Cyber security analyst jobs in Richmond, VA

Immediate need for a talented Cloud Security Engineer.This is a 12+ Months contract opportunity with long-term potential and is located in Richmond, VA USA (Onsite) Please review the job description below and contact me ASAP if you are interested. Job Diva ID: 25-95757 Pay Range: $80 - $84/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Wiz Platform Deployment & Ownership CSPM, CWPP, CI/CD Integration & Remediation Alerting, Monitoring & Incident Response Integration Remediation, Ownership & Continuous Improvement Cloud Security Engineering & Architecture playbook creation. Leadership, Strategy & Governance Develop and maintain the technical IT/cyber capabilities including all phases of the software development lifecycle and software stack which includes threat modeling of application designs, static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST), and penetration testing. Lead efforts related to designing, planning, enhancing, and testing all Cloud cybersecurity technologies used throughout the enterprise including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies. Analyze information to determine, recommend, and plan the use of new Cloud information security technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload, efficient operation and effective use of allotted resources Lead the implementation of new Cloud security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff Use sophisticated analytical thought through models, testing, and experience to exercise judgment and identify innovative solutions. Responsible for technical support of Cloud security technologies providing expert problem analysis and resolution in a timely manner. Creation of CI/CD automation leveraging Terraform for Cloud Security Services and Modules Leads teams or projects with moderate resource requirements, risk, and complexity. Key Requirements and Technology Experience: Key Skills; Cloud Security, AWS/Azure/GCP, Wiz platform Bachelor's degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security Previous experience in leading complex IT projects 10+ years Cloud Security experience 6+ years securing AWS/Azure/GCP Deep expertise in Wiz platform Strong experience with CSPM, CWPP, CI/CD security Strong automation and scripting background Experience in Global 100 or Fortune 50 environments Wiz Architect/Practitioner certifications AWS/Azure/GCP security certifications Banking or financial services experience. Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.) Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.) Certification in Information Security Management (e.g. Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM)), or related security certification(s) Our client is a leading Banking Industry , and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. By applying to our jobs, you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Title: Cyber Security Engineer State Role Title: Info Technology Specialist III Hiring Range: $ 111,000 - $140,000 Pay Band: 6 Recruitment Type: General Public - G Job Duties Performance Management (for employees who supervise others) • Serves in a managerial/supervisory capacity to conduct performance management activities and ensure onboarding/offboarding and training for staff • Establishes and reviews work assignments and priorities and implements performance improvement strategies and/or problem resolution for related issues, in conjunction with program management and Human Resource staff • Ensures relevant training and workplace safety for staff • Conducts required performance monitoring and appraisals, establishes clear performance expectations, addresses deficiencies in a timely manner, and documents underperformance in accordance with state guidelines Supports employee growth through regular feedback, coaching, and professional development opportunities Data Protection & Security Implementation • Performing remote or onsite PenTests on all VDH systems, networks, and applications to identify security weaknesses • Analyze the vulnerabilities and mitigation methods and provide reports which include findings, risks, and conclusions • Recommend security improvements and methods to mitigate security risks • Work with VDH IT to determine their testing requirements and create and implementing new penetration testing methods, scripts, and tool • Develop and implement strategies to safeguard computer data against accidental or unauthorized access, modification, destruction, or other breaches. • Ensure the integrity of data and systems by conducting regular vulnerability scans, security checks, and updates. • Ensure that the latest security patches are installed across systems in a timely manner. • Oversee the maintenance and functionality of anti-virus protection systems, ensuring the latest threat definitions are applied. • Monitor for new vulnerabilities and respond promptly to emerging security threats. • Conduct regular risk assessments to evaluate the security posture of data processing systems. • Ensure that sensitive and confidential information is appropriately encrypted when transmitted across networks to prevent unauthorized access. • Must have extensive knowledge of SIEM tool such as Splunk. Must be able to on-board new data sources and Ingest logs. • Periodic review of Errors/warnings reported by internal Splunk logs ▪ Log normalization (CIM); monitoring to ensure nothing has changed (e.g., CIM compliant logs have not changed in structure). • Expanding log source collection of an existing source type • Custom script development (e.g., for data collection or integration to non-standard products) • Deployment Server management to distribute Splunk Universal Forwarder (UF) instances • Syslog servers that collect data from infrastructure systems (firewalls, IDS, UPS or other syslog generating device) • Splunk heavy forwarders which can collect information from various databases or third-party systems Technical Assistance & User Training • Maintain overall system security, improve server and network efficiency, and train users to promote security awareness and best practices. • Address security concerns through user education and tailored security protocols. • Work closely with internal users to understand and support a variety of technical issues, including data access needs, security violations, and programming modifications. • Serve as a point of contact for users requiring assistance with security-related concerns. • Modify computer security files to incorporate new software, correct errors, or change individual access status. Systems Maintenance & Coordination • Adapt and update security processes, applications, and tools to address evolving software requirements and correct identified errors. • Coordinate and schedule the implementation of data security protocols, ensuring compliance with both internal policies and external vendor requirements. • Collaborate with vendors and internal staff to ensure that security measures align with organizational goals. • Works closely and collaboratively with the information technology team for resolving issues • Coordinates with IT and Business teams to address security issues in a collaborative manner • Coordinates security audit issues between Auditors and IT and works as a team Documentation & Other Duties • Knowledge of NISTm800-53r5 • Document and maintain clear policies, procedures, and guidelines related to computer security and emergency response measures. • Develop and manage security documentation for both compliance and operational reference. • Supports special projects as assigned. • May perform other duties as assigned; may be required to assist in the event of an emergency declaration. Other duties as assign Minimum Qualifications • Experience in cybersecurity, data protection, and risk management. • In-depth knowledge of security principles, firewalls, anti-virus software, encryption, and vulnerability testing. • Strong understanding of network protocols, security technologies, and system administration. • Ability to collaborate effectively with users, vendors, and internal teams. • Strong analytical skills and attention to detail in assessing risk and security needs. • Excellent communication skills, both written