Cyber security analyst jobs in Roswell, NM

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **For candidates residing within a 50-mile radius of a Highmark office, a hybrid work schedule of three days per week (Tuesday, Wednesday, and Thursday) in the office is required.** The Cyber User Behavior Engineer is a pivotal role at Highmark, dedicated to enhancing our organization's security by cultivating a robust "security-first" culture. This individual will lead the design, implementation, and ongoing management of comprehensive security awareness programs. Their primary responsibility will be to educate, train, and inspire all Highmark employees to effectively identify and report security threats, ensuring adherence to Highmark's security policies and industry best practices. This role is crucial in minimizing human-centric security risks and fostering a vigilant and informed workforce. **ESSENTIAL RESPONSIBILITIES** + Develop, implement, and continuously improve a proactive program to identifying internal threats. + Establish close relationships with business stakeholders outside of the security discipline, working closely with privacy, physical security, fraud, legal, human resources and senior leadership. + Perform predictive analysis of behavior, anomalies, and concerns to identify internal threats. + Execute campaigns designed to improve enterprise security posture. + Continually enhance insider risk program to increase efficiencies and measure program effectiveness and report accordingly on progress. + Utilize change management methodologies to mitigate identified security risks. + Provide insider threat support to security operations and incident response teams in advance of and during cyber security incidents. + Ensure clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, identifying impact to the business and to consumers, helping shape remediation, and developing external and internal communications. + Ensure the education and awareness program is aligned with the Information Security Program, Policies and Standards. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Business Education, Marketing or Information Systems **Substitutions** + Six (6) years relevant, progressive experience **Preferred** + Bachelors in Information Security **EXPERIENCE** **Required** + 3 years in IT or IT Security Focus + 3 years of Insider Threat Program focus To include: + 3 years with Human Intelligence (HUMINT) **OR** as an Open-source Intelligence Analyst **Preferred** + 1-3 years in a Security Awareness or adjacent role **LICENSES or CERTIFICATIONS** **Required** + None **Preferred** + Security + **OR** + GSEC **OR** + CISSP **OR** + CERT Insider Threat + SANS Security Awareness Professional (SSAP) Proofpoint Certified Security Awareness Specialist **SKILLS** + Change Management + Presentation Delivery + Prioritizing + Analytical and Logical Reasoning/Thinking + Communication Skills + Cyber Security + User Behavior + Continuous Improvement **Language (Other than English):** None **Travel Requirement:** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-based Teaches / trains others regularly Frequently Travel regularly from the office to various work sites or from site-to-site Rarely Works primarily out-of-the office selling products/services (sales employees) Never Physical work site required Yes Lifting: up to 10 pounds Occasionally Lifting: 10 to 25 pounds Rarely Lifting: 25 to 50 pounds Never **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272819

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

Direct hire. This is not a temp to perm or temp opening. Seeking IA Security Analyst. Must be US Citizen and have minimum interim Secret clearance If you do not have a clearance, client can attain an interim Secret for you. Pay up to $82,000 a year with full benefits but would depend on experience. CISSP highy desired but would be required within 6 months of start. Relocation candidates will also be considered and available. Project/Contract Overview: Under general direction, provide support to White Sands Missile Range Information Management Directorate (IMD). IMD includes equipment, supplies, facilities, transportation, tools, materials, supervision, and other items and non-personal services necessary to Information Technology (IT) Management Support Services to maintain the Army's Information System (IS) infrastructure, throughout the White Sands Missile Range (WSMR), New Mexico. Job Description: As part of an enterprise application Team (approx. 60 members), perform the following functions: Support and eventually serve as the ISSO for government program, providing support for all RMF steps, including: Categorize, assess, select, and implement security controls. Provide authorization of information systems in AOR and provide continuous monitoring. Develop, maintain, and track the security plan for mission systems. Register Information systems with appropriate DoD RMF Offices, and in accordance with RMF and eMASS directives. Prepare Plans of Actions and Milestones (POA&Ms), based on the finding and recommendations of the security assessment reports. Assemble security authorization packages and submit them to the Authorizing Official (AO) Provide network monitoring and scanning functions including: IAVA, anti-virus, and wireless scanning Implement cybersecurity policies, reporting, scans, and IAVAs Provide Tier 2 assistance to staff needing assistance with IA issues Support various IA and vulnerability reporting requirements Work with a team to identify gaps, trends, and long-term strategies to mitigate IA risks. Job Requirements: 5+ years of IA/Cyber experience B.S degree in Information Technology or related field. CompTIA Security+ ce certification SECURITY CLEARANCE: Active Secret (with ability to obtain higher level clearance) Must obtain IAM Level II certification (e.g., CISSP) within 6 months of hire Working knowledge of IA tools: COTS software/hardware, and network products, including Windows OS, MS Office, Remedy, Firewalls, etc IAVA tools, including, ACAS, WSUS, HBSS, etc Knowledge of RMF and eMASS contro Information Assurance policies and procedures Additional Information about Position and Company Salary: up-to $82,000/year (depending on current certification) Job location: White Sands Missile Range, NM Company benefits: Medical/dental 401(k) plan: 4% matching, no restrictions 3 weeks PTO 10 Federal Holidays Long- and short-term Disability coverage Company sponsored Life Insurance coverage Hiring Referral Bonus

