new trends and innovations in the field of information technology. May exercise technical supervision over lower level staff; assists in selecting, training, motivating and evaluating assigned staff; provides or coordinates staff training; works with employees to correct deficiencies. MINIMUM QUALIFICATIONS Note: The following special requirements were approved by the Director of Human Resources on May 19, 2025. Education: Graduation from an accredited four-year college or university with a major in computer science, information systems, mathematics, business administration or a related field. Experience: Two years of increasingly responsible professional, cybersecurity analytical and related systems work in an information systems environment. Substitution #1: Possession of an approved information systems technology certificate, or completion of an approved information systems training course may substitute for all or part of the above required education. A list of approved certificates and/or courses shall be maintained within the Human Resources Department. Substitution #2: Additional qualifying experience may substitute for the above required education on a year-for-year basis to a maximum of two years. Special Requirement: The above required experience and any certification used to qualify under substitution pattern #1, may need to be within the assigned specialist or functional area. KNOWLEDGE Operations, services and activities of a comprehensive information systems program across multiple operating platforms; advanced principles and practices of computer science and information systems; methods and techniques of highly complex system analysis, design and development; advanced methods and techniques of system hardware and software troubleshooting and installation; advanced principles and practices of structured programming; operational characteristics of systems hardware and software across multiple environments; methods and techniques of evaluating business operations to develop technology solutions; principles and procedures of quality assurance; methods and techniques of developing testing procedures; methods and techniques of designing, implementing and maintaining internet and intranet web sites; operations, services and activities of local and wide area network design, development, security and administration; local and wide area network protocols, routing techniques and installation methods; methods and techniques of installing and maintaining and administering network servers, hardware and software; pertinent Federal, State and local codes, laws and regulations. ABILITY Provide advanced level technical support for system analysis, implementation and maintenance; detect, isolate and resolve complex information system problems; recommend, design, implement and install systems and programs; independently perform complex systems and applications programming and analysis duties; design, configure, install and test local and wide area network servers, hardware, software, routers and associated components; analyze procedures and data to develop logical solutions to complex systems problems; troubleshoot and analyze complex local and wide area network operating system or hardware and software problems; learn to analyze and assess the technological needs of departments with large and highly complex systems; learn operations and characteristics of database management systems, tools and utilities; learn and apply concepts and principles of database management and administration; learn principles, practices, methods and techniques of serving as project lead on assigned information systems projects; communicate clearly and concisely, both orally and in writing; establish and maintain effective working relationships with those contacted in the course of work. PHYSICAL/MENTAL REQUIREMENTS Mobility - Frequent use of keyboards; frequent sitting, standing or walking for long periods; occasional pushing/pulling, bending, squatting and crawling; driving. Lifting - frequently 5-30 pounds; occasionally 70 pounds or less. Vision - constant use of good overall vision; frequent reading/close-up work; occasional color, depth and peripheral vision. Dexterity - frequent repetitive motion; frequent writing; frequent grasping, holding, reaching. Hearing/Talking - frequent talking/hearing in person and on the telephone. Emotional/Psychological - frequent decision making and concentration; frequent public contact; occasional working alone, working nights and traveling. Environmental - frequent exposure to noise. San Joaquin County complies with the Americans with Disabilities Act and, upon request, will consider reasonable accommodations to enable individuals with disabilities to perform essential job functions. Equal Opportunity Employer San Joaquin County is an Equal Employment Opportunity (EEO) Employer and is committed to providing equal employment to all without regard to age, ancestry, color, creed, marital status, medical condition, national origin, physical or mental disability, political affiliation or belief, pregnancy, race, religion, sex, or sexual orientation. For more information go to Equal Employment Opportunity Division (sjgov.org). Accommodations for those covered by the Americans with Disabilities Act (ADA): San Joaquin County complies with the Americans with Disabilities Act and, upon request, will consider reasonable accommodations to enable individuals with disabilities to perform essential job functions. BENEFITS Employees hired into this classification are members of