and verbal. Additional Considerations • Advanced knowledge in Computer Science, Information Security, or a related field. • Certification in cybersecurity (e.g., CISSP, CISM, CompTIA Security+, CC) is desirable. Special Instructions You will be provided a confirmation of receipt when your application and/or résumé is submitted successfully. Please refer to “Your Application” in your account to check the status of your application for this position. VDH accepts only on-line applications. Faxed, mailed, or e-mailed applications will not be considered. Applications are accepted until 11:55 p.m. on the job closing date. Applications and/or resumes should include relevant work history which indicates your qualifications for this position. Supplemental questions are encouraged to be answered in a comprehensive manner and reference any pertinent knowledge, skills, and abilities as well as any previous experience that relates to the position. Employment is contingent upon satisfactory results of a state and federal criminal history background check and the Department of Social Service's Child Abuse and Neglect Central Registry check, U.S. HHSIG Exclusion List check, employment reference check and E-Verify. Other financial, credit, driving, background checks or completion of Statement of Economic Interests may be required for certain positions It is the policy of the Commonwealth and VDH that all aspects of human resource management be conducted without regard to race (or traits historically associated with race including hair texture, hair type, and protective hairstyles such as braids, locks, and twists); sex; color; national origin; religion; sexual orientation; gender identity or expression; age; veteran status; political affiliation; disability; genetic information; and pregnancy, childbirth, or related medical conditions. VDH employees have a shared Code of Ethics, which can be found in the bottom banner of our website: ********************* If you have been affected by DHRM Policy 1.30 layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card), you must submit the card before the closing date for this position. The Card may be submitted with the state application as an attachment. As a V3 (Virginia Values Veterans) employer VDH Welcomes Veterans to apply! Contact Information Name: Lindsay Schneider Phone: ********** Email: ********************************** In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at ************. Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Join the Market Leader in Electric Power Data and Analytics Solutions The electrical grid is the largest and most complicated machine ever built. Yes Energy's industry-leading electric power trading analytics software provides real-time visibility into the massive amount of data generated by the North American electrical grid daily. Our unique and innovative view of the data informs real-time trading decisions and mid-to-long-term investment decisions that keep utility prices low, support the energy transition, and keep the grid running. It's both challenging work and work with a purpose. Be a part of our successful, growing business during international transformation. Position Summary As a Security Analyst II, you will be helping keep the grid safe and our customers secure. You will be part of our growing Security & Compliance team, building security automations, creating baselines for on-premises and cloud environments, assisting teams with vulnerability scans and management, supporting our compliance team with evidence gathering and audits, and more. This is an opportunity to be part of a small team with increasing importance and responsibility. You will help Yes Energy stay secure into the future. Position Details Salary range: 80,000 - 95,000 Location: Yes Energy Core Offices or Remote Full-time Reporting to: Senior Manager, IT and Compliance Travel requirement: up to 15% to Yes Energy's core offices Primary Responsibilities Review and triage findings from vulnerability scans, penetration tests, and configuration assessments to identify potential security risks. Work with DevOps, engineers, and system owners to remediate vulnerabilities across multi-cloud and on-prem assets. Support secure configuration baselines for AWS, Azure, and Oracle Cloud resources. Monitor cloud environments for misconfigurations and suspicious activity. Assist with IAM policy reviews and privilege audits. Write scripts (Python, PowerShell, or Bash) to automate detection, reporting, or remediation of security issues. Integrate security tools and data into dashboards or workflow systems (e.g., Jira, SIEM, or ticketing). Provide technical evidence and control implementation support for SOC 2, ISO 27001, or customer security assessments. Partner with the compliance team to map technical controls to framework requirements. Assist with incident triage, response, and root cause analysis. Support endpoint protection, log monitoring, and threat intelligence initiatives. Minimum Qualifications Bachelor's degree in a related field or equivalent related experience Minimum of two years of experience with security exposure in information security, systems administration, or DevOps. Proficient in at least one scripting language (Python, PowerShell, or Bash). Strong understanding of operating systems, networking, and cloud fundamentals. Knowledge of security frameworks such as NIST Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7, AWS Inspector, or Microsoft Defender). Working knowledge of AWS, Azure, and/or Oracle Cloud security controls and services. Comfortable working cross-functionally with engineering, IT, and compliance teams. Knowledge, Skills, and Abilities Ability to travel up to 15% to assist in team building and planning exercises. Strong, professional communication skills, both verbal and written, including the skill in articulating and translating technical language to non-technical customers. Ability to plan for contingencies and anticipate problems. Ability to ask critical questions to assess needs and requirements Preferred Qualifications Experience with SIEM or SOAR platforms (e.g., Splunk, Microsoft Sentinel). Familiarity with infrastructure such as code (Terraform, CloudFormation). Exposure to compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53. Security certifications (Security+, GSEC, AWS Security Specialty, or similar). Endpoint Security/Patching/Inventory experience At Yes Energy, we value connecting directly with candidates. We kindly ask that third-party recruiters and agencies not submit resumes, as we are not open to external recruiting partnerships. ABOUT YES ENERGY Overview Yes Energy delivers real-time market data and electric power trading decision solutions. Over 1,000 market participants use Yes Energy solutions daily. The business is a leader in all aspects of information content collection and management, developing and delivering data and market analytics solutions. Since its inception in 2008, Yes Energy has become a trusted and respected supplier of innovative and reliable solutions focused on the needs of power market analysts, traders, and trade managers. Yes Energy has a team of over 350 amazing professionals in Boulder, CO (HQ); Boston, MA; Chicago, IL; Glendora, CA; Richmond, VA; London, United Kingdom; Auckland, New Zealand, Tokyo, Japan; and Bucharest, Romania. Culture Yes Energy has been named one of the Best Places to Work in Colorado, and we have the culture to prove it. At Yes Energy, we care about saying “Yes” to customers. We like to listen, learn, and develop our solutions in line with their needs. We think about customers as business partners, and when we help them be more successful … we are more successful, too. Around the office, our culture is driven by some pretty fundamental values that we're proud of: We love innovation and solving tough challenges; We are “high standards people” who combine passion and pride with hard work and rewards of all kinds-- in an ethic that is consistent across the company; We're team-focused with a flat hierarchy-- we work in small teams on well-defined projects that directly impact the success of the business; We play to the strengths and experience of each person while each of us also works along a continuum of