Cyber security analyst jobs in Northampton, MA

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. **The opportunity** Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. **Your key responsibilities** + Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified + Forensically analyze end user systems and servers found to have possible indicators of compromise + Analysis of artifacts collected during a security incident/forensic analysis + Identify security incidents through 'Hunting' operations within a SIEM and other relevant tools + Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions + Provide consultation and assessment on perceived security threats + Maintain, manage, improve and update security incident process and protocol documentation + Regularly provide reporting and metrics on case work + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact based reports + Be on-call to deliver global incident response **Skills and attributes for success** + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact-based reports + Proven integrity and judgment within a professional environment + Ability to appropriately balance work/personal priorities **To qualify for the role you must have** + Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field + 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; + Understanding of security threats, vulnerabilities, and incident response; + Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; + Be familiar with legalities surrounding electronic discovery and analysis; + Experience with SIEM technologies (i.e. Splunk); + Deep understanding of both Windows and Unix/Linux based operating systems; **Ideally, you'll also have** + Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH + Background in security incident response in Cloud-based environments, such as Azure + Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration **What we look for** + Demonstrated integrity in a professional environment + Ability to work independently + Have a global mind-set for working with different cultures and backgrounds + Knowledgeable in business industry standard security incident response process, procedures, and life cycle + Excellent teaming skills + Excellent social, communication, and writing skills **What we offer you** The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

Connecticut Children's is the only health system in Connecticut that is 100% dedicated to children. Established on a legacy that spans more than 100 years, Connecticut Children's offers personalized medical care in more than 30 pediatric specialties across Connecticut and in two other states. Our transformational growth establishes us as a destination for specialized medicine and enables us to reach more children in locations that are closer to home. Our breakthrough research, superior education and training, innovative community partnerships, and commitment to diversity, equity and inclusion provide a welcoming and inspiring environment for our patients, families and team members. At Connecticut Children's, treating children isn't just our job - it's our passion. As a leading children's health system experiencing steady growth, we're excited to expand our team with exceptional team members who share our vision of transforming children's health and well-being as one team. Manage and continuously improve a Cyber Security Compliance program. This would include conducting security business and infrastructure compliance reviews, security risk assessments for internal/external information assets. Education and/or Experience Required: * Education Required: Bachelor's degree in Information Systems or equivalent * Experience Required: Minimum of six (6) years of enterprise security related work experience. Minimum of four (4) years incident response/forensics experience. Previous 24 x 7 operations experience License and/or Certification Required: Required: Certified Information Systems Security Professional (CISSP) within 1 year of hire. Preferred: CISM, PCI QSA, GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA). Knowledge, Skills and Abilities: Knowledge * Experience and proficiency with: Anti-Virus, HIPS, IDS/IPS, Network Captures, Host-Based & Network Forensics. * Knowledge of Linux, UNIX, Windows OS, Active Directory and other operating systems. * Knowledge of database platforms such as MS SQL, Oracle, and MySQL. * Experience with a scripting language (e.g. Powershell, Python) Skills: * Excellent written communication and presentation skills with the ability to present complex security issues to a variety of audiences, including senior executives Abilities: * Must be self-directed, able to manage individual projects or act as part of a larger team * Experienced in performing security audits, risk analysis, forensics and penetration testing. Actively monitor systems and networks for potential intrusions. Lead, conduct and maintain security risk assessments, identify security vulnerabilities, develop recommendations, document findings and remediation plans. Manage remediation plans toward closure. Define security standards & incident response plans to detect, respond and recover from security incidents using a risk based methodology. * Develop and document security policies and procedures, training and awareness. Serve as a security expert reviewing and recommending security controls for network, application designs, operating systems, endpoint protection, mobile device implementations of new/updated applications and services. * Ensure business and technical requirements are aligned to security policies and are implemented within regulatory and corporate compliance. Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; related to forensics and incident response.

