Cyber security analyst jobs in North Saint Paul, MN - 80 jobs

Senior Cyber Security Analyst - 180001PV) This role will be part of the Cyber Security Operations team within CWT's Global Security and Risk department at our Minnetonka office.You will support the global operations by participating in the security incident response program and identifying vulnerabilities via standard penetration testing assessments and identifying threats posing a genuine risk to CWT. This information will enable CWT to proactively adjust its defensive posture. We are seeking an individual to be part of the team, to help as it grows with maturity. The team will carry out or coordinate (third parties) penetration testing across a number of environments including infrastructure, web app, and mobile platforms. In addition, you will collect and distribute Cyber Threat Intelligence as it relates to CWT. The role offers some exciting opportunities including the potential to develop your talents and skills, and investigating in more detail vulnerabilities and techniques that could be used against CWT. - Ability to create investigation results into a report- Ability to influence others where there is no direct authority- Data analysis, Network, OS systems (Windows, Unix, Linux)- Strong technical background and great understanding on emerging security trends- Deep technical knowledge IT Network, Infrastructure, Software, Cloud, Mobile- Red Team experience or experience of using Open Source and COTS for penetration testing which could include Nmap, Nessus, Metasploit, Kali Linux, Burp Suite Pro and similar - Experience in common scripting languages such as Python, Ruby, LUA, Powershell or BASH - Experience in at least one development language e.g. Java, C, C# or similar - A good understanding of Cloud based architectures primarily AWS Qualifications - Bachelor's Degree in Computer Science or related field or equivalent experience - Certified Information Systems Security Professional (CISSP) and/or Certified Cloud Security Certification (CCSP) and/or equivalent - AWS certifications (or ability to obtain within 6 months- Entry to junior level, 1-2 years of hands on Penetration Testing of web applications and infrastructure experience - 2-4 years of hands on cyber security operations, threat analysis, and/or incident response- Good appreciation of other security roles such as intelligence, vulnerability and patch management, Risk, auditing, Awareness and Security Architecture - A good understanding of the OSI stack and the various protocols from layer 1 - 7 including SNMP, HTTP, VPN, 802.11. - Social engineering engagement experience (i.e. phishing) - Excellent communication skills with the ability to communicate at a technical and business user level Primary Location: MinnetonkaEmployment type: StandardJob Family: Information TechnologyScope: GlobalTravel: Yes, 5 % of the TimeShift: Day JobOrganization: P&T_Security & RiskExperience Level: 3 to 5 years Job Posting: Apr 25, 2018 As an Equal Opportunity Employer/Affirmative Action employer, the organization will not discriminate in its employment practices due to an applicant's race, color, religion, sex, national origin, veteran status, disability status, sexual orientation, gender identity or any other federal, state or local protected class

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Title: Cyber Security Risk Expert IV Terms: 6 months contract with possible extension * Design, administer, and execute procedures for the identification, assessment, documentation, and communication of risks that could compromise Postal Service data and operations stemming from weaknesses in technology platforms, solution architectures, governance processes, and security capabilities, against industry standards and best practices. * Provide recommendations to improve and sustain the security of the enterprise's data and operations and document the organizational risk response plan (accept, mitigate, transfer, or avoid). * Monitor, report on, and validate, the status and efficacy of risk mitigation, transfer, or avoidance plans. Task description and/or any specific requirements: * Demonstrate expert-level knowledge and proficiency with ServiceNow (SNow) Vulnerability Response (VR) and generally associated modules, including but not limited to the following skills, abilities and knowledge: * General: Deep understanding of SNow platforms core functionalities and components, including forms, MID servers, tables, dashboards and access control lists (ACLs) * Scripting: Proficiency in rules and scripting (e.g., JavaScript), adequate to develop, test and deploy * Integrations: Proficiency to develop and troubleshoot VR integrations, including knowledge of APIs and service graph connectors * ]Dashboarding: Proficiency in designing and developing VR-focused dashboards and reports * Design and administer procedures within the organization to sustain the security of the organizations data and access to its technology and communication systems * Assess the risk of exposure of proprietary data through weaknesses in platforms, access procedures and forms of access, to the organizations systems and data contained within * Ability to review, collate, understand and present data, from various sources, to meet the remediation needs and expectations of the organization * Knowledge of automation coding, to automate data extrapolation, organization and dissemination, to meet the needs of the organization * Ability to review, investigate and assign cybersecurity vulnerabilities, for a variety of applications, systems and hardware, including cloud computing * Manage several projects/initiatives of various sizes, complexities and risks * Demonstrated proficiency in successfully evaluating and supporting documentation, validation and remediation processes required to ensure new and existing information technology (IT) systems meet the organization's vulnerability remediation expectations and requirements * Demonstrated ability to review and understand security blueprints, principles, models, designs, standards, and guidelines to ensure enterprise cybersecurity remediation support is consistent and beneficial to the organization * Experience with vulnerability remediation and remediation processes and efforts, as well as remediation tools * Ability to serve as subject matter expert (SME) for the USPS VRM process, including providing guidance to stakeholders, business units and new CISO resources, as necessary * Strong organizational skills and ability to build and maintain schedules and step-by-step action plans * Effective communication and collaboration skills to work with cross-functional teams, business units, stakeholders and IT professionals, and to conduct presentations to varying audiences and technical knowledge levels. Experience/Education: * A minimum of thirteen (13) to twenty (20) years relevant experience. * A degree from an accredited College/University in the applicable field of services is preferred. four additional years of relevant experience in lieu of a college degree is required. If the indiviual's degree is not in the applicable field then four additional years of related experience is required. * Works on high-visibility, or mission critical aspects of a given program, and performs all functional duties independently. * Oversees the efforts of direct reporting resources and/or be responsible for the efforts of all staff assigned to a specific job. * Note: Special credentials (licenses and/or certifications) may be required at the Task Order level on a case-specific basis. Pay Range: $45-$50/hr W2 About Seneca Resources: At Seneca Resources, we are more than just a staffing and consulting firm-we are a trusted career partner. With offices across the U.S. and clients ranging from Fortune 500 organizations to government agencies, we connect professionals with opportunities that drive meaningful impact and support long-term career growth. When you join Seneca, you gain a team committed to your success. We offer competitive compensation, comprehensive health, dental, and vision coverage, 401(k) plans, and continuous support throughout your assignment. Our recruiters and account managers invest in understanding your goals and placing you in roles aligned with your talents and ambitions. Seneca Resources is proud to be an Equal Opportunity Employer, dedicated to building a diverse and inclusive workplace where all qualified applicants are encouraged to apply.

Established in 1991, Collabera is one of the fastest growing end-to-end information technology services and solutions companies globally. As a half a billion dollar IT company, Collabera's client-centric business model, commitment to service excellence and Global Delivery Model enables its global 2000 and leading mid-market clients to deliver successfully in an increasingly competitive marketplace. With over 8200 IT professionals globally, Collabera provides value-added onsite, offsite and offshore technology services and solutions to premier corporations. Over the past few years, Collabera has been awarded numerous accolades and Industry recognitions including. Collabera awarded Best Staffing Company to work for in 2012 by SIA. (hyperlink here) Collabera listed in GS 100 - recognized for excellence and maturity Collabera named among the Top 500 Diversity Owned Businesses Collabera listed in GS 100 & ranked among top 10 service providers Collabera was ranked: 32 in the Top 100 Large Businesses in the U.S 18 in Top 500 Diversity Owned Businesses in the U.S 3 in the Top 100 Diversity Owned Businesses in New Jersey 3 in the Top 100 Privately-held Businesses in New Jersey 66th on FinTech 100 35th among top private companies in New Jersey *********************************************** Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Position Details: Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension) Location - Eagan , MN - 55123 Qualifications Primary Objective Perform in the delivery and development of processes and services which support best practices in information security and risk management for Client enterprise. Knowledge, Skills & Behaviors • 2+ years related information security risk management experience • 3+ years related information technology experience • Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL • Preferred exposure in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC • Demonstrate results in planning and delivering complex projects on time • Maintain focus and manage multiple efforts concurrently • Perform independently to expectations while being collaborative and maintaining alignment with the team • Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership • Strong written and verbal communication skills to include executive audiences • Apply tactical and strategic methods appropriately • Effective negotiation and influence • Focused on supporting the customer, the team, and the business • Strong collaboration and problem-solving skills Major Areas of Accountability • Operate as a key contributor to the Vendor Risk Management processes. • Interface with subject matter experts, peers and stakeholders; and business or technology leaders across the Client enterprise. • Demonstrate subject matter expertise on information security best practices and Client security posture focused on performing due diligence for vendor assurance inquiries and attestations. • Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress. • Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned. • Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership. • Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices. • Participate as a member of a team for Vendor Risk Management • Contribute to and achieve business and departmental goals and objectives • Deliver processes and services consistently and accurately • Accept feedback and flex to address tactical needs • Report on status of initiatives to all levels in the organization • Work across the organization to contribute to departmental initiatives and programs Education • Prefer 4 year (Bachelor's) Degree in a technology related field Additional Information To know more about this opportunity or to schedule an interview, Please Contact: Neha Kalia *************************** ************