roles adjacent to our focus area. This presents the challenge of maintaining a broad set of skills as well as an opportunity to learn and contribute in many ways; We are constantly growing. Professional development happens every day and every year. Compensation and Benefits We offer highly competitive salaries and real bonuses that are achievable and that you can impact. Our benefits package is also very competitive, including medical insurance, a 401 (k) Plan with matching, flexible vacation, and flexible work schedules. Yes Energy encourages and funds investment in both formal and informal professional development. At Yes Energy, we are dedicated to building a diverse, inclusive, and authentic workplace. If you're excited about this role but your experience doesn't perfectly align with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles. In accordance with Colorado law, the range provided is Yes Energy's reasonable estimate of the base compensation for this role. The actual amount may be higher or lower based on non-discriminatory factors such as location, experience, knowledge, skills, and abilities. Yes Energy provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Yes Energy complies with applicable state and local laws governing nondiscrimination in employment in every location where the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

This position description is subject to change at any time as needed to meet the requirements of the program or company. Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. As a Cyber Security Engineer with AFGES, you will be responsible for the Risk Management Framework (RMF) activities at 51 separate locations. This role executes the day-to-day activities planning, implementing and executing overall RMF activities. The Cyber Security Engineer will interact with government leads, subcontractors / vendors, and network administrators. #clearance Responsibilities Major Job Activities: + This Cyber Security Engineer role works closely with a Sr. Cyber Security Engineer. + Assists the Sr. Engineer in the planning, execution, mitigation and reporting of Security Technical Implementation Guide (STIG) and Security Requirements Guides (SRG). + Ongoing Vulnerability Monitoring and scanning. + Set up, operate and maintain a test lab. + Test patches, upgrades, and changes before implementing to field. + Respond to system update and patching failures. + Oversite of 51 existing remote field networks. + Interaction with Golf Club Management Software vendor. + Create and update all RMF related documentation (ex. Topology, Network Component Inventory, Various plans to include Plan of Action and Milestones (POAM). + Provide support to develop and maintain MS Project Master Schedule. + Contribute to Program Management Plan and Program reporting as needed. + Work non-business hours when required to avoid disrupting operations. Material & Equipment Directly Used: + Proficient with MS Office Suite (Excel, Word, PowerPoint). + Proficient with MS Project Working Environment: Office environment with potential to support austere locations. Physical Activities: Must be able to lift / carry 50 lbs. Qualifications Education / Certifications: + Technical BA / BS Degree + IAT Level II related certifications (or higher): + CompTIA Security+ CE + Cisco Certified CyberOps Associate + CySA + + GSEC + SSCP Experience: + 10 years of related experience with a BA / BS degree. Clearance Requirement: + Candidates must possess or be able to obtain a favorable IT-I, IT-II, or IT-III Public Trust Clearance. Skills & Technology Used: + In-depth experience with multiple disciplines across computing environment: + System Administration (Windows Endpoints and Windows Servers) + Networking / VPN + Code Development + Compute Infrastructure Setup + Remote Maintenance + Expertise with DoD RMF process, eMASS, and attaining system ATOs. + Development of system artifacts required for ATO packages. + Configuration and use of ACAS, STIGs, SCAP, ENS / ESS, MS Defender. + Scripting and process automation. + Proficient with MS Office Suite (Excel, Word, PowerPoint). + Proficient with MS Project. + Preferred - Experience with Beyond Trust access security software application. At V2X, we are deeply committed to both equal employment opportunity, including protection for Veterans and individuals with disabilities, and fostering an inclusive and diverse workplace. We ensure all individuals are treated with fairness, respect, and dignity, recognizing the strength that comes from a workforce rich in diverse experiences, perspectives, and skills. This commitment, aligned with our core Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation, and expand our success in the global marketplace, ultimately enabling us to best serve our clients.

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. Day Shift - 7.5 Hours (United States of America) We are seeking a detail-oriented and motivated Cyber Security Analyst (Level 1) to support our healthcare organization's mission of protecting patient data and ensuring compliance with HIPAA and other healthcare regulations. This entry-level role is ideal for individuals passionate about cybersecurity and eager to grow within a healthcare environment. Key Responsibilities: Monitor and analyze security alerts from healthcare systems, EHR platforms, and network infrastructure. Assist in the investigation and documentation of security incidents, including potential HIPAA violations. Support vulnerability scanning and patch management across clinical and administrative systems. Help maintain and enforce security policies, procedures, and incident response plans. Assist in documentation and presentation of findings from notable security investigations, including action items and lessons learned to drive ongoing security improvements. Act as first point of contact for security tickets and questions Participate in audits and risk assessments to ensure compliance with healthcare regulations (e.g., HIPAA, HITECH). Contribute to security awareness training for clinical and non-clinical staff. Stay informed on emerging threats, especially those targeting healthcare organizations. Required Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Health Informatics, or a related field (or equivalent experience). Basic understanding of healthcare IT systems and regulatory requirements (HIPAA, HITECH). Familiarity with security tools such as SIEM, antivirus, firewalls, and endpoint protection. Strong analytical and problem-solving skills. Excellent communication skills and ability to work in a team-oriented environment. Preferred Qualifications: Internship or experience in a healthcare IT or cybersecurity role. Certifications such as CompTIA Security+, HCISPP, or equivalent. Knowledge of EHR systems (e.g., Epic, Cerner) and medical device security is a plus. Work Environment: May involve hybrid or on-site work depending on facility needs. Participation in on-call rotation or after-hours incident response may be required Participation in on-call rotation or after-hours incident response may be required Salary Range: $65,000 - $80,000 Employment Non-Discrimination: Richmond University Medical Center is committed to equality of opportunity in all aspects of employment and provides full and equal employment opportunities to all employees and potential employees without regard to race, color, national origin, religion, gender identity, sex, sexual orientation, pregnancy, childbirth and related medical conditions and needs including lactation accommodations, physical or mental disability, age, immigration or citizenship status, veteran or active military status, genetic information, or any other legally protected status. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