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **For candidates residing within a 50-mile radius of a Highmark office, a hybrid work schedule of three days per week (Tuesday, Wednesday, and Thursday) in the office is required.** The Cyber User Behavior Engineer is a pivotal role at Highmark, dedicated to enhancing our organization's security by cultivating a robust "security-first" culture. This individual will lead the design, implementation, and ongoing management of comprehensive security awareness programs. Their primary responsibility will be to educate, train, and inspire all Highmark employees to effectively identify and report security threats, ensuring adherence to Highmark's security policies and industry best practices. This role is crucial in minimizing human-centric security risks and fostering a vigilant and informed workforce. **ESSENTIAL RESPONSIBILITIES** + Develop, implement, and continuously improve a proactive program to identifying internal threats. + Establish close relationships with business stakeholders outside of the security discipline, working closely with privacy, physical security, fraud, legal, human resources and senior leadership. + Perform predictive analysis of behavior, anomalies, and concerns to identify internal threats. + Execute campaigns designed to improve enterprise security posture. + Continually enhance insider risk program to increase efficiencies and measure program effectiveness and report accordingly on progress. + Utilize change management methodologies to mitigate identified security risks. + Provide insider threat support to security operations and incident response teams in advance of and during cyber security incidents. + Ensure clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, identifying impact to the business and to consumers, helping shape remediation, and developing external and internal communications. + Ensure the education and awareness program is aligned with the Information Security Program, Policies and Standards. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Business Education, Marketing or Information Systems **Substitutions** + Six (6) years relevant, progressive experience **Preferred** + Bachelors in Information Security **EXPERIENCE** **Required** + 3 years in IT or IT Security Focus + 3 years of Insider Threat Program focus To include: + 3 years with Human Intelligence (HUMINT) **OR** as an Open-source Intelligence Analyst **Preferred** + 1-3 years in a Security Awareness or adjacent role **LICENSES or CERTIFICATIONS** **Required** + None **Preferred** + Security + **OR** + GSEC **OR** + CISSP **OR** + CERT Insider Threat + SANS Security Awareness Professional (SSAP) Proofpoint Certified Security Awareness Specialist **SKILLS** + Change Management + Presentation Delivery + Prioritizing + Analytical and Logical Reasoning/Thinking + Communication Skills + Cyber Security + User Behavior + Continuous Improvement **Language (Other than English):** None **Travel Requirement:** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-based Teaches / trains others regularly Frequently Travel regularly from the office to various work sites or from site-to-site Rarely Works primarily out-of-the office selling products/services (sales employees) Never Physical work site required Yes Lifting: up to 10 pounds Occasionally Lifting: 10 to 25 pounds Rarely Lifting: 25 to 50 pounds Never **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272819

As part of Meta Security, our Insider Trust team is dedicated to identifying and responding to insider threats that target our data. Our mission is to detect, investigate, and mitigate damage caused by insider threats. We handle a wide range of abuse cases, including misuse of user data, intellectual property theft, and leaks of sensitive information.We are seeking an experienced Security Engineer to join the team. This role involves investigating, hunting, and automating internal signals to detect malicious activities related to insider threats. **Required Skills:** Security Engineer Responsibilities: 1. Develop an understanding of the problem space and provide technical guidance during investigations and threat hunts 2. Influence and align the team's mission and strategy by collaboratively prioritizing and delivering multi-year roadmaps and projects 3. Create workflows and automations to streamline signal detection, threat hunts, and investigative processes 4. Collaborate with software and production engineering teams to build scalable and adaptable solutions for insider threat investigations 5. Identify gaps in our infrastructure and work with cross-functional partners to improve visibility through logging and automation 6. Prioritize efforts to maximize impact by enhancing visibility, automating processes, and scaling investigative capabilities 7. Coach, mentor, and support team members to foster long-term career growth, job satisfaction, and success **Minimum Qualifications:** Minimum Qualifications: 8. Bachelor's degree in Computer Science, Engineering, or equivalent experience 9. 8+ years of experience in Detection & Response Engineering, Insider Threat, or a similar Security Engineering role 10. In-depth technical and procedural expertise in conducting security investigations, including response, forensics, and large-scale log analysis 11. Proven experience leading and managing complex cross-functional programs 12. Extensive knowledge of attacker tactics, techniques, and procedures 13. Proficiency in coding or scripting in one or more general-purpose programming languages **Preferred Qualifications:** Preferred Qualifications: 14. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 15. Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Detection and/or response tool development **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: DoD Clearance: Secret Pratt & Whitney is working to once again transform the future of flight-designing, building and servicing engines unlike any the world has ever seen. And because transformation begins from within, we're seeking the people to drive it. So, calling all curious. Come ready to explore and you'll find a place where your talent takes flight-beyond the borders of title, a country or your comfort zone. Bring your passion and commitment and we'll welcome you into a tight-knit team that takes our mission personally. Channel your drive to make a difference into shaping an organization and an industry that's evolving fast to the future. At Pratt & Whitney, the difference you make is on display every day. Just look up. Are you ready to go beyond? What You Will Do: The Physical Security Senior Analyst (P2) is responsible for ensuring the security