MUST BE A UNITED STATES CITIZEN MUST HAVE INTERIM TOP SECRET CLEARANCE OR HIGHER 100% ONSITE - WHITE SANDS MISSILE RANGE (WSMR), WHITE SANDS, NEW MEXICO SALARY IS DEPENDENT UPON THE CANDIDATE'S SKILLS, EXPERIENCE, EDUCATION AND CERTIFICATIONS SALARY RANGE: $110K - $130K HIGH END OF THE SALARY RANGE IS CONSIDERED FOR THOSE WHO EXCEED QUALIFICATIONS IN A REQUIRED AREA Soft Tech offers competitive BENEFITS in the areas of: MEDICAL, DENTAL, VISION, 401K, Short Term Disability, Long Term Disability, Life Insurance, PTO, AND PAID HOLIDAYS Soft Tech Consulting is seeking a highly motivated, self-directed individual to fill the role of Cyber Engineer (RMF). We are looking for a Cyber Engineer (RMF) who is team-oriented with strong information assurance skills and experience. The selected individual will join a collaborative team environment where they will provide expertise and guidance for the project, including defining the projects objectives, facilitating quality control and assist in coordinating the efforts of team members in order to deliver the project according to plan. The Cyber Engineer (RMF) plays a strong role in client relations and project success. Key to the success of this position is the successful delivery of projects and effective communication to all levels of staff for reporting project status. Responsibilities Govern and monitor the IT security posture of network enclaves, unclassified and classified, as well as provide authority on Cybersecurity policies. Work closely with the client regarding policy creation, best business practices, and general Cybersecurity governance. Act as a POC for RMF Assess and Authorize (A&A) responsibilities and Cybersecurity inspection actions. Responsible for activities relating to Cybersecurity procedures and systems. Confer with and advise subordinates on administrative policies and procedures and resolving technical problems, priorities, and methods. Consult with and advise other support teams regarding internal controls and security procedures. Prepare activities and progress reports relating to the information systems audit function. Task for Cybersecurity- Support (Risk Management Framework (RMF) Assess & Authorize) Manage the Authority to Operate (ATO) lifecycle for associated systems. Develop Plan of Actions and Milestones (POA&M) for registered systems. Manage and maintain the System Security Plan (SP). Assess security controls in accordance with NIST SP 800-53. Possess knowledge of all NIST and CNSSI publications related to RMF and security controls for national security systems (NSS). Register new systems within eMASS as required. Create Assess-only RMF instances for software packages (NETCOM Certificate of Networthiness replacement). Develop and maintain System-level artifacts for associated systems within eMASS. Coordinate the development of technology-level artifacts with other teams. Advise other teams on STIG compliance and mitigation strategies. Ensure STIG checklists and associated artifacts for all technologies are reviewed, and validation results are posted to the client portal. Qualifications BA or BS Bachelor's Degree with 10+ years of overall applicable experience highly preferred. Minimum requirement is HS Diploma with 12+ years of overall applicable experience. Interim Top Secret clearance accepted at start, but ultimately requires Top Secret clearance. Must have Security+ certification (also desire any of the following: CAP, GSLC, CCNA, CASP). Experience in RMF Assess and Authorize (A&A) processes. Experience assessing security controls in accordance with NIST SP 800-53. Experience creating Assess-only RMF instances for software packages. Experience developing Plan of Actions and Milestones (POA&M). Must be able to work independently. Must have strong verbal and written communication skills. Must be able to follow instructions and provide support to all team members. About Us Soft Tech Consulting, Inc. is a woman and minority-owned business headquartered in Chantilly, VA. With contracts in both the public and private sectors in the DC metro area and across the country, Soft Tech is an organization made up of highly successful and talented Information Technology professionals offering enterprise class solutions for any size organization at great value. Soft Tech's mission is to help government organizations design, implement, and maintain mission critical Information Technology solutions. By focusing jointly on our employees and our customers, we are able to achieve our mission by providing each and every one of our customers with continuous quality customer support. Soft Tech Consulting, Inc. is an Equal Opportunity Employer.

Are you an Information Systems Security Officer looking for a place to make an impact every day? Serco has a place for you! Join our team today as the Information Systems Security Officer in support of our Ground-Based Electro-Optical Deep Space Surveillance (GEODSS) program in Socorro, New Mexico. This mission is vital to keeping existing satellites safe and to provide critical information to organizations launching new satellites in the future. One of the assets USSF uses to accomplish this mission is the Ground-based Electro Optical Deep Space Surveillance (GEODSS) System.This optical sensor is employed at three (3) different locations around the world (White Sands Missile Range, New Mexico; Diego Garcia, British Indian Ocean Territory; and Maui, Hawaii) and helps track the objects in deep space orbit (altitude of 10,000 to 45,000 km). In this role, you will: + Perform computer security assessments and implement required countermeasures; implement and maintain a site mission system and network Cybersecurity program. + Execute cybersecurity responsibilities protecting and defending information systems by ensuring the availability, integrity, confidentiality, authentication, and non-repudiation of data through the application of cybersecurity measures. + Protect ISs, their operating system, peripherals (media and devices), applications, and the information it contains against loss, misuse, unauthorized access, or modification. + Ensure all users and ISSOs receive COMPUSEC training. + Provide information to update system Assessment and Authorization (A&A) packages. + Review TEMPEST packages and provide documentation for TEMPEST package updates. Get to know your recruiter: (https://serco.kzoplatform.com/player/medium/**********937301809?embed=true&layout=fullscreen&overlay=false&auth=public) **Qualifications** To be successful in this role, you will have: + An active DoD Secret clearance. + An active DoD IAT Level II compliant certification + A high school diploma/GED + 2+ years' of relevant working experience + Ability to travel up to 10% of the time as needed. Additional desired experience and skills: + An active DoD Top Secret clearance + A bachelor's degree in computer science or other related field. + Working knowledge of Microsoft Windows OS and RedHat Linux and Tru64 UNIX Operating System. + An active DoD IAM Level III compliant certification + CISSP highly preferred If you are interested in supporting and working with our military and sailors and a passionate Serco team- then submit your application now for immediate consideration. It only takes a few minutes and could change your career! **Company Overview** Serco Inc. (Serco) is the Americas division of Serco Group, plc. In North America, Serco's 9,000+ employees strive to make an impact every day across 100+ sites in the areas of Defense, Citizen Services, and Transportation. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state, provincial and local governments, and commercial clients. While your place may look a little different depending on your role, we know you will find yours here. Wherever you work and whatever you do, we invite you to discover your place in our world. Serco is a place you can count on and where you can make an impact because every contribution matters. To review Serco benefits please visit: *********************************************************** . If you require an accommodation with the application process please email: ******************** or call the HR Service Desk at ************, option 1. Please note, due to EEOC/OFCCP compliance, Serco is unable to accept resumes by email. Candidates may be asked to present proof of identify during the selection process. If requested, this will require presentation of a government-issued I.D. (with photo) with name and address that match the information entered on the application. Serco will not take possession of or retain/store the information provided as proof of identity. For more information on how Serco uses your information, please see our Applicant Privacy Policy and Notice (**************************************** . Serco does not accept unsolicited resumes through or from search firms or staffing agencies without being a contracted approved vendor. All unsolicited resumes will be considered the property of Serco and will not be obligated to pay a placement or contract fee. If you are interested in becoming an approved vendor at Serco, please email ********************* . Serco is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. **Pay Transparency** Our Total Rewards package includes competitive pay, performance-based incentives, and benefits that promote well-being and work-life balance-so you can thrive both professionally and personally. Eligible employees also gain access to a wide range of benefits from comprehensive health coverage and health savings accounts to retirement plans, life and disability insurance, and time-off programs that support work-life balance. Program availability may vary based on factors such as contract type, location, hire date, and applicable collective bargaining agreements. Salary range: The range for this position can be found at the top of the posting. This range is provided as a general guideline and represents a good faith estimate across all experience levels. Actual base salary will be determined by a variety of factors, including but not limited to, the scope of the role, relevant experience, job-related knowledge, education and training, key skills, and geographic market considerations. For roles available in multiple states, the range may vary to reflect differences in local labor markets. In addition to base salary, eligible positions may include other forms of compensation such as annual bonuses or long-term incentive opportunities. Benefits HIGHLIGHTS - Comprehensible Benefits for Full-time Employees (Part-time members receive a customized package tailored to their role). + Medical, dental, and vision insurance + Robust vacation and sick leave benefits, and flexible work arrangements where permitted by role or contract + 401(k) plan that includes employer matching funds + Tuition reimbursement program + Life insurance and disability coverage + Optional coverages you can buy, including pet insurance, home and auto insurance, additional life and accident insurance, critical illness insurance, group legal, ID theft protection + Birth, adoption, parental leave benefits + Employee Assistance Plan that includes counseling conditions + Specific benefits are dependent upon the specific contract as well as whether the position is covered by a collective bargaining agreement or the Service Contract Act. To review all Serco benefits please visit: ***************************************** . Serco complies with all applicable state and local leave laws, including providing time off under the Colorado Healthy Families and Workplaces Act for eligible Colorado residents, in alignment with our policies and benefit plans. The application window for this position is for no more than 60 days. We encourage candidates to apply promptly after the posting date, as the position may close earlier if filled or if the application volume exceeds expectations. Please submit applications exclusively through Serco's external (or internal) career site. This is a U.S.-based role. If an applicant has any concerns with job posting compliance, please send an email to: ******************** . Click here to apply now (****************************************************************************************************************************************************************************** **New to Serco?** Join our Talent Community! (*************************************************** **ID** _72384_ **Recruiting Location : Location** _US-NM-Socorro_ **Category** _Information Security/Cyber_ **Position Type** _Full-Time_ **Security Clearance** _Secret_ **Telework** _No - Teleworking not available for this position_ **Salary Range/Amount** _$85032.00 - $141721.00_

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

The Opportunity: Cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to Department of Defense (DoD) agencies and related components. In all of this “cyber noise,” how can these organizations understand their risks and how to mitigate them? The answer is an Information Systems Security Officer (ISSO) like you who will break down complex threats into manageable plans of action. As an ISSO on our team, you will use your experience to work with government stakeholders to identify cyber risks, understand applicable policies, and develop a mitigation plan. You'll work closely with the Information System Security Manager to monitor the information systems and their environment, including developing and updating the authorization documentation and implement configuration management across authorization boundaries. You will work with your client to conduct risk assessments, considering data confidentiality, integrity, and availability. You will be involved in organized Incident Response actions such as guiding and reporting back to key stakeholders. You will support the team in meeting authorization timelines and coordinating communications with external entities in support of that objective. Join us. The world can't wait. You Have: 2+ years of experience implementing risk management methodologies contained in best practice documentation such as NIST SP 800-30, SP 800-53, SP 800-128, SP 800-160, SP 800-171, or CIS benchmarks, in support of system security configurations, practices, and oversight Experience as a System Administrator, Network Administrator, or ISSO Experience with control implementations associated with RMF, FedRAMP, ICD 503, and DoD information levels, including applying them to the design and implementation of IT solutions to achieve system authorizations Experience developing and reviewing ATO authorization packages in Xacta or eMASS Experience analyzing compliance and vulnerability scan results, and implementing appropriate mitigations Experience with DoD security technical implementation guides (STIGs), checklists, and testing tools, including STIG Viewer, SCAP, and ACAS scanning tools Experience performing audit log reviews to detect anomalous behavior in information systems and networks, and overseeing continuous monitoring activities Active TS/SCI clearance; willingness to take a polygraph exam Bachelor's degree in a Cybersecurity field and 2+ years of experience providing cybersecurity leadership in an ISSO capacity, interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs, or 5+ years of experience providing cybersecurity leadership in an ISSO capacity, interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs, in lieu of a degree DoD Directive 8140 Qual Matrix for Information Assurance Technician Level II or Information Assurance Manager II Certification Nice If You Have: Ability to work through challenging security requirements to maintain compliance Possession of excellent written, presentation, and verbal communication skills Possession of excellent organizational skills TS/SCI clearance with a polygraph Bachelor's degree in IT, Cybersecurity, Data Science, Information Systems, or CS CGRC, CCNA-Security, CASP+, CISSP, or Security+ Certification AWS Solutions Architect or Certified Security - Specialty Certification Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $99,000.00 to $225,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