Empowered to live. Inspired to work. Compeer Financial is a member-owned cooperative located in Illinois, Minnesota and Wisconsin. We bring together team members with a variety of backgrounds and experiences to help provide financial services to support agriculture and rural communities. Join us in a culture that not only promotes meaningful work and professional development, but provides a flexible, hybrid work environment and excellent benefits, which empower you to thrive both personally and professionally. How we support you: Hybrid model - up to 50% work from home Flexible schedules including ample flexibility in the summer months Up to 9% towards 401k (3% fixed Compeer contribution plus up to 6% match) Benefits: medical, dental, vision, HSA/FSA, life & AD&D insurance, short-term and long-term disability, wellness program & EAP Vacation, sick leave, holidays/floating holidays, parental leave, and volunteer paid time off Learning and development programs Mentorship programs Cross-functional committee opportunities (i.e. Inclusion Council, emerging professional groups, etc.) Professional membership/certification reimbursement and more! Casual/seasonal & intern team members are not eligible for benefits except for state-mandated programs. To learn more about Compeer Financial visit ************************ Where you will work: This position offers a hybrid work option up to 50% remote and is based out of any of Compeer's office locations. The contributions you will make: This position creates, implements and maintains corporate-wide security programs that assist in improving overall security posture of the organization. Provides guidance, assurance and information protection to maintain the confidentiality, integrity, and availability of Compeer critical resources. Contributes knowledge and expertise to ensure that information assets are protected and secure. In this position, you will guide solutions to promote secure business-to-business initiatives, third-part relationships, outsourced solutions and vendors. Provides mentorship and guidance to less experienced team members. A typical day: Remains current with new security threats and assess systems and solutions to ensure they can defend the business. Researches capabilities of current and new disruptive solutions on the market and makes recommendations to security group on a consistent basis. Develops security team standards, policies, procedures and processes. Support and provide direction for use of technical systems, monitors for unusual and suspicious activity across a wide range of products, data centers, and cloud systems. Partners with Business Technology on security configuration standards for systems and business applications. Participates in technical and non-technical projects requiring information security oversight and to ensure policies and procedures are met. Provides cybersecurity guidance to leadership. Ensures that cybersecurity-enabled products or other compensating security control technologies or processes reduce identified risk to an acceptable level. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Implements security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed. Analyzes and reports system security posture trends. Analyzes cyber defense policies and configurations and evaluates compliance with regulations and organizational directives. Prepares audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions. Leads the Incident Response Team during activations for security or operational events. Coordinates, leads and conducts adversary simulation, hunt teaming, assumed breaches and whitebox penetration tests. Develops and executes attack plans, scripts, tools and methodologies to strengthen the offensive operations. Plans and coordinates the delivery of classroom techniques and formats (e.g., lectures, demonstrations, interactive exercises, and multimedia presentations) for the most effective learning environment. The skills and experience we prefer you have: Bachelor's degree in security management, cybersecurity, computer science, management information systems, or business with technical training in networking, technical support or security or an equivalent combination of education and experience sufficient to perform the essential functions of the job. Expert-level experience in physical asset security, information technology, risk management, security services, or infrastructure technology. CISSP certification preferred. Ability to adapt and stay a step ahead of cyber attackers and stay up to date on the latest attack methods. Expert experience driving measurable improvement in monitoring and response capabilities at scale. Expert ability to identify and resolve problems, utilizing strong analytical skills. Advanced experience in cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private and hybrid environments. Expert knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to endpoint detection and response (EDR), threat intelligence platforms, data loss prevention (DLP), security automation and orchestration, deception technologies, application controls, and other network and system monitoring tools. Experience with purple teaming (red and blue) to train, identify and remediate issues cohesively. Advanced experience with Amazon Web Services (AWS) or Microsoft Azure. Expert experience conducting risk analysis to protect the business and adhere with compliance requirements and privacy laws. Expert experience with vulnerability and penetration testing engagements. Advanced knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Expert knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities. Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain. Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media. Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects. How we will take care of you: Our job titles may span more than one career level (associate, senior, principal, etc.). The actual title and base pay offered is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role is eligible for variable compensation and other benefits. Base Pay $103,100 - $156,400 USD Compeer Financial is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Must be authorized to work for any employer in the United States. Compeer is unable to sponsor or take over sponsorship of an employment visa at this time. Click here to view federal employment laws applicable for applicants.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client.* Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