and compliance of facilities through expertise in core compliance regulations, facility maintenance, new construction, and technical security system services. This role involves coordinating with government authorities, managing vendors and contractors, overseeing security system maintenance, and supporting facility accreditation and construction projects. The ideal candidate will have extensive knowledge of physical security standards to include but not limited to ICD 705, 32 CFR Part 117, UL 2050 & 681, construction processes, and technical security systems, with a focus on delivering high-quality, compliant, and secure environments. The person in this role may be required to travel to and from project sites and facilities, with travel expected to be up to 20%. Candidates must be comfortable working in construction environments and overseeing on-site activities as part of their responsibilities. Additionally, the position may involve occasional on-call availability to address security incidents or respond to urgent compliance needs. Key Responsibilities: Documentation of all technical standards necessary for SCIF accreditation. Develop and maintain room drawings and UL certificates to meet facility security requirements. Liaise with Government Authorizing Officials (AOs) to ensure compliance and approvals. Assist in investigations related to security incidents or breaches. Develop and implement policies and procedures for Concept of Operations (CONOPS) and transportation plans. Monitor and manage facility maintenance schedules for secure facilities to ensure compliance and operational efficiency. Provide construction guidance across all 16 divisions of construction for facility maintenance and new project builds. Update security requirements for ongoing and new construction projects. Participate in meetings and bid walks to support project planning and execution. Oversee contractor performance, providing quality assurance and ensuring adherence to security standards. Serve as a Construction Surveillance Technician (CST) during construction projects to monitor security compliance. Administer Lenel OnGuard systems for access control and security management. Maintain knowledge of Intrusion Detection Systems (IDS) and Access Control Systems (ACS) hardware bench stock. Coordinate security system maintenance and locksmith services, including lock maintenance and contract oversight. Provide support for UL audits to ensure compliance with UL standards. Qualifications You Must Have: Associate's degree and 4+ years of experience in physical security, facility compliance, project management, or construction management; OR Bachelor's degree and 2+ years of relevant industry experience Experience serving as a Construction Surveillance Technician (CST) or equivalent role. ICD 705 SCIF Building Course or equivalent Active U.S. government issued Secret level security clearance required plus ability to obtain and maintain a Top Secret level security clearance. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. Qualifications We Prefer: College degree preferably in security management, construction management, project management, or engineering field Project management experience and coordination skills related to working with government officials, contractors, and internal teams Ability to work and effectively communicate across teams, contractors and government representatives Ability to develop and implement security policies, procedures, and training programs Physical Security Professional (PSP) or equivalent training Familiarity with government regulations and standards Knowledge of facility accreditation processes and UL standards Familiarity with Lenel OnGuard administration and IDS/ACS hardware management Experience in guard force training (contracted and proprietary) What is my Role Type? In addition to transforming the future of flight, we are also transforming how and where we work. We've introduced role types to help you understand how you will operate in our blended work environment. This role is: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance workers, as they are essential to the development of our engines. Candidates will learn more about role type and current site status throughout the recruiting process. For onsite and hybrid roles, commuting to and from the assigned site is the employee's personal responsibility. Learn more & apply today! As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 66,000 USD - 130,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Full-time Description The Risk Management Security Analyst is responsible for assisting Access Health CT (AHCT) with its Information Security Risk Management Program, satisfying both regulatory compliance requirements and managing security risk to an acceptable level. This role is a hands-on role that will be responsible for actively identifying, detecting, monitoring, maintaining, analyzing, advising, and responding to ongoing IT security and compliance needs under the guidance of the Associate Director, IT Security & Compliance. The individual selected for this role will collaborate with various cross-functional teams inclusive of partners and vendors in identifying, evaluating, categorizing, tracking and monitoring enterprise IT security risk and will assist with development and maintenance of IT security controls in adherence with federal and other government required cyber security frameworks. Furthermore, the individual in this role will be responsible for assisting with development, automation, and ongoing maintenance of end-to-end risk register and related risk management work streams and processes (i.e., risk assessments, risk mitigation strategies, etc.) by utilizing existing Archer Governance, Risk, and Compliance (GRC) platform and other state-of-the-art security tools. This role reports to the Associate Director of IT Security and Compliance and has no direct reports. *Please note that this position is available to individuals authorized to work in the U.S. without the need for sponsorship . Responsibilities Conduct third-party security risk assessments and security reviews in accordance with regulatory requirements. Collaborate with IT, Legal, product owners, and business teams to ensure appropriate IT Security and Compliance requirements are incorporated into new and ongoing engagements and initiatives. Support development, maintenance, and operation of a centralized enterprise cyber risk register and associated activities in Archer GRC platform. Define and report on key risk metrics to Management on regular basis. Liaise with IT, Legal, product owners, and business teams to provide accurate and timely responses to internal