Job Summary:Responsible for reducing the impact of information security incidents and system compromises. They do so by assisting with security monitoring, incident / event investigation and analysis, roleplay through tabletop events and "purple team" exercises, contributing to documentation and playbooks to ensure repeatable security-focused processes, participating with security and data privacy assessment as well as providing recommendation for endpoints, servers, and network infrastructure. They are responsible for the understanding and identification of indicators of compromise (IoC) as well as helping understand evidence of attack in alerts or monitoring, by hunting through data, systems and from review of investigation notes. Position has a moral and legal responsibility to uphold all local, state, and federal regulations especially in regards to security and data privacy. Job Responsibilities:• Perform security incident investigations and reporting according to the Incident Response Plan (IRP).• Perform industry best practice security and data privacy assessments for all third party vendors, contractors, consultants, auditors, applications (both on premise and cloud) as well as system-to-system connections on our internal and customer-facing networks.• Contribute to network and application penetration tests, vulnerability assessment scans, and patch management / vulnerability remediation strategy planning.• Monitor and advise on information security and data privacy issues related to the systems and their related data flows while ensuring internal security controls are appropriate and operating as intended.• Conduct security and data privacy research in keeping abreast of latest information security as well as data privacy events, issues, and trends.• Assist and support user and security posture awareness for IT teams as well as key information security partners for our customer facing servers, networks, and applications.• Participate in any breach analysis activities to help discover root cause.• Participate in disaster and business continuity recovery planning as well as plan execution should an event occur.• Analyze and provide security model planning input for cloud (SaaS) access and monitoring. Including protection recommendations associated with IT architecture for cloud and hybridized computing.• Provide support for compliance activities for SOX, PCI, CPNI, and data privacy regulations around PII, PHI, and financial data.• Actively participate in red team / blue team engagements led by more senior team members or by select management approved security partners.• Participate in threat modeling activities with more senior team members or with select management approved security partners. Qualification Requirements:• Education: Bachelor's degree in Computer Science, Network Administration, Cybersecurity, or a related field required; Master's degree preferred; relevant certifications and professional experience may be considered in lieu of formal education.• Experience Level: 5-7 years of Software Development, Network Administration, or Cyber Security experience is required.• Experience in securing applications (front end / back end, SaaS), servers, or networks is required. • Experience in the event log monitoring of computer systems is required.• Experience with industry standard security frameworks (e.g., NIST, CIS, OWASP, Mitre Att&ck) as well as experience with PII, PHI, CPNI, and PCI data handling requirements is required.• Experience in information security or data privacy investigative work is required.• 2-3 years of Splunk or SIEM experience is preferred.• Experience with SOX compliance is preferred.• Experience with mobile device management (MDM) is preferred. Job Skills & Knowledge:• Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate.• Capability to gather information, analyze and evaluate evidence, draw conclusions, and share that knowledge gained in an appropriate manner.• Ability to absorb intelligence information about threats and threat actors to help mitigate harmful events for the organization.• Ability to develop and analyze processes.• Understanding of security measures and testing at an application level that aim to prevent data or code from being stolen, manipulated, or hijacked.• Ability to identify detailed information risk and to apply governance compliance concepts and principles.• Must have excellent verbal and written skills.• Must be able to work effectively in a team environment.• Excellent capability to develop and document security architecture, assessment, and plans. Including strategic, tactical, and project plans.• Ability to develop security policies, procedures, standards, and guidelines.• Capability to work with a set of guidelines to help identify critical event data for additional analysis and escalation as appropriate. Knowledge of:• WSUS Management and Deployment, SCCM Package Building and Maintenance, Windows, Endpoint Protection and Compliance systems, Active Directory, Office 365, SIEM solutions.• Penetration/vulnerability test suites and compliance regulations (SOX, PCI, etc.)• Applicable knowledge of Information Technology, security and data privacy fundamentals, and networking. Certifications:• CompTIA Network+ and Security+ certifications required, or equivalent certifications demonstrating foundational knowledge in networking and security. Candidates with substantial hands-on experience may be considered in lieu of formal certification.• Computer Hacking Forensic Investigator (CHFI) or Certified Ethical Hacker (CEH) Certifications preferred.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoStar Group is on a mission to digitize the world's real estate, empowering all people to discover properties, insights and connections that improve their businesses and lives. We have been living and breathing the world of real estate information and online marketplaces for over 35 years, giving us the perspective to create truly unique and valuable offerings to our customers. We've continually refined, transformed and perfected our approach to our business, creating a language that has become standard in our industry, for our customers, and even our competitors. We continue that effort today and are always working to improve and drive innovation. This is how we deliver for our customers, our employees, and investors. By equipping the brightest minds with the best resources available, we provide an invaluable edge in real estate. We are expanding our enterprise Data Loss Prevention (DLP) program to accelerate impact. The program is live and producing results with Microsoft Purview, but we need more dedicated engineers. We are hiring a Lead DLP Engineer to design, scale, and operationalize Microsoft Purview-based protections across endpoints and Microsoft 365 workloads-partnering with Security Operations, Governance, Risk & Compliance (GRC), Legal/Privacy, and the business. As the Lead DLP Engineer, you will own the technical strategy, architecture, deployment, and ongoing operations of Microsoft Purview. You will build sustainable detection and prevention capabilities for data exfiltration and misuse, integrate DLP with enterprise workflows (incident response, exception management, change control), and provide clear metrics and executive reporting. This position can be located in Arlington, VA or Richmond, VA and is in office Monday through Thursday and work from home on Friday. Responsibilities * Own the enterprise DLP architecture and roadmap using Microsoft Purview across Exchange Online, SharePoint Online, OneDrive, Teams, Power BI, and Endpoint DLP on managed devices. * Design and implement data classification and labeling at scale (sensitivity labels, automatic/manual labeling, protection actions) aligned to the organization's data taxonomy. * Build, test, and tune DLP policies for high‑risk exfiltration vectors (email, cloud storage, chat, web uploads, endpoints: removable media, print, clipboard, Bluetooth, RDP, browser downloads). * Stand up and mature advanced classifiers and detections (Sensitive Information Types, Exact Data Match schemas, trainable classifiers) with continuous improvement cycles. * Integrate DLP with incident management and SOC workflows (alert triage, case management, evidence capture, automation) and with SIEM (e.g., Microsoft Sentinel) using KQL analytics. * Partner with Identity, Endpoint, and Collaboration teams to enforce device/user trust prerequisites, and with Compliance/Legal on retention, eDiscovery, and privacy-by-design. * Create enablement content: policy tips, just‑in‑time guidance, and training for end users and privileged administrators to reduce friction and false positives. * Establish exception and change management processes, including time‑bound