The Information Security Analyst Identifies security risks and exposures, determine the causes of security violations, and configuring systems to optimize notification of future incidents. The Security Analyst Integrates appropriate systems and logs into the enterprise security incident and event management system to effectively monitor and detect various people and enterprise asset activity. The Information Security Analyst works under the direction of the Information Security Director on the IT Security Operations Team. This is a hybrid job, must be located in Saint Paul MN Responsibilities • Investigates and analyzes security events to evaluate risk, prioritizing findings based on internal and external information. • Configures and maintains SIEM platform, including areas such as source feeds, alerts, alarms, and API integrations. • Configures and maintains EDR/antivirus. • Configures and maintains vulnerability management platform, including areas such as vulnerability scanning, remediation, and mitigation as well as impact and risk analysis. • Communicates security concerns to the business stakeholders to collectively develop and execute an appropriate remediation/mitigation plan. • Interacts with security risk and compliance group, adjacent IT departments, and business units as needed to ensure compliance with IT Security goals and policies. • When needed, assists in administration of other security tools (Data Loss Prevention, Email Security/Spam Filter, End User Training, Mobile Device Management). • Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and evolving attacks and threat vectors. General Job Responsibilities: • Ability to work in a team environment and independently as required • Contributes to project planning and scheduling. • Normally receives minimal instructions on routine work and detailed instructions on new assignments. • Participate in Architecture design reviews and other technical governance forums across the organization representing the security team across multiple projects. • Be on call and available after business hours, would require working Holidays and weekends if major security incident occurs. • Establish and maintain pertinent policies, standards, and procedures • Perform duties in compliance with applicable regulations and standards such as Sarbanes Oxley Act, FDA Quality System, and ISO (International Organization for Standardization) Works on routine assignments per written procedures, where ability to recognize deviation from accepted practice is required. • Contributes to the overall operations and to the achievement of departmental goals • Perform job specific tasks in compliance with applicable Regulations, International Standards, and WuXi AppTec Policies and Standard Operating Procedures. • Understanding of Good Laboratory Practices and Good Manufacturing Practices • Other duties as assigned Qualifications • Degree in Cyber Security, Management Information Systems, Information Security or equivalent work experience o Minimum 2 years prior experience in a Cyber Security • In depth knowledge of LogRhythm SIEM platform or other SIEM platforms, which includes configuring and maintaining API integrations and source feeds, alerts and alarms • In depth knowledge in Qualys Vulnerability Management System, which includes configuring and maintaining • In depth knowledge in Cisco AMP Anti-Virus software, which includes configuring and maintaining • Knowledge of ISO/IEC 27001 standards. • Strong technical acumen with a solid understanding of security technologies and network architecture • Strong verbal and written communication skills • Independent driver of self-development and continuous learning • Knowledge of information security technology, design, research techniques, administration, operating standards, and quality control methods. • Basic understanding of LAN/WAN technologies and protocols, FTP, Active Directory, VPN technologies (MPLS, IPSEC, etc.), IIS and other network services. • Experience in a large, formal vulnerability program. • General knowledge of cloud, wireless network and mobile security. • Team-oriented and skilled in working within a collaborative environment. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability This job description does not state or imply that the above are the only duties and responsibilities assigned to this position. Employees holding this position will be required to perform any other job-related duties as requested by Management. We can recommend jobs specifically for you! An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability Click here to get started.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Job Description Job Title: PKI Security Engineer Location: Eagan MN - 55121 Duration: 12 Months Qualifications: The PKI Security Engineer considered to be the expert in the operations of PKI, Certificates, and Encryption and should have expert level experience supporting large-scale and highly complex environments. This role will also require the ability to lead and coordinate efforts among the team. Individual must be self-motivated and must be able to work well in a geographically dispersed, virtual team environment. Responsibilities: -Participate or lead complex or high severity troubleshooting and incident problem resolutions with other infrastructure teams or vendors -Analysis, design and implementation of Public Key Infrastructure (PKI), certificate and security solutions -Translate business needs into workable technology solutions that meet the needs of internal customers -Act as a project lead or participate as a team member on projects involving PKI, certificates and security. -Monitor the PKI and Certificate incident queue and resolve all levels of issues -Create, review, approve and implement changes to the PKI and Certificate environment -Analyze current PKI and Certificate environment to identify both technical and operational challenges and develop solutions for improvement -Act as PKI and Certificate lead on complex incidents, changes or upgrades -Represent the Cyber Security team on global incident management calls including interacting with other technical teams, customers or vendors -Analyze data and identify trends to facilitate root cause analysis and identify opportunities for service improvement -Participate in capacity planning, performance monitoring and maintenance to ensure high availability and proactively identify opportunities for service improvement -Act as the PKI and Certificate lead for periodic disaster recovery exercises - Effectively communicate technical issues\challenges to both technical and non-technical audiences Additional Information Thanks & Regards' ___________________________________________________________________________ Vikram Bhalla | Team Recruitment | Mindlance, Inc. | W: ************