In a world of possibilities, pursue one with endless opportunities. Imagine Next! At Parsons, you can imagine a career where you thrive, work with exceptional people, and be yourself. Guided by our leadership vision of valuing people, embracing agility, and fostering growth, we cultivate an innovative culture that empowers you to achieve your full potential. Unleash your talent and redefine what's possible. Job Description: Parsons is looking for a talented Level 2 ISSO to join our growing team! In this role you will develop, maintain, and implement information security standards, procedures, and guidelines for applications and databases. In addition, you will ensure that systems and organizational databases are protected from unauthorized access and use, and monitor systems, identify threats, and handle disaster recovery operations. The max salary for this role is between $80k-$87k. What You'll Be Doing: * Performs assessments of systems and networks within the networking environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations (compliance audits) and active evaluations (vulnerability assessments). * Establishes strict program control processes to ensure mitigation of risks and supports for obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits. * Assists in the implementation of required government policy (e.g.,, NISPOM, DCID 6/3), and makes recommendations on process tailoring. * Performs analyses to validate established security requirements and recommends additional security requirements and safeguards where required. * Supports the formal Security Test & Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. * Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. * Demonstrates advanced subject matter expertise in job family. * Contributes to and may lead the planning and implementation of large programs in the function, and regularly interfaces with senior management and executive leadership. * Plays a role in overall functional strategic planning. What Required Skills You'll Bring: * Active Top Secret/SCI with CI Polygraph. * Bachelors degree with typically 2+ years of relevant experience. Candidates with a Masters degree require 1+ year(s) of relevant experience, and additional years of experience can qualify in lieu of a degree for non-degreed candidates. * An active CASP+, CECCNP, Security+, CISA, CISSP, GCED, GCIH, CCSP or CISSP or must be willing to obtain / maintain within 6 months of hire. What Desired Skills You'll Bring: * Strong leadership skills * Management experience * Ability to coach and develop junior ISSO's Security Clearance Requirement: An active Top Secret SCI w/Polygraph security clearance is required for this position. This position is part of our Federal Solutions team. The Federal Solutions segment delivers resources to our US government customers that ensure the success of missions around the globe. Our intelligent employees drive the state of the art as they provide services and solutions in the areas of defense, security, intelligence, infrastructure, and environmental. We promote a culture of excellence and close-knit teams that take pride in delivering, protecting, and sustaining our nation's most critical assets, from Earth to cyberspace. Throughout the company, our people are anticipating what's next to deliver the solutions our customers need now. Salary Range: $86,700.00 - $151,700.00 We value our employees and want our employees to take care of their overall wellbeing, which is why we offer best-in-class benefits such as medical, dental, vision, paid time off, 401(k), life insurance, flexible work schedules, and holidays to fit your busy lifestyle! Parsons is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status or any other protected status. We truly invest and care about our employee's wellbeing and provide endless growth opportunities as the sky is the limit, so aim for the stars! Imagine next and join the Parsons quest-APPLY TODAY! Parsons is aware of fraudulent recruitment practices. To learn more about recruitment fraud and how to report it, please refer to ************************************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

SUMMARY: WinTec Arrowmaker, Inc. is a defense contractor dedicated to providing outstanding program management, engineering, logistics, and operations support to Department of Defense customers. The Intermediate Information Security Engineer will support A&A efforts to complete A&A tasks that integrate cybersecurity standards and requirements into all phases of the system development lifecycle. This includes developing and maintaining A&A packages throughout all stages of the DoD RMF process. The Intermediate Information Security Engineer shall provide the level of effort includes support to the A&A authorization decisions such as Authorization to Operate (ATO), Authorization to Connect (ATC), Interim Authorization to Test (IATT), Interim Authorization to Build (IATB), Denial of Authorization to Operate/Connect (DATO/C); while reporting directly to the WinTec Program Manager. *CONTINGENT UPON AWARD* ESSENTIAL JOB FUNCTIONS: Responsibilities will include, but are not limited to: Support A&A efforts to complete A&A tasks that integrate cybersecurity standards and requirements into all phases of the system development lifecycle. This includes developing and maintaining A&A packages throughout all stages of the DoD RMF process. The level of effort includes support to the A&A authorization decisions such as Authorization to Operate (ATO), Authorization to Connect (ATC), Interim Authorization to Test (IATT), Interim Authorization to Build (IATB), Denial of Authorization to Operate/Connect (DATO/C). Provide the following: Support for network architecture research and design. Reports for network device configurations and analyze network performance after new configurations are implemented. Planning and setup support for demonstration of network defense-in-depth solutions to include sensor optimization and orientation. Network engineering services to test network architectures. Support for network installations to include site surveys, network access, database management, mobile device management (MDM), virtual private cloud (VPC) architecture development and integration, accreditation activities, and system operational test and evaluation. Analyze requirements and capability documentation to reveal operational deficiencies and develop innovative approaches to address deficiencies and Cyber Security capability gaps. Serve as coordinator/facilitator to support leadership with liaison and across Government organizations. Such support includes serving as a point of contact for cyber security, Supervisory Control and Data Acquisition (SCADA), electronic warfare, and Integrated Priority List (IPL)-related solution investigations. Assist the DAT to conduct CSTE in project technologies and assist the program sponsor and system developers with identifying risks through Cyber Table Top Exercises (CTTX), Cyber Vulnerability Investigations (CVI), Cooperative Vulnerability and Penetration Assessments (CVPA). QUALIFICATIONS: Bachelor's degree in computer science, information technology, or information security with an additional 4+ years' of relevant experience related to Information Security Engineer -OR- a high school diploma, or a GED with an additional 8+ years' of relevant experience related to Information Security Engineer. Current DoD 8570.01-M IAT II or IAM II Travel approximately 20%. PREFERRED SKILLS: Military background or familiarity with military command and control structures. Possess a working knowledge of the organizational interface of military, federal, state, and local agencies. Demonstrate time management, problem solving skills, self-motivation, eagerness to learn, and attention to detail. Ability to efficiently react to shifting program requirements and work in a team environment. Effectively communicate, both orally and in writing. SECURITY CLEARANCE: Active DOD Secret Clearance. LOCATION: Kirtland Air Force Base, NM * MUST FILL OUT THE ENTIRE QUESTIONNAIRE TO BE CONSIDERED FOR THE POSITION * View all jobs at this company