exceptions with compensating controls and periodic recertification. * Publish dashboards and KPIs to leadership (coverage, alert volumes, true‑positive rates, MTTR, prevented exfiltration, policy drift). * Mentor junior engineers and act as the primary subject‑matter expert for Microsoft Purview DLP. Basic Qualifications * Bachelor's Degree required from an accredited, not for profit university or college. * A track record of commitment to prior employers * 8+ years in information security with 3-5+ years focused on enterprise DLP. * Hands‑on expertise deploying and operating Microsoft Purview Information Protection & DLP at 5k+ user scale, including Endpoint DLP and M365 workloads. * Practical experience with sensitivity labels, automatic and manual labeling, Sensitive Information Types, Exact Data Match (EDM), and trainable classifiers. * Proficiency with Kusto Query Language (KQL), PowerShell, and API/automation for policy management and reporting. * Experience integrating DLP with SIEM/SOAR, SOC runbooks, and incident/alert handling processes. * Strong stakeholder skills: partnering with Legal/Privacy, HR, Compliance, and business units; clear documentation and change management. * Working knowledge of data governance and regulatory drivers (e.g., SOX ITGC, PCI, HIPAA, GDPR/CCPA) as they relate to DLP and monitoring. Preferred Qualifications and Skills * Track record accelerating a Microsoft Purview rollout from pilot to enterprise adoption, with measurable risk reduction. * Experience with Defender for Cloud Apps integration, Defender XDR signal correlation, and Endpoint platform integrations (Intune, Windows, Mac). * Knowledge of Microsoft Information Protection (MIP) SDK, Power Automate, or Graph APIs to extend labeling and DLP workflows. * Certifications: SC‑400 (Microsoft Information Protection Administrator), SC‑200 (Security Operations Analyst), SC‑100 (Cybersecurity Architect), or IAPP (CIPM/CIPP). What's in it for You When you join CoStar Group, you'll experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed. We offer you generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with internal training, and tuition reimbursement. Our benefits package includes (but is not limited to): * Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug * Life, legal, and supplementary insurance * Virtual and in person mental health counseling services for individuals and family * Commuter and parking benefits * 401(K) retirement plan with matching contributions * Employee stock purchase plan * Paid time off * Tuition reimbursement * On-site fitness center and/or reimbursed fitness center membership costs (location dependent), with yoga studio, Pelotons, personal training, group exercise classes * Access to CoStar Group's Diversity, Equity, & Inclusion Employee Resource Groups * Complimentary gourmet coffee, tea, hot chocolate, fresh fruit, and other healthy snacks We welcome all qualified candidates who are currently eligible to work full-time in the United States to apply. However, please note that CoStar Group is not able to provide visa sponsorship for this position. #LI-DB3 CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing

WHO WE ARE Apex Systems is a leading global technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients' digital visions. We provide a continuum of services, including strategy and enablement, innovation and productivity, and technology foundations to drive better results and bring more value to our clients. Apex transforms our customers with modern enterprise solutions tailored to the industries we serve. Apex has a presence in over 70 markets across North America, Europe, and India. Apex is a part of the Commercial Segment of ASGN Incorporated (NYSE: ASGN). To learn more, visit ******************** At Apex Systems, we prioritize professional development, work-life balance, and fostering a collaborative culture. We value our teams well-being and recognize the importance of building strong relationships. Thats why we organize regular team-building events and philanthropic days to give back to the community - fostering a sense of purpose and fulfillment among our team. Join us for career advancement, innovative solutions, and a supportive environment focused on your success. JOB DESCRIPTION The Security Engineer at Apex Systems is responsible for designing, implementing, and maintaining advanced cybersecurity solutions to protect the organization's information systems and infrastructure. This role ensures that security is embedded throughout the lifecycle of hardware and software from evaluation and selection to installation and configuration by collaborating closely with IT teams and internal/external stakeholders. * Researches, designs, and implements information security solutions for Apex Systems' information systems and products in compliance with the organization's applicable security policies and standards. * Works with IT and internal/external customers to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and software. * Analyzes and makes recommendations to improve network, system, and applications. * Assists in the review and update of cyber security policies, architectures, and standards. * Assists in responding to audits, penetration tests and vulnerability assessments. * Designs and implements secure infrastructure solutions, including network security, configuration management, storage security, and identity and access management (IAM) based on security policies to prevent unauthorized access. * Conducts regular security assessments to identify vulnerabilities and potential risks. * Keeps abreast of the latest security threats, vulnerabilities, and attack methods. * Evaluates and implements new security technologies to address emerging threats. JOB REQUIREMENTS * Bachelor's Degree in Computer Science, Information Security, Cybersecurity, or related field OR equivalent combination of education and experience * 5+ years of experience in cybersecurity, previous experience in a security engineering role highly desired * Certified information systems security professional (CISSP) * Technical expertise in one or more of the following: VPN, firewall, network monitoring, intrusion detection, web server security and wireless security, and cloud technologies. * Practical experience with implementing security controls such as database security, web content filtering, anomaly detection and response, and vulnerability scanning * Understands business needs and has a commitment to delivering high-quality, prompt, and efficient service to the business * Understands organizational mission, values, and goals and consistently applies this knowledge * Experience with cybersecurity tools and techniques to automate security tasks, streamline incident response, and enhance overall security posture * Experience with relevant security standards and regulations that apply, such as the ISO family of standards and HIPAA. They should be able to assess compliance requirements and implement necessary controls to ensure adherence to these standards. * Strong knowledge of security engineering discipline in more than one of the following domains: network security, cloud-native security, endpoint security, or application security. * Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one * Strong problem-solving and troubleshooting skills * Experience with cybersecurity tools such as vulnerability scanners, network firewalls, cloud-native security, and penetration testing frameworks OUR COMPREHENSIVE BENEFITS * Competitive Salary * Health, Dental and Vision Insurance * Health Savings Accounts (HSA) with Employer Contribution * Flexible Spending Accounts * Long and Short-Term Disability * Life Insurance * Voluntary Benefits * Employee Assistance Program * Paid Parental Leave * Wellness Incentives * Vacation and Holiday Pay * 401(k) Retirement Plan with Employer Match * Employee Stock Purchase * Training and Advancement opportunities * Tuition Reimbursement * Birthdays Off * Philanthropic Opportunities * Referral Program * Partial Gym Membership Paid * Team Building Events * Discount Programs Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact [email protected]. EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact [email protected].