and external IT Security and Compliance inquiries and related activities. Assist with technical vulnerability assessments and security reviews of infrastructure, network, applications, and databases, utilizing Nessus scanning software and other state- of- the- art security tools. Facilitate, track, and manage vulnerability remediation based on risk categorization, with timely assessing and communicating risk, documenting, and reporting on mitigation status. Actively monitor, analyze, and generate reports on company's security landscape utilizing SIEM and other state- of- the- art security tools. Provide guidance, technical expertise, and training to the enterprise to ensure optimal use of the Archer GRC platform. Develop and maintain technical documentation, such as security control implementations, System Security Plan (SSP), user guides, process documentation, and configuration details. Identify opportunities for process optimization, automation, and streamlining tasks. Participate actively in frequent regulatory submissions and inquiries. Manage and continuously monitor remediation plans for compliance and mitigation of risk. Assist with responding to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches. Bridge information security requirements with business processes and IT systems and projects. Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and monitor for compliance. Develop, administer, and provide advice, evaluation, and oversight for information security training and awareness programs. Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the risk management strategy, framework, and program. Completes other tasks, as assigned. Requirements Qualifications Bachelor's degree in Management Information Systems, Cybersecurity, Computer Science or related Information Technology field and/or equivalent industry experience. A minimum of 3-5 years of combined hands-on experience in Information Security, Information Technology, Audit, or Governance, Risk, and Compliance. One or more of the following security certifications is preferred or in process: Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Global Information Assurance Certification (GIAC) Working knowledge of common Cybersecurity Frameworks including the National Institute of Standards and Technology Cybersecurity Framework (NIST-CSF), NIST SP 800-53, FedRAMP, and Center for Internet Security (CIS) Critical Security Controls. Hands-on experience with GRC platforms and other state-of-the-art security tools. Experience with development and management of metrics and reporting. Applied knowledge with data mapping, risk assessments, third-party risk management, audits, compliance tracking, and security controls management. Solid understanding of cybersecurity best practices and how to implement and apply at a business setting. Demonstrated success in problem solving, project management, business analysis, and data analysis. Solid organizational and excellent verbal and written communication skills. Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly. Ability to successfully multi-task while working independently or within a group environment. Ability to collaborate with internal and external stakeholders in an effective manner that produces desired results. Physical Demands: the physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to sit, stand, hear, use hands to type data, and utilize a phone or other electronic communication devices. This employee may occasionally have to operate business machines. Specific vision abilities required in this job include close vision and the ability to adjust focus. Work Environment: this is an in-office role on Tuesdays and Wednesdays and a remote role 3 days per week. The noise level in the work environment is usually low to moderate. The role requires the ability to work offsite with stakeholders at their locations, e.g., BITS, DSS. Requires fast-paced deadlines and has a high stress at times. Occasional local travel and some travel within the U.S. Affirmative Action and Equal Opportunity Employer Salary Description $79,000 to $88,000 DOE

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Our client is seeking a Security Engineer to serve as a trusted advisor to their client base. In this role, you will design and implement robust security infrastructure while guiding clients through compliance processes, ensuring top-tier security standards are consistently met. Salary range $100,000 - $125,000 + comprehensive benefits package Hybrid schedule - Greater Hartford Responsibilities: Design and implement security architectures across cloud, on-prem, and hybrid environments Manage and optimize security tools including EDR, MDR, MFA, SIEM, firewalls, and VPNs Collaborate with NOC/SOC teams to monitor threats and respond to incidents Develop standardized configurations and automation for scalable security deployments Guide clients through compliance frameworks such as NIST, CMMC, and PCI, including gap assessments and remediation Support audits with evidence collection, reporting, and documentation to ensure compliance Conduct vulnerability scans, risk assessments, and configuration reviews to reduce risk Create and maintain security policies, procedures, and client environment documentation; deliver security awareness training Develop and execute incident response playbooks, investigate incidents, and coordinate threat remediation Continuously improve security tools, processes, and methodologies while staying current on emerging threats Qualifications: Bachelor's degree in Computer Science, Information Security, or equivalent professional experience Solid understanding of servers, network infrastructure, and security technologies Hands-on experience securing cloud platforms (AWS, Azure, GCP) using IAM, security groups, and native controls Knowledgeable in compliance frameworks such as NIST, CMMC, PCI, and ISO 27001 Strong troubleshooting and communication skills, able to effectively engage both technical and non-technical stakeholders under pressure Demonstrates high integrity and a strong commitment to maintaining confidentiality Preferred certifications - CompTIA Security +, CISM, CISSP, GIAC INDI