Global Resource Solutions, Inc. (GRS) is seeking an enthusiastic, motivated, detail orientated, and talented individual for the position of Information System Security Officer II. Job Descriptio n: Summary: The ISSO II's primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Essential Duties & Responsibilities: Review, prepare, and update AIS authorization packages Notify customer when changes occur that might affect AIS authorization Perform AIS self-inspections, provide security coordination and review of all system test plans Identify AIS vulnerabilities and implement countermeasures Represent the customer on various technical review and inspection teams Conduct security surveys at subordinate facilities and gather pertinent security documentation for inclusion into system authorization packages Coordinate, prepare, and track AIS inspections, reports, and responses Maintain AIS security records and prepare Co-Utilization Agreements for network nodes operating in government facilities Prepare reports on the status of security safeguards applied to computer systems Ensure AIS and network nodes are operated, maintained, and disposed of in accordance with security policies and practices Perform ISSO duties in support of in-house and external customers Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts Review, track, and conduct AIS training Requirement: Four (4) years related experience Bachelor's Degree in a related area or equivalent experience (Four (4) years) Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level 2 within 6 months of the date of hire. Security Requirements: Current Top Secret Clearance with SCI Eligibility Eligibility for access to Special Access Programs Willingness to submit to a Counterintelligence Polygraph Skills: Ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners Working knowledge of Microsoft Office (Word, PowerPoint, and Excel) Possess a high degree of originality, creativity, initiative requiring minimal supervision Must be familiar with security policy/manuals and the appropriate DCIDs/JAFANs and other guiding policy documents Requires travel within the organizational geographic Area of Responsibility (AOR) (note - could be extensive, and will include both air and ground transportation) Must be able to lift up to 50lbs Physical Requirements : This position requires employees to be willing and able to: sit, bend, reach, stoop, squat, stand, and walk. Communication: Excellent customer service via phone and face to face conversation, excellent written and oral command of English. GRS is an Equal Opportunity Employer. GRS will continue to abide by obligations under VEVRRA and Section 503 physical or mental disability, protected veteran status, or any other characteristics that are protected by law.

POSTING DEADLINE is posted until filled. DEPARTMENT Department: Information Security PREFERENCES * 24/7 rotating on call required * This will be on-site 5x/week * The following certifications are preferred * CompTIA Security+ * CompTIA CySa+ * Certified Ethical Hacker (C|EH) Information Security Analyst I Salary Grade: G07 Minimum Midpoint Maximum $69,581 - $92,194 - $114,808 Personnel in this job title may be covered by NERC CIP cyber security standards. If the position is covered, prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a Personnel Risk Assessment, which includes identity verification and a criminal background check. Prior to being granted unescorted access to cyber secure areas, the candidate must attend cyber security training. Annual cyber security training is also required. SUMMARY: Under general supervision, provisions electronic access to systems and applications. Acts as an IT security subject matter expert for supported systems and applications. Responsible for Identity and Access Management (IAM), access management, provisioning and compliance controls relating to managing access based on business need. Analyzes the security of systems and applications, and develops security baselines to protect information against unauthorized access. ESSENTIAL DUTIES AND RESPONSIBILITIES: Provisions electronic access for supported systems and applications in accordance with Access Management and Provisioning program Ensures all access issues are handled in a timely manner and that supported systems are functioning properly Creates, modifies and deletes profiles and other access controls as part of Role Based Access Control (RBAC) program Provides routine reaccreditation of existing users and associated entitlements Produces evidence in support of Company policies and regulatory requirements, such as Sarbanes-Oxley (SOX) and North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Recommends security access requirements for systems and applications; creates ad hoc reports for review Participates in major projects, as needed, in support of business initiatives; ensures project work is completed in a timely manner in accordance with Information Security policies, programs and standards; contributes and recommends improvements to the Access Management and Provisioning program Performs user access reviews supporting Company investigation needs; assists with data preservation requests for litigation holds; conducts digital forensics in support of the Security program COMPETENCIES: Knowledge of Company business practices and familiarity with Company products and services Ability to develop and make recommendations for security processes, procedure improvements and management level security standards Ability to identify best practices for security risk assessments, policies, standards and processes Policy, process, and standard development experience QUALIFICATIONS MINIMUM EDUCATION AND/OR EXPERIENCE: Bachelor's degree from a four-year college or university in Information Resource Management, Business Computer Systems, Computer Science or Computer Security with three to five years related experience, or equivalent combination of education and/or experience related to the discipline. COMMUNICATION SKILLS: Ability to maintain positive and productive working relationships with various individuals and groups Ability to recognize and initiate tasks without direction Ability to read and interpret technical manuals and reports, instructional documents, and procedure manuals Ability to write procedural documentation and user instructions Ability to speak effectively with various individuals, groups, and vendors MATHEMATICAL SKILLS: Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages, area, circumference, and volume Ability