TekWissen provides a unique portfolio of innovative capabilities that seamlessly combines clients insights, strategy, design, software engineering and systems integration. Our tightly integrated offerings are tailored to each clients requirements and span the services spectrum from Application Development/Maintenance testing, IT Consulting & staffing for IT Infrastructure Management through strategic consulting and industry-oriented business process. Job Description Bachelor's preferably in computer science or technical discipline (i.e. engineering) or equivalent experience. 3-5 years experience in mainframe production support/operations environment Thorough understanding of data center hardware and software technologies including network, storage, security, servers, mainframes, and load balancers Expert level experience in Information Technology Security practices, CISSP certification preferred • Knowledge of maintaining and enhancing data security infrastructure, applications and processes 1-3 years experience in working with 3rd party mainframe software suppliers. Basic knowledge of mainframe operational tools (Tivoli, CA-Sysview, Omegamon) Experience with distributed, multi-platform architecture Experience with high volume production systems 1-5 years experience with TSO, MVS, JCL, JES III, FTP, and other operations related to mainframe 1-3 years experience in RACF, and CA-Top Secret security processes and procedures 3 or more years experience developing, deploying or supporting systems software and hardware technologies. Airline or Travel industry experience preferred. Able to successfully handle multiple assignments concurrently. Able to effectively communicate with internal and external customers. Able to follow technical methods and standards Analytic Approach to problem solving Please see attachment. Additional Information Thanks & Regards Raj **************************** ************

We are looking for a skilled Security Analyst to join our dynamic team and contribute to the safeguarding of our organization's assets and information. Responsibilities: Policy Development and Implementation: Develop, review, and update security policies and procedures to ensure compliance with industry standards and regulations. Implement and enforce security policies across the organization. Stay abreast of emerging security threats and adjust policies accordingly. Risk Assessment: Conduct regular risk assessments to identify potential security vulnerabilities. Collaborate with other departments to assess and mitigate security risks. Provide recommendations for improving overall security posture. Incident Response: Develop and maintain an incident response plan. Investigate and respond to security incidents, including breaches and unauthorized access. Work closely with IT and other relevant teams to contain and mitigate security incidents. Security Monitoring: Implement and manage security monitoring tools to detect and respond to security events. Analyze security logs and reports to identify anomalies or suspicious activities. Take proactive measures to prevent security incidents. Security Awareness Training: Develop and deliver security awareness training programs for employees. Stay informed about the latest security threats and educate staff on best practices. Foster a security-conscious culture within the organization. Security Audits and Compliance: Conduct regular security audits to assess compliance with security policies. Collaborate with internal and external auditors to ensure adherence to regulatory requirements. Prepare and maintain documentation for compliance purposes. Qualifications: Bachelor's degree in Information Security, Cybersecurity, or a related field. Proven experience as a Security Analyst or in a similar role. In-depth knowledge of security policies, procedures, and best practices. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Relevant certifications such as CISSP, CISM, or CompTIA Security+.

TekWissen provides a unique portfolio of innovative capabilities that seamlessly combines clients insights, strategy, design, software engineering and systems integration. Our tightly integrated offerings are tailored to each clients requirements and span the services spectrum from Application Development/Maintenance testing, IT Consulting & staffing for IT Infrastructure Management through strategic consulting and industry-oriented business process. Job Description Bachelor's preferably in computer science or technical discipline (i.e. engineering) or equivalent experience. 3-5 years experience in mainframe production support/operations environment Thorough understanding of data center hardware and software technologies including network, storage, security, servers, mainframes, and load balancers Expert level experience in Information Technology Security practices, CISSP certification preferred • Knowledge of maintaining and enhancing data security infrastructure, applications and processes 1-3 years experience in working with 3rd party mainframe software suppliers. Basic knowledge of mainframe operational tools (Tivoli, CA-Sysview, Omegamon) Experience with distributed, multi-platform architecture Experience with high volume production systems 1-5 years experience with TSO, MVS, JCL, JES III, FTP, and other operations related to mainframe 1-3 years experience in RACF, and CA-Top Secret security processes and procedures 3 or more years experience developing, deploying or supporting systems software and hardware technologies. Airline or Travel industry experience preferred. Able to successfully handle multiple assignments concurrently. Able to effectively communicate with internal and external customers. Able to follow technical methods and standards Analytic Approach to problem solving Please see attachment. Additional InformationThanks & Regards Raj **************************** ************