Are you a cybersecurity pro ready to lead security operations and compliance initiatives? Join our team today FT, Direct HireOnsite$105-125KNetwork infrastructure, servers, cloud platforms, compliance frameworks such as NIST, security technologies-firewalls, VPN, SIEM, Gap assessments, Incident response Are you a cybersecurity professional who thrives on protecting organizations and guiding them through complex compliance requirements? Join our team as a Security and Compliance Engineer and help clients secure their environments across cloud, on-prem, and hybrid infrastructures. In this role, you'll: Design, implement, and manage security architectures and controls. Guide clients through compliance frameworks like NIST, CMMC, PCI, and ISO 27001. Manage and optimize security tools (EDR, MDR, SIEM, MFA, firewalls, VPNs). Respond to incidents, conduct risk assessments, and develop remediation strategies. Maintain policies, procedures, and documentation while delivering security awareness training. Guide clients through frameworks such as NIST, CMMC, PCI, and ISO 27001. Conduct gap assessments and recommend remediation strategies. Support audits with evidence collection, reporting, and documentation. Perform vulnerability scans, risk assessments, and configuration reviews Requirements: 4+ years in cybersecurity engineering (MSP/MSSP/SOC experience preferred). Experience with cloud security (AWS, Azure, GCP) and IAM. Knowledge of compliance frameworks (NIST, PCI, ISO 27001, CMMC). Strong troubleshooting, communication, and problem-solving skills. Relevant certifications preferred: CISSP, CISM, Security+, GIAC, ISO 27001 Lead Implementer. #INDTPG

Mid Career Systems Engineer - Nuclear Weapons Security USA-MA-Pittsfield Required Clearance: Secret, obtainable within reasonable time based on requirements Employment Type: Full Time Hiring Company: General Dynamics Mission Systems, Inc. Basic Qualifications Requires a Bachelors degree in Systems Engineering, or a related Science, Engineering or Mathematics field. Also requires 2+ years of job-related experience or a Master's degree. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is obtainable within a reasonable amount of time after hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position ROLE AND POSITION OBJECTIVES: As a Systems Engineer for the Nuclear Weapons Security program, youll be a member of a cross functional team responsible for designing advanced security and information systems, as well as helping to maintain deployed systems. We encourage you to apply if you have any of these preferred skills or experiences: * IBM DOORS * MATLAB * Simulink * Requirements Decomposition * Test Procedure Development * Windows Powershell * Cisco Networking * Operating System Administration (Linux, Windows) * Virtualization * Cybersecurity Tool implementation and administration * Database Administration (Mongo preferred) What sets you apart: * Clear understanding of systems engineering concepts, principles, theories, and technical standards * Clear understanding of requirements management and system modeling tools * Creative thinker with ability to grasp and apply new information quickly and handle increasing responsibilities with growing complexity * Team player who thrives in collaborative environments and revels in team success * Commitment to ongoing professional development for yourself and others Our Commitment to You: * An exciting career path with opportunities for continuous learning and development. * Research oriented work, alongside award winning teams developing practical solutions for our nations security * Flexible schedules with every other Friday off work, if desired (9/80 schedule) * Competitive benefits, including 401k matching, flex time off, paid parental leave, healthcare benefits, health & wellness programs, employee resource and social groups, and more * See more at gdmissionsystems.com/careers/why-work-for-us/benefits Workplace Options: This position is Hybrid/Flex, but will require periods of 100% on site. While on-site, you will be a part of the Pittsfield, MA facility. #CJ2 #LI-Hybrid Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $97,754.00 - USD $108,445.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Job Description Aquinas Consulting is currently looking to fill an IT Security and Compliance Engineer job for our direct client in East Hartford, CT. In this role, you will design, implement, and manage security controls across cloud and on-prem environments while guiding clients through compliance requirements. You will support audits, assess gaps, and respond to incidents - ensuring clients maintain strong security postures. IT Security and Compliance Engineer Job Responsibilities: Design and implement security architectures across cloud, on-prem, and hybrid client environments Manage and optimize security tools including EDR, MDR, MFA, SIEM, firewalls, and VPNs Collaborate with NOC/SOC partners to monitor threats and respond to incidents Conduct gap assessments and advise on remediation plans for compliance frameworks such as NIST, CMMC, and PCI Support client audits by coordinating evidence collection and documentation Perform vulnerability scans, risk assessments, and configuration reviews Create and maintain security policies, procedures, and environment documentation Deliver security awareness training for internal teams and client personnel Develop and execute incident response playbooks and handle security events Improve security processes and tools, ensuring audit readiness and SLA compliance Stay current on industry trends and recommend new security measures Qualifications: Strong knowledge of servers, network infrastructure, and security technologies (firewalls, VPNs, MFA, SIEM, MDR, EDR) Experience securing cloud platforms such as AWS, Azure, or GCP, including IAM and native controls Familiarity with compliance frameworks such as NIST, CMMC, PCI, ISO 27001, etc. Excellent troubleshooting skills and experience supporting incident response Strong written and verbal communication skills with both technical and non-technical audiences Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience) 4+ years in cybersecurity engineering (MSP/MSSP/SOC experience preferred) Relevant certifications such as CompTIA Security+, CISSP, CISM, GIAC, or ISO 27001 Lead Implementer preferred If you are interested in this IT Security and Compliance Engineer job in East Hartford, CT, please apply now to be connected with a member of our team. Please note: Applying to this role is an agreement to have your information entered into our database and acknowledgement that a recruiter will reach out to you either by phone, email, and/or text message regarding this and similar job opportunities. Aquinas Consulting is a woman and minority owned company headquartered in Milford, CT that provides Engineering, Information Technology (IT), and Manufacturing staffing solutions throughout the US. We take pride in 20 years of service to our clients, our hiring managers, our consultants, and our local community. Aquinas is an affirmative action, equal opportunity employer and committed to considering all qualified applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. *************************