to apply concepts of basic algebra and geometry COMPUTER SKILLS: To perform this job successfully, an individual should have in-depth knowledge and experience with IBM/UNIX servers, client/server applications and information security issues In-depth knowledge of Microsoft, IBM and UNIX server security functionality Working knowledge of related security software Working knowledge of database product security technology, specifically Oracle, SQL and DB2 and general knowledge of physical security methods for securing automated systems and network components ANALYSIS AND PROBLEM-SOLVING ABILITY: Ability to understand and assimilate complex technical information. Ability to solve partial problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram or schedule form. DECISION MAKING: Ability to make access management and provisioning decisions without direction, in accordance with Company policies, procedures and programs. Examines potential areas for service improvement and makes recommendations for changes to senior staff or management. PHYSICAL DEMANDS: While performing the duties of this job, the employee is regularly required to sit up to 2/3 of the time and talk and listen for long periods of time. WORK ENVIRONMENT: Office environment. JOB DESCRIPTION Information Security Analyst Sr. Salary Grade: G06 Minimum Midpoint Maximum $78,537 - $106,024 - $133,511 Personnel in this job title may be covered by NERC CIP cyber security standards. If the position is covered, prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a Personnel Risk Assessment, which includes identity verification and a criminal background check. Prior to being granted unescorted access to cyber secure areas, the candidate must attend cyber security training. Annual cyber security training is also required. SUMMARY: Acts as an IT security subject matter expert and technical consultant for security initiatives. Functions as technical engineer, system architect and operational support for the Identity Management (IDM) suite of products. Analyzes the security of systems and applications, and develops security baselines to protect information against unauthorized access. Conducts forensic investigations including investigations done in coordination with other departments. ESSENTIAL DUTIES AND RESPONSIBILITIES: Assesses, designs, and recommends security access requirements for systems and applications; creates ad hoc reports for review Collaborates with enterprise architecture on the development of system and application security standards and baselines Provisions electronic access for supported systems and applications in accordance with the Enterprise Access Provisioning Program Ensures all access issues are handled in a timely manner and that supported systems are functioning properly Creates, modifies and deletes profiles and other access controls as part of Role Based Access Control (RBAC) program Provides routine reaccreditation of existing users and associated entitlements Produces evidence in support of Company policies and regulatory requirements, such as Sarbanes-Oxley (SOX) and North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Participates in projects as a subject matter expert in support of business initiatives; ensures project work is completed in a timely manner in accordance with Information Security policies, programs and standards; oversees and continuously improves the Enterprise Access Provisioning Program Performs user access reviews supporting Company investigation needs; assists with data preservation requests for litigation holds; conducts digital forensics in support of the Information Security program Ensures teamwork to reduce security exposures COMPETENCIES: Strong knowledge of Company business practices and familiarity with Company products and services Strong knowledge of digital forensic steps and incident response Ability to develop and make recommendations for complex security processes, procedure improvements and management level security standards Ability to identify best practices for security risk assessments, policies, standards and processes Extensive policy, process, and standard development experience Ability to demonstrate leadership skills and provide guidance to less experienced team members QUALIFICATIONS MINIMUM EDUCATION AND/OR EXPERIENCE: Bachelor's degree from a four-year college or university in Information Resource Management, Business Computer Systems, Computer Science or Computer Security with five to seven years related experience, or equivalent combination of education and/or experience related to the discipline. COMMUNICATION SKILLS: Ability to maintain positive and productive working relationships with various individuals and groups Ability to recognize and initiate complex tasks without direction Ability to read and interpret technical manuals and reports, instructional documents, and procedure manuals Ability to write procedural documentation and user instructions Ability to speak effectively with various individuals, groups, and vendors MATHEMATICAL SKILLS: Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages, area, circumference, and volume Ability to apply concepts of basic algebra and geometry COMPUTER SKILLS: In-depth knowledge and experience with Linux/UNIX servers, client & server applications and information security issues In-depth knowledge of Microsoft, Linux and UNIX server security functionality In-depth knowledge of related security software In-depth knowledge of database product security technology, specifically Oracle and SQL, and general knowledge of physical security methods ANALYSIS AND PROBLEM-SOLVING ABILITY: Ability to understand and assimilate complex technical information. Ability to solve partial problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram or schedule form. DECISION MAKING: Ability to make access management and provisioning decisions without direction, in accordance with Company policies, procedures and programs. Examines potential areas for service improvement and makes recommendations for changes to senior staff or management. PHYSICAL DEMANDS: While performing the duties of this job, the employee is regularly required to sit up to 2/3 of the time and talk and listen for long periods of time. WORK ENVIRONMENT: Office environment. SAFETY AND ADA STATEMENT Safety Statement: Safety is a core value at (TXNM Energy/PNM/TNMP) and our vision, "everyone goes home safe", reflects our commitment to promoting an environment conducive to learning, improving and building safety practices. Our safety value is built upon the belief that every employee deserves to work in an environment free from harm. Americans with Disabilities Act (ADA) Statement: If you require assistance with the job application process due to a disability, please contact HR ADA Analyst, at ************.