a bargaining unit which is represented by SEIU Local 1021. Health Insurance: San Joaquin County provides employees with a choice of three health plans: a Kaiser Plan, a Select Plan, and a Premier Plan. Employees pay a portion of the cost of the premium. Dependent coverage is also available. Dental Insurance: The County provides employees with a choice of two dental plans: Delta Dental and United Health Care-Select Managed Care Direct Compensation Plan. There is no cost for employee only coverage in either plan; dependent coverage is available at the employee's expense. Vision Insurance: The County provides vision coverage through Vision Service Plan (VSP). There is no cost for employee only coverage; dependent coverage is available at the employee's expense. For more detailed information on the County's benefits program, visit our website at ************* under Human Resources/Employee Benefits. Life Insurance: The County provides eligible employees with life insurance coverage as follows: 1 but less than 3 years of continuous service: $1,000 3 but less than 5 years of continuous service: $3,000 5 but less than 10 years of continuous service: $5,000 10 years of continuous service or more: $10,000 Employee may purchase additional term life insurance at the group rate. 125 Flexible Benefits Plan: This is a voluntary program that allows employees to use pre-tax dollars to pay for health-related expenses that are not paid by a medical, dental or vision plan (Health Flexible Spending Account $2550 annual limit with a $500 carry over); and dependent care costs (Dependent Care Assistance Plan $5000 annual limit). Retirement Plan: Employees of the County are covered by the County Retirement Law of 1937. Please visit the San Joaquin County Employees' Retirement Association (SJCERA) at ************** for more information. NOTE: If you are receiving a retirement allowance from another California county covered by the County Employees' Retirement Act of 1937 or from any governmental agency covered by the California Public Employees' Retirement System (PERS), you are advised to contact the Retirement Officer of the Retirement Plan from which you retired to determine what effect employment in San Joaquin County would have on your retirement allowance. Deferred Compensation: The County maintains a deferred compensation plan under Section 457 of the IRS code. You may annually contribute $22,500 or 100% of your includible compensation, whichever is less. Individuals age 50 or older may contribute to their plan, up to $30,000. The Roth IRA (after tax) is also now available. Vacation: Maximum earned vacation is 10 days each year up to 3 years; 15 days after 3 years; 20 days after 10 years; and 23 days after 20 years. Holidays: Effective July 1, 2017, all civil service status employees earn 14 paid holidays each year. Please see the appopriate MOU for details regarding holidays, accruals, use, and cashability of accrued time. Sick Leave: 12 working days of sick leave annually with unlimited accumulation. Sick leave incentive : An employee is eligible to receive eight hours administrative leave if the leave balance equals at least one- half of the cumulative amount that the employee is eligible to accrue. The employee must also be on payroll during the entire calendar year. Bereavement Leave: 3 days of paid leave for the death of qualifying family member, 2 additional days of accrued leave for death of employee's spouse, domestic partner, parent or child. Merit Salary Increase: New employees will receive the starting salary, which is the first step of the salary range. After employees serve 52 weeks (2080 hours) on each step of the range, they are eligible for a merit increase to the next step. Job Sharing: Employees may agree to job-share a position, subject to approval by a Department Head and the Director of Human Resources. Educational Reimbursement Program: Eligible employees may be reimbursed for career-related course work up to a maximum of $850 per fiscal year. Eligible employees enrolled in an approved four (4) year College or University academic program may be reimbursed up to $800 per semester for a maximum of $1600 per fiscal year. Parking Supplemental Downtown Stockton: The County contributes up to $20 per pay period for employees who pay for parking and are assigned to work in the Downtown Core Area. School Activities: Employees may take up to 40 hours per year, but not more than eight (8) hours per month, to participate in their children's school activities. Selection Procedures Applicants who meet the minimum qualifications will go through the following examination process: Written Exam: The civil service written exam is a multiple choice format. If the written exam is administered alone, it will be 100% of the overall score. Candidates must achieve a minimum rating of 70% in order to be placed on the eligible list. Oral Exam: The oral exam is a structured interview process that will assess the candidate's education, training, and experience and may include a practical exercise. The oral exam selection process is not a hiring interview. A panel of up to four people will determine the candidate's score and rank for placement on the eligible list. Top candidates from the eligible list are referred for hiring interviews. If the oral exam is administered alone, it will be 100% of the overall score. Candidates must achieve a minimum rating of 70% in order to be placed on the eligible list. Written & Oral Exam: If both a written exam and an oral exam is administered, the written exam