Must have: Application security, Relevant security certifications , Devops, OWASP Duties: The Opportunity We are seeking an experienced Application Security Engineer to join our Software Security team and take charge of ensuring the security and integrity of our software applications. The ideal candidate will have advanced knowledge of secure software development, extensive experience with identifying vulnerabilities, and the ability to implement robust security solutions. This role will require collaboration with development teams, security architects, and other stakeholders to integrate security best practices into all stages of the software development lifecycle. Description: Your key responsibilities will consist of the following to ensure applications are resilient against emerging threats, reducing potential financial and reputational damage from security incidents. Conduct in-depth security assessments, including vulnerability scanning, and code reviews. Leverage automated tools and manual testing techniques to identify, risk assess and prioritize and propose mitigation strategies for identified threats and application-level vulnerabilities (e.g., OWASP Top 10, etc.) ensuring our applications meet security standards and reducing exposure to data breaches. Collaborate with security architects to design secure application architectures that align with industry best practices. Ensure secure coding practices are followed, and security controls are incorporated into software designs. Conduct detailed threat modeling to identify attack vectors and potential weaknesses. Collaborate with our SDLC Council to develop and maintain secure coding standards, empowering developers to integrate security into the development process. Partner with DevOps teams to implement security within CI/CD (continuous integration & delivery) pipelines for automated and seamless deployment of secure code. Assist in incident response activities related to application security breaches, providing rapid identification and mitigation guidance. Ensure compliance with security regulations, frameworks, and industry standards such as OWASP. Leverage reporting tools to demonstrate the overall risk through metrics (KPIs, KRIs, OKRs) of vulnerabilities and code defects to MassMutual's cyber assets for various team leaders and executive leadership for risk prioritization and enablement of risk-based decision-making. Stay up to date with the latest security threats, vulnerabilities, and industry trends to inform and improve security strategies. Strong problem-solving abilities and analytical thinking. Excellent communication skills to explain security issues to both technical and non-technical stakeholders. A team player with the ability to work in a collaborative, fast-paced environment. Office location worker is associated with: Springfield, MA, Boston, MA, or NY, NY. Skills: Bachelor's or master's degree in computer science, Information Security, or a related field. Minimum of 5+ years of experience in application security, penetration testing, or secure software development. The Ideal Qualifications Relevant security certifications such as CEH, OSCP, or GWAPT) from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.) Strong knowledge of secure software development methodologies, including threat modeling, code reviews, and static/dynamic analysis. Experience in integrating security into DevOps (DevSecOps) and CI/CD environments. Strong technical knowledge of web application security, cloud security (AWS, Azure, GCP), mobile security, infrastructure as code (IaC), container security, and API security. Familiarity with SAST, DAST, and IAST tools. Deep understanding of common vulnerabilities (e.g., OWASP Top 10) and their mitigations. Advanced understanding and experience with writing source code (e.g., JavaScript, Java, C/C++/C#, Python, etc.) and familiarity with software security frameworks (e.g., Maven, Node, Gradle, etc.). Experience with identifying security vulnerabilities/defects in dockers, containers, and Kubernetes. Experience with cloud deployment and automation tools (Terraform, GitHub Actions, Jenkins, AWS Cloud Formation Templates, Secrets Managers). Knowledge of compliance and regulatory frameworks (SOC 2, etc.).

Job Description We are seeking an experienced Application Security Engineer to join our Software Security team and take charge of ensuring the security and integrity of our software applications. The ideal candidate will have advanced knowledge of secure software development, extensive experience with identifying vulnerabilities, and the ability to implement robust security solutions. This role will require collaboration with development teams, security architects, and other stakeholders to integrate security best practices into all stages of the software development lifecycle. The Impact Your key responsibilities will consist of the following to ensure applications are resilient against emerging threats, reducing potential financial and reputational damage from security incidents. Conduct in-depth security assessments, including vulnerability scanning, and code reviews. Leverage automated tools and manual testing techniques to identify, risk assess and prioritize and propose mitigation strategies for identified threats and application-level vulnerabilities (e.g., OWASP Top 10, etc.) ensuring our applications meet security standards and reducing exposure to data breaches. Collaborate with security architects to design secure application architectures that align with industry best practices. Ensure secure coding practices are followed, and security controls are incorporated into software designs. Conduct detailed threat modeling to identify attack vectors and potential weaknesses. Collaborate with our SDLC Council to develop and maintain secure coding standards, empowering developers to integrate security into the development process. Partner with DevOps teams to implement security within CI/CD (continuous integration & delivery) pipelines for automated and seamless deployment of secure code. Assist in incident response activities related to application security breaches, providing rapid identification and mitigation guidance. Ensure compliance with security regulations, frameworks, and industry standards such as OWASP. Leverage reporting tools to demonstrate the overall risk through metrics (KPIs, KRIs, OKRs) of vulnerabilities and code defects to cyber assets for various team leaders and executive leadership for risk prioritization and enablement of risk-based decision-making. Stay up to date with the latest security threats, vulnerabilities, and industry trends to inform and