What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! Looking for a role that will have a meaningful impact on Security Engineering? We are looking for an individual to reduce enterprise risk through the secure design, implementation and administration of cybersecurity tools and helping to enhance department strategies to protect our customers, data, and associates. What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! The opportunity: We are seeking a Security Engineer to join our dynamic team, where you'll play a pivotal role in fortifying our company's internal network against unauthorized access and cyber threats. As a Security Engineer, you'll be at the forefront of our cybersecurity efforts, designing and implementing cutting-edge security strategies. You will have the chance to collaborate with a team of skilled security specialists to devise and execute robust architecture solutions that protect our digital assets. Your expertise will not only help mitigate potential damages during current attacks but also proactively identify and resolve hardware or software vulnerabilities before they become threats. In this role, you'll leverage your deep understanding of various hardware and software technologies, along with the Enterprise Security Framework, to drive innovative design solutions and provide strategic recommendations. Your insights and contributions will be crucial in shaping the security posture of our organization, ensuring that we stay ahead of evolving cyber risks. What you'll be doing: * Architect & Implement: Design and deploy cloud security architectures meeting business, security, and compliance needs. * Configuration Management: Secure cloud-based tools and mobile technology, ensuring safe access solutions. * Security Environments: Create and maintain testing environments for security solutions. * Risk Mitigation: Innovate security measures across on-premise and cloud environments. * Network Security Oversight: Manage cloud network security, including firewall approvals. * Automation & Scripting: Develop automation scripts for security needs. * Incident Response: Lead and strategize responses to cyber threats. * Secure Access Solutions: Implement secure authentication, authorization, and encryption strategies. * Cyber Threat Awareness: Stay updated on security trends and threats. * Change Management: Oversee security aspects of cloud changes and software deployments. * Policy Documentation: Document and enforce security policies and procedures. * Skill Development: Update and share technical knowledge on data protection. * Metrics & Reporting: Generate Cloud Security status metrics. * Mentorship & Leadership: Guide and mentor junior team members. * Operational Support: Maintain security tools and systems. * Compliance: Ensure compliance with regulations (NY State, PCI, GDPR, NIST). * Project Support: Evaluate and implement new security technologies. * Technical Resource: Serve as an expert for other departments. * Communication: Convey security issues and solutions clearly. * Additional Duties: Participate in incident response, change management, and system maintenance. Our must-haves: * 3+ years related work experience & industry certification in cyber security. * Bachelor's degree in Computer Science or Engineering with a focus on Cyber Security, Digital Forensics or related work experience/certification. * Security+ or similar industry approved certifications. Other certifications that are a plus: * ITIL, preferred * Certified Cloud Security Professional - ISC2 .org (CCSP) * Certified Information Systems Security Professional (CISSP) * Certificate of Cloud Security Knowledge - CSA (CCSK) * Information Systems Security Engineering Professional (ISSEP) * Microsoft Certified: Azure Fundamentals (MCAF) * Microsoft Certified Azure Administrator Associate (MCAAA) * Microsoft Certified: Azure Security Engineer Associate (MCASEA) #LI-Hybrid #DEIB US Work Authorization US Work Authorization required. Markel does not provide visa sponsorship for this position, now or in the future. Pay information: Who we are: Markel Group (NYSE - MKL) a fortune 500 company with over 60 offices in 20+ countries, is a holding company for insurance, reinsurance, specialist advisory and investment operations around the world. We're all about people | We win together | We strive for better We enjoy the everyday | We think further What's in it for you: In keeping with the values of the Markel Style, we strive to support our employees in living their lives to the fullest at home and at work. * We offer competitive benefit programs that help meet our diverse and changing environment as well as support our employees' needs at all stages of life. * All full-time employees have the option to select from multiple health, dental and vision insurance plan options and optional life, disability, and AD&D insurance. * We also offer a 401(k) with employer match contributions, an Employee Stock Purchase Plan, PTO, corporate holidays and floating holidays, parental leave. Are you ready to play your part? Choose 'Apply Now' to fill out our short application, so that we can find out more about you. Caution: Employment scams Markel is aware of employment-related scams where scammers will impersonate recruiters by sending fake job offers to those actively seeking employment in order to steal personal information. Frequently, the scammer will reach out to individuals who have posted their resume online. These "job offers" include convincing offer letters and frequently ask for confidential personal information. Therefore, for your safety, please note that: * All legitimate job postings with Markel will be posted on Markel Careers. No other URL should be trusted for job postings. * All legitimate communications with Markel recruiters will come from Markel.com email addresses. We would also ask that you please report any job employment scams related to Markel to ***********************. Markel is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of any protected characteristic. This includes race; color; sex; religion; creed; national origin or place of birth; ancestry; age; disability; affectional or sexual orientation; gender expression or identity; genetic information, sickle cell trait, or atypical hereditary cellular or blood trait; refusal to submit to genetic tests or make genetic test results available; medical condition; citizenship status; pregnancy, childbirth, or related medical conditions; marital status, civil union status, domestic partnership status, familial status, or family responsibilities; military or veteran status, including unfavorable discharge from military service; personal appearance, height, or weight; matriculation or political affiliation; expunged juvenile records; arrest and court records where prohibited by applicable law; status as a victim of domestic or sexual violence; public assistance status; order of protection status; status as a smoker or nonsmoker; membership or activity in local commissions; the use or nonuse of lawful products off employer premises during non-work hours; declining to attend meetings or participate in communications about religious or political matters; or any other classification protected by applicable law. Should you require any accommodation through the application process, please send an e-mail to the ***********************. No agencies please.