is weighted at 60% and the oral exam is weighted at 40% unless otherwise indicated on the announcement. Candidates must achieve a minimum rating of 70% on each examination in order to be placed on the eligible list. Rate-out: A rate-out is an examination that involves a paper rating of the candidate's application using the following criteria: education, training, and experience. Candidates will not be scheduled for the rate-out process. Note: The rating of 70 referred to may be the same or other than an arithmetic 70% of the total possible points. Testing Accommodation: Candidates who require testing accommodation under the Americans with Disabilities Act (ADA) must call Human Resources Division at ************** prior to the examination date. Veteran's Points: Eligible veterans, unmarried widows and widowers of veterans of the United States Armed Forces who have been honorably discharged and who have served during wartime shall be given veteran's points in initial appointment to County service. Eligible veterans receive 5 points and eligible disabled veterans receive 10 points. Disabled veterans must submit a recent award letter stating a 10% service connected disability issued by the United States Veterans Administration. Note: A copy of your DD214 showing the discharge type must be received in the Human Resources by the date of the examination. Acceptable wartime service dates: September 16, 1940 to December 31, 1946 June 27, 1950 to January 31, 1955 August 5, 1964 to May 7, 1975 Persian Gulf War, August 2, 1990, through a date to be set by law or Presidential Proclamation. Eligible Lists: Candidates who pass the examination will be placed on an eligible list for that classification. Eligible lists are effective for nine months, but may be extended by the Human Resources Director for a period which shall not exceed a total of three years from the date established. Certification/Referral: Names from the eligible list will be referred to the hiring department by the following methods. Rule of the Rank: The top rank or ranks of eligibles will be referred for hiring interviews. The minimum number of names to be referred will be equal to the number of positions plus nine, or 10% of the eligible list, whichever is higher. When filling nine or more positions in a department at the same time, the top rank or ranks will be referred and the minimum number of names shall be two times the number of positions to be filled or 10% of the eligible list, whichever is higher. This applies only to open competitive recruitments. Rule of Five: The top five names will be referred for hiring interviews. This applies only to department or countywide promotional examination. Rule of the List: For classifications designated by the Director of Human Resources, the entire eligible list will be referred to the department. Physical Exam: Some classifications require physical examinations. Final appointment cannot be made until the eligible has passed the physical examination. The County pays for physical examinations administered in its medical facilities. Pre-Employment Drug Screening Exam: Some classifications require a new employee successfully pass a pre-employment drug screen as a condition of employment. Final appointment cannot be made until the eligible has passed the drug screen. The County pays for the initial drug screen. Employment of Relatives: Applicants who are relatives of employees in a department within the 3rd degree of relationship, (parent, child, grand parent, grand child or sibling) either by blood or marriage, may not be appointed, promoted, transferred into or within the department when; They are related to the Appointing Authority or The employment would result in one of them supervising the work of the other. Department Head may establish additional limitations on the hiring of relatives by departmental rule. Proof of Eligibility: If you are offered a job you will be required to provide proof of U.S. citizenship or other documents that establish your eligibility to be employed in the U.S. HOW TO APPLY Apply Online: *************/department/hr By mail or in person: San Joaquin County Human Resources 44 N. San Joaquin Street Suite 330 Stockton, CA 95202 Office hours: Monday - Friday 8:00 am to 5:00 pm; excluding holidays. Phone: ************** Job Line: For current employment opportunities please call our 24-hour job line at **************. When a final filing date is indicated, applications must be filed with the Human Resources Division before 5:00 p.m. or postmarked by the final filing date. Resumes will not be accepted in lieu of an application. Applications sent through county inter-office mail, which are not received by the final filing date, will not be accepted. (The County assumes no responsibility for mailed applications which are not received by the Human Resources Division). San Joaquin County Substance Abuse Policy: San Joaquin County has adopted a Substance Abuse Policy in compliance with the Federal Drug Free Workplace Act of 1988. This policy is enforced by all San Joaquin County Departments and applies to all San Joaquin County employees. Equal Opportunity Employer: San Joaquin County is an Equal Employment Opportunity (EEO) Employer and is committed to providing equal employment to all without regard to age, ancestry, color, creed, marital status, medical condition, national origin, physical or mental disability, political affiliation or belief, pregnancy, race, religion, sex, or sexual orientation. For more information go to *************/department/hr/eeo.