improve security strategies. Strong problem-solving abilities and analytical thinking. Excellent communication skills to explain security issues to both technical and non-technical stakeholders. A team player with the ability to work in a collaborative, fast-paced environment. The Minimum Qualifications Bachelor's or master's degree in computer science, Information Security, or a related field. Minimum of 5+ years of experience in application security, penetration testing, or secure software development. The Ideal Qualifications Relevant security certifications such as CEH, OSCP, or GWAPT) from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.) Strong knowledge of secure software development methodologies, including threat modeling, code reviews, and static/dynamic analysis. Experience in integrating security into DevOps (DevSecOps) and CI/CD environments. Strong technical knowledge of web application security, cloud security (AWS, Azure, GCP), mobile security, infrastructure as code (IaC), container security, and API security. Familiarity with SAST, DAST, and IAST tools. Deep understanding of common vulnerabilities (e.g., OWASP Top 10) and their mitigations. Advanced understanding and experience with writing source code (e.g., JavaScript, Java, C/C++/C#, Python, etc.) and familiarity with software security frameworks (e.g., Maven, Node, Gradle, etc.). Experience with identifying security vulnerabilities/defects in dockers, containers, and Kubernetes. Experience with cloud deployment and automation tools (Terraform, GitHub Actions, Jenkins, AWS Cloud Formation Templates, Secrets Managers). Knowledge of compliance and regulatory frameworks (SOC 2, etc.). Education: Bachelor's or master's degree in computer science. Skills and Experience: Required Skills: MITIGATION CLOUD SECURITY METRICS SCANNING GCP Additional Skills: SOC INFORMATION SECURITY API DYNAMIC ANALYSIS C JAVA MAVEN AMAZON WEB SERVICES PROBLEM-SOLVING GITHUB DEPLOYMENT REPORTING TOOLS INCIDENT RESPONSE C/C++ CONTINUOUS INTEGRATION/DELIVERY TERRAFORM CODING DEV OPS EXCELLENT COMMUNICATION SKILLS JAVASCRIPT SOFTWARE SECURITY COMPTIA PYTHON STRUCTURED SOFTWARE GIAC SDLC JENKINS CODING STANDARDS TEAM PLAYER GRADLE KUBERNETES

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

RiverTech is seeking a skilled Information Security (INFOSEC) Specialist to support the Joint Staff Security Office (JSSO) at the Pentagon in providing comprehensive security services. The ideal candidate will be responsible for ensuring that classified information, SCI, and controlled unclassified information (CUI), under the control of the JS, is protected in accordance with authoritative policies. To join our team of outstanding professionals, apply today! Responsibilities + Ensures classified information, SCI, and controlled unclassified information (CUI), under the control of the Joint Staff is protected in accordance DoDM 5200.01, DoDD 5205.21, and DoDI 5200.48. + Develops INFOSEC standard operating procedures (SOPs) and policies for the Joint Staff Security Office (JSSO). + Conducts security incident inquiries addressing security incidents involving non-compliance with security procedures for classified information, from initiation to completion. + Maintains a tracking system of all security incidents and conducts an analysis of the information compiled to identify areas of concern to address trending security issues. + Maintains repository of all Joint Staff security classification guides (SCGs) and reviews SCGs as prescribed by the Information Security Oversight Office (ISOO). + Manages the Joint Staff and combatant commands original classification authorities (OCAs) lists. + Conducts security classification reviews for Joint Staff products containing classified national security information and provides recommendations to align with policies. + Develops, implements, and conducts specialized training programs for security personnel, including annual and refresher training, while tracking completion status. + Collaborates with other security disciplines such as Physical Security, Personnel Security, Insider Threat Hub and Foreign Disclosure Office during security incidents, classification reviews and to ensure security measures and training align with organizational goals. + Manages and Implements the Joint Staff courier program. Qualifications + Minimum of six (6) years of direct relevant experience. + Top Secret Clearance with SCI eligibility. + Must possess a working knowledge of the U.S. Government Security Programs and skills in planning, developing, implementing, and evaluating security programs to meet mission requirements for which they support. + Excellent written and oral communication and problem-solving skills and the ability to review, analyze, and resolve complex issues. Desired Qualifications: + Working in Department of Defense (DoD). + Working in a Sensitive Compartmented Information Facility (SCIF) and on classified networks (SIPRnet and Joint Worldwide Intelligence Communications System (JWICS). + Familiarity with Enterprise Task Management Software Solutions (ETMS2) tasking system, Correspondence and Task Management System (CATMS) or other DoD Task Management Tools (TMT) or applications. + Sharepoint Management. + Utilizing Microsoft Office products (Word, Excel, Powerpoint). Job ID 2025-20040 Work Type On-Site Pay Range $110,000 - $120,000 Benefits Regular - The company offers a comprehensive benefits program, including medical, dental, vision, life insurance, 401(k) and a range of other voluntary benefits. Paid Time Off (PTO) is offered to regular full-time and part-time employees. Company Description Work Where it Matters RiverTech, an Akima company, is not just another federal professional solutions contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska. At RiverTech, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States. For our shareholders, RiverTech provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years. For our government customers, RiverTech provides innovative solutions to complex engineering and operational challenges and delivers wide-ranging services for mission support, systems engineering, and IT. As a RiverTech employee, you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options. We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law. If you are an individual with a disability, or have known limitations related to pregnancy, childbirth, or related medical conditions, and would like to request a reasonable accommodation for any part of the employment process, please contact us at ******************** or ************ (information about job applications status is not available at this contact information).