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Dynamic Solutions Technology, LLC, a premier strategic services firm that meets IT and Service needs for commercial and government clients. We are is seeking a full-time Information Assurance Security Analyst to support DoD customer. This position is to provide support in the White Sands Missile Range (WSMR), NM area. Responsibilities: Serves as a team member providing network monitoring and scanning functions. Provides network vulnerability scanning to ensure IAVA compliance and remediation. Provides antivirus management using antivirus tools. Provides wireless scanning using network detection software. Implements system security policies, scans and IAVAs for WSMR, including WSMR organizations, tenant activities, and other contractors. Provides Cybersecurity reporting requirements to appropriate authorities. Provides Tier 2 assistance for personnel / users needing information/assistance with Information Assurance (IA) and CSO related issues. Risk Management/Accreditation/Certification Services; Assists the Information Systems Security Manager (ISSM) in the management of the RMF process in accordance with AR 25-2 and DoDI 8510.01. Provide Knowledge Management Services for all information required to perform Certification and Accreditation services for the White Sands Missile Range Cybersecurity Office (CSO). Position requires knowledge of SharePoint services in maintaining required documentation such as appointment orders, Authority to Connect (ATC) and Authority to Operate (ATO) documentation, library of Army and other regulations relating to Information Assurance, Memorandums of Understanding/Agreement, Tenant Security Plans, Certificates of Networthiness (CoNs), etc. Directly supports Information Assurance (IA) requirements, within the immediate area of responsibility (AOR), managing and tracking system administrator elevated level of access to network resources. Therefore, requires the knowledge of the Army Training and Certification Tracking System (ATCTS), and IA DoD 8570.01 status verification. Works with team members to identify IA trends and suggests long-term strategies to help mitigate IA issues. Analyzes and evaluates risk and makes recommendations that are in compliance with all policies, rules and regulations governing IA functions. Assesses procedures and identifies opportunities to improve customer service. Champions customer service and sets and monitors parameters for customer service excellence. REQUIRED SKILLS: COTS software/hardware experience: Working knowledge of COTS software/hardware, and network products, including Windows OS, MS Office, Remedy, etc. Working knowledge of WEB filter management tools, such as WebSense. Working knowledge of IDS management tools, SourceFire. Working knowledge of IAVA tools, such as ACAS, Symantec Endpoint, WSUS, HBSS and Fluke air Check. Working knowledge of Server Operating Systems and Microsoft Active Directory. Working knowledge of Information Assurance policies and procedures. Skills/Certifications/Training - Security+ ce certification, and relevant Computing Environment training, in accordance with DoD 8570.01m. ACAS, Retina, Flying Squirrel, and Snort are preferred Computing Environment training. Good oral and written communication skills. Ability to react to customer issues and formulate resolutions quickly. REQUIRED EXPERIENCE/CERTIFICATIONS/CLEARANCE: High School Diploma or GED Certificate 5 - 7 Years of practical experience in a Cybersecurity/IA Active Secret clearance

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Are you an Information Systems Security Officer looking for a place to make an impact every day? Serco has a place for you! Join our team today as the Information Systems Security Officer in support of our Ground-Based Electro-Optical Deep Space Surveillance (GEODSS) program in Socorro, New Mexico. This mission is vital to keeping existing satellites safe and to provide critical information to organizations launching new satellites in the future. One of the assets USSF uses to accomplish this mission is the Ground-based Electro Optical Deep Space Surveillance (GEODSS) System.This optical sensor is employed at three (3) different locations around the world (White Sands Missile Range, New Mexico; Diego Garcia, British Indian Ocean Territory; and Maui, Hawaii) and helps track the objects in deep space orbit (altitude of 10,000 to 45,000 km). In this role, you will: + Perform computer security assessments and implement required countermeasures; implement and maintain a site mission system and network Cybersecurity program. + Execute cybersecurity responsibilities protecting and defending information systems by ensuring the availability, integrity, confidentiality, authentication, and non-repudiation of data through the application of cybersecurity measures. + Protect ISs, their operating system, peripherals (media and devices), applications, and the information it contains against loss, misuse, unauthorized access, or modification. + Ensure all users and ISSOs receive COMPUSEC training. + Provide information to update system Assessment and Authorization (A&A) packages. + Review TEMPEST packages and provide documentation for TEMPEST package updates. Get to know your recruiter: (https://serco.kzoplatform.com/player/medium/**********937301809?embed=true&layout=fullscreen&overlay=false&auth=public) **Qualifications** To be successful in this role, you will have: + An active DoD Secret clearance. + An active DoD IAT Level II compliant certification + A high school diploma/GED + 2+ years' of relevant working experience + Ability to travel up to 10% of the time as needed. Additional desired experience and skills: + An active DoD Top Secret clearance + A bachelor's degree in computer science or other related field. + Working knowledge of Microsoft Windows OS and RedHat Linux and Tru64 UNIX Operating System. + An active DoD IAM Level III compliant certification + CISSP highly preferred If you are interested in supporting and working with our military and sailors and a passionate Serco team- then submit your application now for immediate consideration. It only takes a few minutes and could change your career! **Company Overview** Serco Inc. (Serco) is the Americas division of Serco Group, plc. In North America, Serco's 9,000+ employees strive to make an impact every day across 100+ sites in the areas of Defense, Citizen Services, and Transportation. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state, provincial and local governments, and commercial clients. While your place may look a little different depending on your role, we know you will find yours here. Wherever you work and whatever you do, we invite you to discover your place in our world. Serco is a place you can count on and where you can make an impact because every contribution matters. To review Serco benefits please visit: *********************************************************** . If you require an accommodation with the application process please email: ******************** or call the HR Service Desk at ************, option 1. Please note, due to EEOC/OFCCP compliance, Serco is unable to accept resumes by email. Candidates may be asked to present proof of identify during the selection process. If requested, this will require presentation of a government-issued I.D. (with photo) with name and address that match the information entered on the application. Serco will not take possession of or retain/store the information provided as proof of identity. For more information on how Serco uses your information, please see our Applicant Privacy Policy and Notice (**************************************** . Serco does not accept unsolicited resumes through or from search firms or staffing agencies without being a contracted approved vendor. All unsolicited resumes will be considered the property of Serco and will not be obligated to pay a placement or contract fee. If you are interested in becoming an approved vendor at Serco, please email ********************* . Serco is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. **Pay