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actional insights by quantifying IT and business risk to increase resilience while driving a security culture. We are seeking an Information Security Risk & Governance Specialist who will report to the Senior Manager. The successful candidate will be a highly experienced and proactive professional to lead regulatory compliance initiatives across the organization, with a focus on healthcare and technology-related standards. This senior individual contributor will be responsible for overseeing assessments and audits related to HIPAA, PCI-DSS, SOC 2, and other applicable frameworks, ensuring the organization maintains a strong security posture and meets all regulatory obligations. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years of prior relevant experience Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience a plus Experience partnering with all levels of management required Driven, energetic, team player with superior oral and written communication skills Strong analytical, organizational, and project management skills. Requires deep understanding of IT control frameworks; Artificial Intelligence Risk Management Framework is strongly preferred Desire one or more of the following: CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) Your Work In this role, you will: Regulatory Program Leadership Serve as the primary point of contact for external audits, assessments, and regulatory inquiries. Develop and maintain compliance documentation, including policies, procedures, control matrices, and evidence repositories. Build plan and lead required assessments to comply with mandates and certifications (HIPAA, PCI DSS, SOC II, Type 2, etc.). Assessment & Audit Management Conduct internal gap analyses and risk assessments to identify areas of non-compliance or control weaknesses. Track and report on audit findings, remediation efforts, and compliance status to senior leadership. Cross-Functional Collaboration Partner with teams across the enterprise to ensure alignment with regulatory requirements and enterprise risk objectives. Provide subject matter expertise during product development, vendor onboarding, and system implementations to ensure compliance is embedded in processes. Policy & Control Frameworks Partner to maintain and enhance internal control frameworks aligned with regulatory standards and industry best practices (e.g., NIST, HITRUST, ISO 27001). Partner to ensure policies and procedures are up-to-date and reflect current regulatory expectations and organizational practices. Monitoring & Reporting Implement continuous monitoring processes for key compliance controls, findings and mitigation plans. Prepare and present compliance metrics, dashboards, and executive summaries to leadership and governance committees.

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actionable insights by quantifying IT and business risk to increase resilience while driving a security culture. Reporting to the Senior Manager, in this role, we are seeking a highly experienced and strategic individual contributor to lead the development, implementation, and governance of our enterprise-wide Business Continuity and Disaster Recovery (BC/DR) program. This role will be responsible for ensuring organizational resilience through effective planning, risk assessment, and coordination across business units and technology teams. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years of prior relevant experience Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience is a plus Experience partnering with all levels of management required Driven, energetic, team player with superior oral and written communication skills Proven track record of leading enterprise BC/DR programs in complex environments Requires deep understanding of BC/DR frameworks, methodologies, and technologies. Strong analytical, organizational, and project management skills. Ability to work independently and influence cross-functional teams. Desire one or more of the following: CBCP (Certified Business Continuity Planning Professional)- highly desired, CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) Your Work In this role, you will: Program Development & Governance Design and implement a comprehensive Business Continuity (BC)/Disaster Recovery (DR) framework aligned with industry standards (e.g., ISO 22301, NIST SP 800-34), including an incident command center. Establish governance structures, policies, and procedures to support BC/DR initiatives. Develop and maintain BC/DR program documentation, including charters, plans, and metrics Establish and implement critical technology to support management of plans and alerts for enterprise Risk Assessment & Impact Analysis Conduct Business Impact Analyses (BIAs) and risk assessments to identify critical business functions and dependencies. Collaborate with stakeholders to define Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). Plan Development & Maintenance Lead the creation and maintenance of Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) across departments. Ensure plans are updated regularly to reflect changes in business operations, technology, and risk landscape across departments. Develop and implement an incident command center, includes but not limited to, defining playbooks, critical roles and responsibilities, plan and roadmap. Testing & Exercises Design and execute BC/DR testing strategies, including tabletop exercises, failover tests, and full-scale simulations. Analyze test results and drive continuous improvement initiatives. Identify and assign high risk findings to be addressed by owners Audit & Compliance Ensure compliance with regulatory requirements, association mandates, and internal audit standards. Prepare and present reports to senior leadership and auditors. Vendor & Third-Party Coordination Assess and coordinate with third-party BC/DR capabilities and ensure alignment with organizational standards.