GardaWorld Security Services is Now Hiring a Surveillance Security Officer! Ready to suit up as a Surveillance Security Guard? What matters most about a role like this is your sharp eye, capturing every detail as you scan a series of screens. Tell us about your strong observation skills with attention to detail. As a Security Officer - Surveillance, you will be the person spotting threats before they escalate in environments such as a security operations centers, call centers, parking gatehouses, etc. What's in it for you: * Site Location: Cottage Grove, 53527 * Set schedule: Days/shifts vary * Competitive hourly wage of $23 / Hour (DailyPay is available for GardaWorld employees!) * A comprehensive benefits package including medical, dental, and vision insurance plans, a 401(k) retirement savings plan with employer matching contributions, paid time off (PTO) policy, paid holidays, disability coverage, and life insurance options * Career growth opportunities at GardaWorld * Uniform provided at no cost Responsibilities of Surveillance Security Guard * Monitor security systems to detect any suspicious activity * Document observed events and incidents, writing detailed reports * Respond quickly to incidents or potential threats * Conduct regular patrols to ensure the safety of the premises * Control access to secure areas and verify the identities of visitors * Analyze security systems to identify potential vulnerabilities or malfunctions * Collaborate with law enforcement in case of serious situations or emergencies * Ensure the safety and protection of individuals and property Qualifications of a Surveillance Security Guard * Must be 21 years or older * Must have SOC, GSOC or PSOC experience * Be authorized to work in the U.S. * Be able to provide documentation of High School Diploma or GED * Be able to ace (and pass) an extensive screening process * Strong report writing skills * Sharp visual activity and exceptional concentration skills * Strong proficiency with technology * If you have Security, Military, Law Enforcement experience - even better! * You have a state license if required In the United States, GardaWorld Security remains the only guarding security company to be Certified by Great Place to Work. Apply today - this could be more than a job! 26% of our corporate employees started as frontline workers. If you're ambitious with an entrepreneurial spirit - someone who wants to be a GardaWorld Ambassador - a promising career awaits you! GardaWorld Security is a global champion in sophisticated and tailored security solutions, employing and training highly skilled and dedicated professionals across the globe. Not the job for you? Make sure to check out all our jobs! We also have tactical, concierge, and even casual roles available. Employment is contingent on the successful completion of a background check and drug screening to be conducted after an offer of employment is extended. It is the policy of GardaWorld Security Services to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, veteran status, or disability in accordance with applicable federal laws. In addition, GardaWorld Security Services complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment including, but not limited to hiring, placement, assignment, promotion, termination, layoffs, recalls, transfers, leaves of absence, compensation, and training. It is also the policy of GardaWorld Security Services not to honor requests that employees be assigned on the basis of sex or any other classification protected by law, unless such request is based on a bona fide occupational qualification for that assignment. Wisconsin License # 16156-62 Qualifications Education

This role will be part of the Cyber Security Operations team within CWT's Global Security and Risk department at our Minnetonka office. You will support the global operations by participating in the security incident response program and identifying vulnerabilities via standard penetration testing assessments and identifying threats posing a genuine risk to CWT. This information will enable CWT to proactively adjust its defensive posture. We are seeking an individual to be part of the team, to help as it grows with maturity. The team will carry out or coordinate (third parties) penetration testing across a number of environments including infrastructure, web app, and mobile platforms. In addition, you will collect and distribute Cyber Threat Intelligence as it relates to CWT. The role offers some exciting opportunities including the potential to develop your talents and skills, and investigating in more detail vulnerabilities and techniques that could be used against CWT. - Ability to create investigation results into a report - Ability to influence others where there is no direct authority - Data analysis, Network, OS systems (Windows, Unix, Linux) - Strong technical background and great understanding on emerging security trends - Deep technical knowledge IT Network, Infrastructure, Software, Cloud, Mobile - Red Team experience or experience of using Open Source and COTS for penetration testing which could include Nmap, Nessus, Metasploit, Kali Linux, Burp Suite Pro and similar - Experience in common scripting languages such as Python, Ruby, LUA, Powershell or BASH - Experience in at least one development language e.g. Java, C, C# or similar - A good understanding of Cloud based architectures primarily AWS - Bachelor's Degree in Computer Science or related field or equivalent experience - Certified Information Systems Security Professional (CISSP) and/or Certified Cloud Security Certification (CCSP) and/or equivalent - AWS certifications (or ability to obtain within 6 months - Entry to junior level, 1-2 years of hands on Penetration Testing of web applications and infrastructure experience - 2-4 years of hands on cyber security operations, threat analysis, and/or incident response - Good appreciation of other security roles such as intelligence, vulnerability and patch management, Risk, auditing, Awareness and Security Architecture - A good understanding of the OSI stack and the various protocols from layer 1 - 7 including SNMP, HTTP, VPN, 802.11. - Social engineering engagement experience (i.e. phishing) - Excellent communication skills with the ability to communicate at a technical and business user level