We are seeking a highly skilled and motivated Information System Security Officer (ISSO) to join our team. The ISSO will be responsible for ensuring the security and integrity of our information systems. This role involves developing, implementing, and maintaining security policies, procedures, and controls to protect our organization's data and systems from unauthorized access, threats, and vulnerabilities. This position is located in Washington, DC. Your future duties and responsibilities: Develop and maintain security policies, standards, and procedures in compliance with industry regulations and best practices. Conduct regular security assessments and audits to identify vulnerabilities and recommend corrective actions. Monitor and analyze security alerts and incidents, responding promptly to mitigate risks. Collaborate with IT and other departments to implement security measures and ensure compliance with security policies. Provide guidance and training to staff on security best practices and awareness. Manage and maintain security tools and technologies, such as firewalls, intrusion detection systems, and encryption solutions. Prepare and maintain documentation related to security policies, procedures, and incidents. Stay current with emerging security threats and technologies to proactively address potential risks. Risk Assessment and Management: They conduct regular security audits, vulnerability assessments, and risk analyses to identify potential threats and weaknesses. Security Incident Response: ISSOs respond to security incidents, investigate breaches, and implement corrective actions to minimize damage and prevent future occurrences. Required qualifications to be successful in this role: Bachelor's degree in Information Technology, Cybersecurity, or a related field or 3 to 5 years of experience Proven experience as an Information System Security Officer or similar role. Security Architecture: Understanding of secure system design principles and experience developing secure architectures. Security Controls: Knowledge of various security controls and their implementation. Vulnerability Assessment: Experience with vulnerability scanning tools and techniques. Monitoring and Evaluation: They monitor network traffic, system logs, and security tools to detect anomalies and respond to potential threats. Security Documentation: Ability to create and maintain security documentation. Strong knowledge of security frameworks and standards, such as NIST, ISO 27001, and CIS Controls. Experience with security tools and technologies, including firewalls, IDS/IPS, and SIEM solutions. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to work collaboratively across teams. Desired qualifications/non-essential skills required: Relevant certifications such as CISSP, CISM, or CISA are highly desirable. CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $70,800.00 - $153,300.00. CGI Federal's benefits are offered to eligible professionals on their first day of employment to include: . Competitive compensation . Comprehensive insurance options . Matching contributions through the 401(k) plan and the share purchase plan . Paid time off for vacation, holidays, and sick time . Paid parental leave . Learning opportunities and tuition assistance . Wellness and Well-being programs #CGIFederalJob #LI-DD1 Skills: * English * Database Administration * System Administration What you can expect from us: Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world. Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status or responsibilities, reproductive health decisions, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics to the extent required by applicable federal, state, and/or local laws where we do business. CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at US_Employment_******************. You will need to reference the Position ID of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a Position ID will not be returned. We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members. All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. Dependent upon role and/or federal government security clearance requirements, and in accordance with applicable laws, some background investigations may include a credit check. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.

Manage and continuously improve a Cyber Security Compliance program. This would include conducting security business and infrastructure compliance reviews, security risk assessments for internal/external information assets. Lead the Incident response and forensics program for Connecticut Children's Medical Hospital to ensure the confidentiality, integrity and availability of enterprise information resources. Provide recommendations to balance cyber risks and enable the business in a secure manner. Improve the overall security posture to meet the expanding and changing business needs of the organization. Education and/or Experience Required: Education Required: Bachelor's degree in Information Systems or equivalent Experience Required: Minimum of six (6) years of enterprise security related work experience. Minimum of four (4) years incident response/forensics experience. Previous 24 x 7 operations experience License and/or Certification Required: Required: Certified Information Systems Security Professional (CISSP) within 1 year of hire. Preferred: CISM, PCI QSA, GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA). Knowledge, Skills and Abilities: Knowledge Experience and proficiency with: Anti-Virus, HIPS, IDS/IPS, Network Captures, Host-Based & Network Forensics. Knowledge of Linux, UNIX, Windows OS, Active Directory and other operating systems. Knowledge of database platforms such as MS SQL, Oracle, and MySQL. Experience with a scripting language (e.g. Powershell, Python) Skills: Excellent written communication and presentation skills with the ability to present complex security issues to a variety of audiences, including senior executives Abilities: Must be self-directed, able to manage individual projects or act as part of a larger team Experienced in performing security audits, risk analysis, forensics and penetration testing. Actively monitor systems and networks for potential intrusions. Lead, conduct and maintain security risk assessments, identify security vulnerabilities, develop recommendations, document findings and remediation plans. Manage remediation plans toward closure. Define security standards & incident response plans to detect, respond and recover from security incidents using a risk based methodology. Develop and document security policies and procedures, training and awareness. Serve as a security expert reviewing and recommending security controls for network, application designs, operating systems, endpoint protection, mobile device implementations of new/updated applications and services. Ensure business and technical requirements are aligned to security policies and are implemented within regulatory and corporate compliance. Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; related to forensics and incident response.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************