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actionable insights by quantifying IT and business risk to increase resilience while driving a security culture. Reporting to the Senior Manager, in this role, we are seeking a highly experienced and strategic individual contributor to lead the development, implementation, and governance of our enterprise-wide Business Continuity and Disaster Recovery (BC/DR) program. This role will be responsible for ensuring organizational resilience through effective planning, risk assessment, and coordination across business units and technology teams. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Your Role This role supports Stellarus within the Ascendiun Family of Companies. The Risk Management & Controls Assurance team delivers actionable insights by quantifying IT and business risk to increase resilience while driving a security culture. We are seeking an Information Security Risk & Governance Specialist who will report to the Senior Manager. The successful candidate will be a seasoned and strategic professional who will lead the development, implementation, and oversight of our Third-Party Risk Management (TPRM) program. This senior-level individual contributor will be responsible for identifying, assessing, and mitigating risks associated with third-party relationships across the enterprise, ensuring compliance with regulatory requirements and alignment with organizational risk tolerance. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 10 years of prior relevant experience Experience in portfolio management, preferably within an Agile or SAFe environment, JIRA experience a plus Experience partnering with all levels of management required Driven, energetic, team player with superior oral and written communication skills Strong analytical, organizational, and project management skills. Requires deep understanding of IT control frameworks; Artificial Intelligence experience is a plus Desire one or more of the following: CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) Your Work In this role, you will: Program Leadership & Governance Design and implement a robust Third-Party Risk Management (TPRM) Program using tailored to healthcare regulatory and health technology requirements. Develop and maintain policies, procedures, and standards for third-party risk oversight. Establish governance structures and reporting mechanisms to ensure transparency and accountability. Risk Assessment & Due Diligence Implement and conduct comprehensive risk assessments for new and existing third-party vendors, focusing on cybersecurity, data privacy, financial stability, and operational resilience. Collaborate with procurement, legal, compliance, and business units to ensure thorough due diligence and contract risk mitigation. Define and maintain risk tiers and criticality ratings for vendors. Develop and support contract reviews for security exhibits. Implement and lead process for responding to IT and security questionnaires (sales, etc.) Ongoing Monitoring & Issue Management Implement continuous monitoring processes for high-risk and critical vendors. Track and manage remediation activities for identified risks and control gaps. Maintain a centralized inventory and reporting of third-party relationships and associated risk profiles. Conduct third-party outreaches for incidents Regulatory Compliance & Audit Support Prepare documentation and evidence for internal audits, regulatory exams, and board-level reporting. Monitor changes in regulatory requirements and adjust program components accordingly. Stakeholder Engagement & Training Serve as a subject matter expert and advisor to internal teams on third-party risk topics. Develop and deliver training programs to increase awareness and accountability across the organization. Facilitate cross-functional collaboration to enhance risk visibility and response. Technology & Automation Evaluate and implement third-party risk management platforms and tools. Drive automation and process improvements to enhance program efficiency and scalability.