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. **Required Skills:** Security Engineer - IR Threat Intelligence Responsibilities: 1. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 2. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 3. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 4. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems 5. Engage constructively in cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions **Minimum Qualifications:** Minimum Qualifications: 6. 5+ years threat intelligence experience 7. Bachelor's degree or equivalent experience in Security 8. Familiarity with campaign tracking techniques and ability to convert the tracking results to long term countermeasures 9. Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework 10. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 11. Proven track record of managing and executing on short term and long term projects 12. Ability to work with a team spanning multiple locations/time zones 13. Ability to prioritize and execute tasks with minimal direction or oversight 14. Ability to think critically and qualify assessments with solid communications skills 15. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 16. Experience close collaborating with incident responders on incident investigations 17. Familiarity with malware analysis or network traffic analysis 18. Familiarity with nation-state, sophisticated criminal, or supply chain threats 19. Production of file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 20. Experience in one or more query languages such as SQL 21. Experience writing production code for threat intelligence tooling 22. Experience conducting large scale data analysis 23. Experience working across the broader security community **Public Compensation:** $154,000/year to $217,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Job Description Position Details: Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension) Location - Eagan , MN - 55123 Qualifications Primary Objective Perform in the delivery and development of processes and services which support best practices in information security and risk management for Client enterprise. Knowledge, Skills & Behaviors • 2+ years related information security risk management experience • 3+ years related information technology experience • Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL • Preferred exposure in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC • Demonstrate results in planning and delivering complex projects on time • Maintain focus and manage multiple efforts concurrently • Perform independently to expectations while being collaborative and maintaining alignment with the team • Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership • Strong written and verbal communication skills to include executive audiences • Apply tactical and strategic methods appropriately • Effective negotiation and influence • Focused on supporting the customer, the team, and the business • Strong collaboration and problem-solving skills Major Areas of Accountability • Operate as a key contributor to the Vendor Risk Management processes. • Interface with subject matter experts, peers and stakeholders; and business or technology leaders across the Client enterprise. • Demonstrate subject matter expertise on information security best practices and Client security posture focused on performing due diligence for vendor assurance inquiries and attestations. • Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress. • Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned. • Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership. • Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices. • Participate as a member of a team for Vendor Risk Management • Contribute to and achieve business and departmental goals and objectives • Deliver processes and services consistently and accurately • Accept feedback and flex to address tactical needs • Report on status of initiatives to all levels in the organization • Work across the organization to contribute to departmental initiatives and programs Education • Prefer 4 year (Bachelor's) Degree in a technology related field If you are interested please contact NEHA KALIA (Technical Recruiter) at ************ and email an updated copy of your resume (preferably WORD format) to *************************** Additional InformationIf you are interested please contact NEHA KALIA (Technical Recruiter) at ************ and email an updated copy of your resume (preferably WORD format) to ***************************

The Information Security Analyst Identifies security risks and exposures, determine the causes of security violations, and configuring systems to optimize notification of future incidents. The Security Analyst Integrates appropriate systems and logs into the enterprise security incident and event management system to effectively monitor and detect various people and enterprise asset activity. The Information Security Analyst works under the direction of the Information Security Director on the IT Security Operations Team. **This is a hybrid job, must be located in Saint Paul MN** **Responsibilities** - Investigates and analyzes security events to evaluate risk, prioritizing findings based on internal and external information. - Configures and maintains SIEM platform, including areas such as source feeds, alerts, alarms, and API integrations. - Configures and maintains EDR/antivirus. - Configures and maintains vulnerability management platform, including areas such as vulnerability scanning, remediation, and mitigation as well as impact and risk analysis. - Communicates security concerns to the business stakeholders to collectively develop and execute an appropriate remediation/mitigation plan. - Interacts with security risk and compliance group, adjacent IT departments, and business units as needed to ensure compliance with IT Security goals and policies. - When needed, assists in administration of other security tools (Data Loss Prevention, Email Security/Spam Filter, End User Training, Mobile Device Management). - Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and evolving attacks and threat vectors. General Job Responsibilities: - Ability to work in a team environment and independently as required - Contributes to project planning and scheduling. - Normally receives minimal instructions on routine work and detailed instructions on new assignments. - Participate in Architecture design reviews and other technical governance forums across the organization representing the security team across multiple projects. - Be on call and available after business hours, would require working Holidays and weekends if major security incident occurs. - Establish and maintain pertinent policies, standards, and procedures - Perform duties in compliance with applicable regulations and standards such as Sarbanes Oxley Act, FDA Quality System, and ISO (International Organization for Standardization) Works on routine assignments per written procedures, where ability to recognize deviation from accepted practice is required. - Contributes to the overall operations and to the achievement of departmental goals - Perform job specific tasks in compliance with applicable Regulations, International Standards, and WuXi AppTec Policies and Standard Operating Procedures. - Understanding of Good Laboratory Practices and Good Manufacturing Practices - Other duties as assigned **Qualifications** - Degree in Cyber Security, Management Information Systems, Information Security or equivalent work experience o Minimum 2 years prior experience in a Cyber Security - In depth knowledge of LogRhythm SIEM platform or other SIEM platforms, which includes configuring and maintaining API integrations and source feeds, alerts and alarms - In depth knowledge in Qualys Vulnerability Management System, which includes configuring and maintaining - In depth knowledge in Cisco AMP Anti-Virus software, which includes configuring and maintaining - Knowledge of ISO/IEC 27001 standards. - Strong technical acumen with a solid understanding of security technologies and network architecture - Strong verbal and written communication skills - Independent driver of self-development and continuous learning - Knowledge of information security technology, design, research techniques, administration, operating standards, and quality control methods. - Basic understanding of LAN/WAN technologies and protocols, FTP, Active Directory, VPN technologies (MPLS, IPSEC, etc.), IIS and other network services. - Experience in a large, formal vulnerability program. - General knowledge of cloud, wireless network and mobile security. - Team-oriented and skilled in working within a collaborative environment. **An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability** This job description does not state or imply that the above are the only duties and responsibilities assigned to this position. Employees holding this position will be required to perform any other job-related duties as requested by Management. **Need help finding the right job?** We can recommend jobs specifically for you! An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability (************************************************************************************************** **Job Locations** _US-MN-St. Paul_ **Job ID** _2025-13901_

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

The Information Security Analyst Identifies security risks and exposures, determine the causes of security violations, and configuring systems to optimize notification of future incidents. The Security Analyst Integrates appropriate systems and logs into the enterprise security incident and event management system to effectively monitor and detect various people and enterprise asset activity. The Information Security Analyst works under the direction of the Information Security Director on the IT Security Operations Team. This is a hybrid job, must be located in Saint Paul MN Responsibilities • Investigates and analyzes security events to evaluate risk, prioritizing findings based on internal and external information. • Configures and maintains SIEM platform, including areas such as source feeds, alerts, alarms, and API integrations. • Configures and maintains EDR/antivirus. • Configures and maintains vulnerability management platform, including areas such as vulnerability scanning, remediation, and mitigation as well as impact and risk analysis. • Communicates security concerns to the business stakeholders to collectively develop and execute an appropriate remediation/mitigation plan. • Interacts with security risk and compliance group, adjacent IT departments, and business units as needed to ensure compliance with IT Security goals and policies. • When needed, assists in administration of other security tools (Data Loss Prevention, Email Security/Spam Filter, End User Training, Mobile Device Management). • Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and evolving attacks and threat vectors. General Job Responsibilities: • Ability to work in a team environment and independently as required • Contributes to project planning and scheduling. • Normally receives minimal instructions on routine work and detailed instructions on new assignments. • Participate in Architecture design reviews and other technical governance forums across the organization representing the security team across multiple projects. • Be on call and available after business hours, would require working Holidays and weekends if major security incident occurs. • Establish and maintain pertinent policies, standards, and procedures • Perform duties in compliance with applicable regulations and standards such as Sarbanes Oxley Act, FDA Quality System, and ISO (International Organization for Standardization) Works on routine assignments per written procedures, where ability to recognize deviation from accepted practice is required. • Contributes to the overall operations and to the achievement of departmental goals • Perform job specific tasks in compliance with applicable Regulations, International Standards, and WuXi AppTec Policies and Standard Operating Procedures. • Understanding of Good Laboratory Practices and Good Manufacturing Practices • Other duties as assigned Qualifications • Degree in Cyber Security, Management Information Systems, Information Security or equivalent work experience o Minimum 2 years prior experience in a Cyber Security • In depth knowledge of LogRhythm SIEM platform or other SIEM platforms, which includes configuring and maintaining API integrations and source feeds, alerts and alarms • In depth knowledge in Qualys Vulnerability Management System, which includes configuring and maintaining • In depth knowledge in Cisco AMP Anti-Virus software, which includes configuring and maintaining • Knowledge of ISO/IEC 27001 standards. • Strong technical acumen with a solid understanding of security technologies and network architecture • Strong verbal and written communication skills • Independent driver of self-development and continuous learning • Knowledge of information security technology, design, research techniques, administration, operating standards, and quality control methods. • Basic understanding of LAN/WAN technologies and protocols, FTP, Active Directory, VPN technologies (MPLS, IPSEC, etc.), IIS and other network services. • Experience in a large, formal vulnerability program. • General knowledge of cloud, wireless network and mobile security. • Team-oriented and skilled in working within a collaborative environment. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability This job description does not state or imply that the above are the only duties and responsibilities assigned to this position. Employees holding this position will be required to perform any other job-related duties as requested by Management.