Transparency** Our Total Rewards package includes competitive pay, performance-based incentives, and benefits that promote well-being and work-life balance-so you can thrive both professionally and personally. Eligible employees also gain access to a wide range of benefits from comprehensive health coverage and health savings accounts to retirement plans, life and disability insurance, and time-off programs that support work-life balance. Program availability may vary based on factors such as contract type, location, hire date, and applicable collective bargaining agreements. Salary range: The range for this position can be found at the top of the posting. This range is provided as a general guideline and represents a good faith estimate across all experience levels. Actual base salary will be determined by a variety of factors, including but not limited to, the scope of the role, relevant experience, job-related knowledge, education and training, key skills, and geographic market considerations. For roles available in multiple states, the range may vary to reflect differences in local labor markets. In addition to base salary, eligible positions may include other forms of compensation such as annual bonuses or long-term incentive opportunities. Benefits HIGHLIGHTS - Comprehensible Benefits for Full-time Employees (Part-time members receive a customized package tailored to their role). + Medical, dental, and vision insurance + Robust vacation and sick leave benefits, and flexible work arrangements where permitted by role or contract + 401(k) plan that includes employer matching funds + Tuition reimbursement program + Life insurance and disability coverage + Optional coverages you can buy, including pet insurance, home and auto insurance, additional life and accident insurance, critical illness insurance, group legal, ID theft protection + Birth, adoption, parental leave benefits + Employee Assistance Plan that includes counseling conditions + Specific benefits are dependent upon the specific contract as well as whether the position is covered by a collective bargaining agreement or the Service Contract Act. To review all Serco benefits please visit: ***************************************** . Serco complies with all applicable state and local leave laws, including providing time off under the Colorado Healthy Families and Workplaces Act for eligible Colorado residents, in alignment with our policies and benefit plans. The application window for this position is for no more than 60 days. We encourage candidates to apply promptly after the posting date, as the position may close earlier if filled or if the application volume exceeds expectations. Please submit applications exclusively through Serco's external (or internal) career site. This is a U.S.-based role. If an applicant has any concerns with job posting compliance, please send an email to: ******************** . Click here to apply now (****************************************************************************************************************************************************************************** **New to Serco?** Join our Talent Community! (*************************************************** **ID** _72111_ **Recruiting Location : Location** _US-NM-Socorro_ **Category** _Information Security/Cyber_ **Position Type** _Full-Time_ **Security Clearance** _Secret_ **Telework** _No - Teleworking not available for this position_ **Salary Range/Amount** _$85032.00 - $141721.00_

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

SUMMARY: WinTec Arrowmaker, Inc. is a defense contractor dedicated to providing outstanding program management, engineering, logistics, and operations support to Department of Defense customers. The Senior Information Security Engineer will support A&A efforts to complete A&A tasks that integrate cybersecurity standards and requirements into all phases of the system development lifecycle. This includes developing and maintaining A&A packages throughout all stages of the DoD RMF process. The Senior Information Security Engineer shall provide the level of effort includes support to the A&A authorization decisions such as Authorization to Operate (ATO), Authorization to Connect (ATC), Interim Authorization to Test (IATT), Interim Authorization to Build (IATB), Denial of Authorization to Operate/Connect (DATO/C); while reporting directly to the WinTec Program Manager. *CONTINGENT UPON AWARD* ESSENTIAL JOB FUNCTIONS: Responsibilities will include, but are not limited to: Support A&A efforts to complete A&A tasks that integrate cybersecurity standards and requirements into all phases of the system development lifecycle. This includes developing and maintaining A&A packages throughout all stages of the DoD RMF process. The level of effort includes support to the A&A authorization decisions such as Authorization to Operate (ATO), Authorization to Connect (ATC), Interim Authorization to Test (IATT), Interim Authorization to Build (IATB), Denial of Authorization to Operate/Connect (DATO/C). Provide the following: Support for network architecture research and design. Reports for network device configurations and analyze network performance after new configurations are implemented. Planning and setup support for demonstration of network defense-in-depth solutions to include sensor optimization and orientation. Network engineering services to test network architectures. Support for network installations to include site surveys, network access, database management, mobile device management (MDM), virtual private cloud (VPC) architecture development and integration, accreditation activities, and system operational test and evaluation. Analyze requirements and capability documentation to reveal operational deficiencies and develop innovative approaches to address deficiencies and Cyber Security capability gaps. Serve as coordinator/facilitator to support leadership with liaison and across Government organizations. Such support includes serving as a point of contact for cyber security, Supervisory Control and Data Acquisition (SCADA), electronic warfare, and Integrated Priority List (IPL)-related solution investigations. Assist the DAT to conduct CSTE in project technologies and assist the program sponsor and system developers with identifying risks through Cyber Table Top Exercises (CTTX), Cyber Vulnerability Investigations (CVI), Cooperative Vulnerability and Penetration Assessments (CVPA). QUALIFICATIONS: Bachelor's degree in computer science, information technology, or information security with an additional 8+ years' of relevant experience related to Information Security Engineer -OR- a high school diploma, or a GED with an additional 12+ years' of relevant experience related to Information Security Engineer. Travel approximately 20%. PREFERRED SKILLS: Military background or familiarity with military command and control structures. Possess a working knowledge of the organizational interface of military, federal, state, and local agencies. Demonstrate time management, problem solving skills, self-motivation, eagerness to learn, and attention to detail. Ability to efficiently react to shifting program requirements and work in a team environment. Effectively communicate, both orally and in writing. SECURITY CLEARANCE: Active DOD Secret Clearance. LOCATION: Kirtland Air Force Base, NM * MUST FILL OUT THE ENTIRE QUESTIONNAIRE TO BE CONSIDERED FOR THE POSITION * View all jobs at this company