Number of positions: 1 Length: 12Months + Work Address: Richmond, VA 23219 Immediate interviews Web Cam Interview Elect - Cybersecurity Engineer Is Remote. Seeking an Azure Senior Security Engineer (Cybersecurity Engineer 3) with minimum 5 years experience to work with an existing software development team. You will be working with our more established contractors and staff to focus on several web and Windows applications used both by internal staff and constituents of the Commonwealth of Virginia. The candidate will need expertise in all aspects of IT security and cloud security and experience working in an Agile/Scrum development environment interacting with technical and non-technical stakeholders. Candidate will need to have extensive knowledge of cybersecurity practices, industry security standards, and regulatory standards. A bachelors degree and/or applicable recognized industry certifications are strongly desired and will help you stand out in this position. using mobile and responsive design practices, so a familiarity with these methodologies would be a plus. Required/Desired Skills Candidates must have ALL the Required skills in order to be considered for the position. Desired or Highly Desired skills are a PLUS but may NOT be required. Skill Matrix (Please fill the last two columns of this matrix) Experience with Business workflow processes Required / Desired Amount of Experience Years of Experience Last Used 5+ years in IT security or cloud security roles required. Required 5 Years 3+ years of hands-on experience securing Azure environments Required 3 Years Bachelors degree in Computer Science, Cybersecurity, or related field or equivalent work experience required. Required 5 Years Relevant certifications (MS Certified Cybersecurity Architect Expert, Azure Security Engineer Associate (SC-300), CompTIA Security+, CISSP, CISM Highly desired 5 Years Experience with Azure Security Services (Azure Defender, MS Sentinel, Azure Key Vault, Azure Policy and Blueprints, Azure Security Center) required. Required 5 Years Experience with Azure Active Directory (AAD), including conditional access, MFA, and identity protection required. Required 5 Years Extensive knowledge of PIM and RBAC required Required 5 Years Experience with NSGs, ASGs, VPN, ExpressRoute, and hybrid connectivity security required Required 5 Years Ability to implement and moitor compliance with regulatory standards such as NIST, ISO 27001, GDPR, etc. is required Required 5 Years Extensive knowledge of threat modeling and vulnerability management, SIEM/SOAR tuning and response workflows, and security alert triage and forensics Required 5 Years Ability to perform scripting and automation using PowerShell, Bicep, ARM templates, or Terraform Required 5 Years Ability to perform perform integration with CI/CD pipelines for secure deployments (GitHub Actions, Azure DevOps) Required 5 Years Ability to create and deliver security architecture reports and documentation Required 5 Years Experience in risk assessment and mitigation strategies Required 5 Years

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

This position description is subject to change at any time as needed to meet the requirements of the program or company. Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. As a Senior Cyber Security Engineer, you will be responsible for overseeing the Risk Management Framework (RMF) activities at 51 separate locations. This senior-level role leads the day-to-day activities planning, implementing and executing overall RMF activities. The Senior Cyber Security Engineer serves as the primary interface between government leads, subcontractors / vendors, Cyber Engineering and network administrators. #clearance Responsibilities Major Job Activities: + This Senior role acts as supervisor to Cyber Security Engineer. + Manages the planning, execution, mitigation, and reporting of Security Technical Implementation Guide (STIG) and Security Requirements Guides (SRG). + Ongoing Vulnerability Monitoring and scanning. + Set up, operate and maintain a test lab. + Test patches, upgrades, and changes before implementing to field. + Respond to system update and patching failures. + Management of 51 existing remote field networks. + Interaction with Golf Club Management Software vendor. + Create and update all RMF related documentation (ex. Topology, Network Component Inventory, Various plans to include Plan of Action and Milestones (POAM). + Develop and maintain MS Project Master Schedule. + Contribute to Program Management Plan and Program reporting as needed. + Work non-business hours when required to avoid disrupting operations. Material & Equipment Directly Used: + Proficient with MS Office Suite (Excel, Word, PowerPoint). + Proficient with MS Project Working Environment: Office environment with potential to support CONUS and OCONUS locations. Physical Activities: Must be able to lift / carry 50 lbs. Qualifications Education / Certifications: + Technical BA / BS Degree + IAT Level III related certifications: + CASP + + CCNP + Certified Information Systems Security Professional (CISSP) + GCED + GCIH Experience: + 15 years of related experience with a BA / BS degree. Clearance Requirement: + Candidates must possess or be able to obtain a favorable IT-I, IT-II, or IT-III Public Trust Clearance. Skills & Technology Used: + In depth experience with multiple disciplines across computing environment: + System Administration (Windows Endpoints and Windows Servers) + Networking / VPN + Code Development + Compute Infrastructure Setup + Remote Maintenance + Expertise with DoD RMF process, eMASS, and attaining system ATOs. + Development of system artifacts required for ATO packages. + Configuration and use of ACAS, STIGs, SCAP, ENS / ESS, MS Defender. + Scripting and process automation. + Proficient with MS Office Suite (Excel, Word, PowerPoint). + Proficient with MS Project. + Preferred - Experience with Beyond Trust access security software application. Supervisory / Budget Responsibilities: Provide overall planning and daily supervision to Cyber Security Engineer. At V2X, we are deeply committed to both equal employment opportunity, including protection for Veterans and individuals with disabilities, and fostering an inclusive and diverse workplace. We ensure all individuals are treated with fairness, respect, and dignity, recognizing the strength that comes from a workforce rich in diverse experiences, perspectives, and skills. This commitment, aligned with our core Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation, and expand our success in the global marketplace, ultimately enabling us to best serve our clients.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! Looking for a role that will have a meaningful impact on Security Engineering? We are looking for an individual to reduce enterprise risk through the secure design, implementation and administration of cybersecurity tools and helping to enhance department strategies to protect our customers, data, and associates. What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! The opportunity: We are seeking a Security Engineer to join our dynamic team, where you'll play a pivotal role in fortifying our company's internal network against unauthorized access and cyber threats. As a Security Engineer, you'll be at the forefront of our cybersecurity efforts, designing and implementing cutting-edge security strategies. You will have the chance to collaborate with a team of skilled security specialists to devise and execute robust architecture solutions that protect our digital assets. Your expertise will not only help mitigate potential damages during current attacks but also proactively identify and resolve hardware or software vulnerabilities before they become threats. In this role, you'll leverage your deep understanding of various hardware and software technologies, along with the Enterprise Security Framework, to drive innovative design solutions and provide strategic recommendations. Your insights and contributions will be crucial in shaping the security posture of our organization, ensuring that we stay ahead of evolving cyber risks. What you'll be doing: Architect & Implement: Design and deploy cloud security architectures meeting business, security, and compliance needs. Configuration Management: Secure cloud-based tools and mobile technology, ensuring safe access solutions. Security Environments: Create and maintain testing environments for security solutions. Risk Mitigation: Innovate security measures across on-premise and cloud environments. Network Security Oversight: Manage cloud network security, including firewall approvals. Automation & Scripting: Develop automation scripts for security needs. Incident Response: Lead and strategize responses to cyber threats. Secure Access Solutions: Implement secure authentication, authorization, and encryption strategies. Cyber Threat Awareness: Stay updated on security trends and threats. Change Management: Oversee security aspects of cloud changes and software deployments. Policy Documentation: Document and enforce security policies and procedures. Skill Development: Update and share technical knowledge on data protection. Metrics & Reporting: Generate Cloud Security status metrics. Mentorship & Leadership: Guide and mentor junior team members. Operational Support: Maintain security tools and systems. Compliance: Ensure compliance with regulations (NY State, PCI, GDPR, NIST). Project Support: Evaluate and implement new security technologies. Technical Resource: Serve as an expert for other departments. Communication: Convey security issues and solutions clearly. Additional Duties: Participate in incident response, change management, and system maintenance. Our must-haves: 3+ years related work experience & industry certification in cyber security. Bachelor's degree in Computer Science or Engineering with a focus on Cyber Security, Digital Forensics or related work experience/certification. Security+ or similar industry approved certifications. Other certifications that are a plus: ITIL, preferred Certified Cloud Security Professional - ISC2 .org (CCSP) Certified Information Systems Security Professional (CISSP) Certificate of Cloud Security Knowledge - CSA (CCSK) Information Systems Security Engineering Professional (ISSEP) Microsoft Certified: Azure Fundamentals (MCAF) Microsoft Certified Azure Administrator Associate (MCAAA) Microsoft Certified: Azure Security Engineer Associate (MCASEA) #LI-Hybrid #DEIB US Work Authorization US Work Authorization required. Markel does not provide visa sponsorship for this position, now or in the future. Pay information: Who we are: Markel Group (NYSE - MKL) a fortune 500 company with over 60 offices in 20+ countries, is a holding company for insurance, reinsurance, specialist advisory and investment operations around the world. We're all about people | We win together | We strive for better We enjoy the everyday | We think further What's in it for you: In keeping with the values of the Markel Style, we strive to support our employees in living their lives to the fullest at home and at work. We offer competitive benefit programs that help meet our diverse and changing environment as well as support our employees' needs at all stages of life. All full-time employees have the option to select from multiple health, dental and vision insurance plan options and optional life, disability, and AD&D insurance. We also offer a 401(k) with employer match contributions, an Employee Stock Purchase Plan, PTO, corporate holidays and floating holidays, parental leave. Are you ready to play your part? Choose ‘Apply Now' to fill out our short application, so that we can find out more about you. Caution: Employment scams Markel is aware of employment-related scams where scammers will impersonate recruiters by sending fake job offers to those actively seeking employment in order to steal personal information. Frequently, the scammer will reach out to individuals who have posted their resume online. These "job offers" include convincing offer letters and frequently ask for confidential personal information. Therefore, for your safety, please note that: All legitimate job postings with Markel will be posted on Markel Careers. No other URL should be trusted for job postings. All legitimate communications with Markel recruiters will come from Markel.com email addresses. We would also ask that you please report any job employment scams related to Markel to ***********************. Markel is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of any protected characteristic. This includes race; color; sex; religion; creed; national origin or place of birth; ancestry; age; disability; affectional or sexual orientation; gender expression or identity; genetic information, sickle cell trait, or atypical hereditary cellular or blood trait; refusal to submit to genetic tests or make genetic test results available; medical condition; citizenship status; pregnancy, childbirth, or related medical conditions; marital status, civil union status, domestic partnership status, familial status, or family responsibilities; military or veteran status, including unfavorable discharge from military service; personal appearance, height, or weight; matriculation or political affiliation; expunged juvenile records; arrest and court records where prohibited by applicable law; status as a victim of domestic or sexual violence; public assistance status; order of protection status; status as a smoker or nonsmoker; membership or activity in local commissions; the use or nonuse of lawful products off employer premises during non-work hours; declining to attend meetings or participate in communications about religious or political matters; or any other classification protected by applicable law. Should you require any accommodation through the application process, please send an e-mail to the ***********************. No agencies please.