Cyber security analyst jobs in Stratford, CT

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all. The exceptional EY experience. It's yours to build. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. Today's world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. **The opportunity** Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performing digital forensic analysis, following security incident response standard methodologies, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. **Your key responsibilities** + Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified + Forensically analyze end user systems and servers found to have possible indicators of compromise + Analysis of artifacts collected during a security incident/forensic analysis + Identify security incidents through 'Hunting' operations within a SIEM and other relevant tools + Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions + Provide consultation and assessment on perceived security threats + Maintain, manage, improve and update security incident process and protocol documentation + Regularly provide reporting and metrics on case work + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact based reports + Be on-call to deliver global incident response **Skills and attributes for success** + Resolution of security incidents by identifying root cause and solutions + Analyze findings in investigative matters, and develop fact-based reports + Proven integrity and judgment within a professional environment + Ability to appropriately balance work/personal priorities **To qualify for the role you must have** + Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field + 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering; + Understanding of security threats, vulnerabilities, and incident response; + Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis; + Be familiar with legalities surrounding electronic discovery and analysis; + Experience with SIEM technologies (i.e. Splunk); + Deep understanding of both Windows and Unix/Linux based operating systems; **Ideally, you'll also have** + Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH + Background in security incident response in Cloud-based environments, such as Azure + Programming skills in PowerShell, Python and/or C/C++ Understanding of the best security practices for network architecture and server configuration **What we look for** + Demonstrated integrity in a professional environment + Ability to work independently + Have a global mind-set for working with different cultures and backgrounds + Knowledgeable in business industry standard security incident response process, procedures, and life cycle + Excellent teaming skills + Excellent social, communication, and writing skills **What we offer you** The compensation ranges below are provided in order to comply with United States pay transparency laws. Other geographies will follow their local salary guidelines, which may not be a direct conversion of published US salary range/s. At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $87,700 to $164,000. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $105,200 to $186,400. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society, and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy, and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

Description We are looking for a highly skilled Cyber Security Engineer to join our team in Shelton, Connecticut. This long-term contract position offers an excellent opportunity to contribute to safeguarding critical systems and data. The ideal candidate will bring extensive experience in cybersecurity and IT, along with a proactive approach to identifying and addressing security vulnerabilities. Responsibilities: - Monitor and analyze security alerts from multiple sources to determine appropriate actions or escalation. - Maintain detailed documentation of investigations, findings, and resolutions for effective case management and reporting. - Develop and support security incident response plans, procedures, and playbooks. - Participate in an on-call rotation to handle off-hours security escalations. - Administer, optimize, and ensure the proper functioning of security tools, including endpoint protection, network detection, and logging systems. - Collaborate on remediation efforts for identified security risks and vulnerabilities. - Conduct in-depth investigations into security incidents to identify root causes and mitigate future risks. - Assist in the configuration and management of firewalls, intrusion prevention systems, and other security technologies. - Provide expertise in interpreting and analyzing log data to improve threat detection and response capabilities. Requirements - At least 6 years of experience in information technology or cybersecurity. - Industry-recognized certifications in IT or cybersecurity are preferred. - Proven ability to analyze and interpret log data, including working with log pipelines. - Hands-on experience triaging security alerts and escalating issues based on established protocols. - Familiarity with advanced security tools, including endpoint protection systems and firewalls. - Strong knowledge of Windows server and desktop operating systems, networking principles, and security concepts. - Proficiency in Active Directory, Microsoft Azure, and Office 365 environments. - Exceptional analytical and problem-solving skills to address complex security challenges. Technology Doesn't Change the World, People Do. Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles. Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more. All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available including medical, vision, dental, life and disability insurance. Employees hired for our FTEP Program are also eligible to enroll in our company's 401(k) or deferred compensation plan (if eligible). FTEP employees also earn paid time off for vacation, personal needs, and sick time and paid holidays. The amount of Choice Time Off (CTO) received varies based on years of service and is pro-rated based on the hours worked per week. A new FTEP employee earns up to 13 days of CTO and up to 10 paid holidays per calendar year. Learn more at roberthalfbenefits.com/Resources. © 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use (https://www.roberthalf.com/us/en/terms) .

KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Specialist Director, MAST Application Penetration Testing Lead to join our Managed Services practice. Responsibilities: * Lead the strategic delivery of Managed Application Security Testing (MAST) services, ensuring alignment with client objectives and industry best practices * Execute go-to-market (GTM) strategies for MAST offerings, collaborating with cross-functional teams to drive market penetration and revenue growth * Oversee the design and implementation of scalable security testing frameworks across diverse application environments, including cloud-native and hybrid architectures * Provide subject matter expertise in application security, guiding clients through risk assessments, remediation planning, and secure development lifecycle integration * Build and maintain strong client relationships, serving as a trusted advisor and ensuring high levels of satisfaction and retention * Mentor and lead a team of security professionals, fostering a culture of innovation, accountability, and continuous improvement * Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment Qualifications: * Minimum eight years of recent experience in application security, penetration testing, or related cybersecurity domains, with at least three years in a leadership or director-level role * Master's degree from an accredited college or university in cybersecurity, computer science, or related field is preferred; Bachelor's degree from an accredited college or university is required * Deep understanding of application security testing methodologies, tools (for example, DAST, SAST, IAST), and secure SDLC practices * Proven experience developing and executing GTM strategies for security services or technology solutions * Strong client-facing skills with the ability to communicate complex technical concepts to non-technical stakeholders * Excellent verbal/written communication, presentation, and analytical skills * Ability to travel as required * Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa) KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** California Salary Range: $153700 - $319000 KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

For over 75 years, BIC has been creating ingeniously simple and joyful products that are a part of every heart and home. As a member of our team, you'll be a part of reigniting a beloved brand as we continue to reimagine everyday essentials in new, sustainable and responsible ways. Our "roll up your sleeves and get the job done" approach to work creates an environment where self-starters, problem solvers and innovative thinkers thrive. BIC team members are empowered to take ownership of their careers and bring their unique perspectives to the table to make a meaningful impact on our mission. It's a colorful world - make your mark by joining the BIC team today. As **Senior Cybersecurity Engineer,** you will collaborate and partner with a global, cross-functional team to build cybersecurity capabilities and improve maturity. This role involves designing, implementing, and managing security technology to protect the company from cyber threats. Besides, you will support incident response, investigations, playbook development and efforts to identify and mitigate risk. **In this role you will:** + Analyze, triage, and investigate alerts from various sources to determine the appropriate response or escalation + Document analysis, findings, and actions for case management and metrics + Support security incident response planning, procedure/playbook development and investigations + Participate in on-call rotation for off-hours escalations + Administer, optimize, and maintain the health of security tools, such as endpoint protection and response (EDR), network detection and response (NDR), and logging pipelines (Syslog/Cribl). + Assist with remediation of identified security risks + Minimum 6 years' experience in Information Technology or Cybersecurity + IT or cybersecurity certifications from industry recognized sources preferred **What you bring to BIC:** + Minimum 6 years' experience in Information Technology or Cybersecurity + IT or cybersecurity certifications from industry recognized sources preferred + Prior experience interpreting or analyzing log data and working with log pipelines + Triaging alerts from various sources, following playbooks, and escalating legitimate issues + Knowledge of security tools such as endpoint protection, firewalls, intrusion prevention, SIEM and EDR (CrowdStrike) + Strong understanding of Windows server and desktop operating systems, networking fundamentals, security concepts, Active Directory, Microsoft Azure, Office 365. + In-depth analytical and problem-solving skills to resolve complex issues BIC is an Equal Opportunity Employer. We strongly commit to hiring people with different backgrounds and experiences to help us build better products, make better decisions, and better serve our customers. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, veteran status, disability status, or similar characteristics. All employment is decided based on qualifications, merit, and business need. BIC is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, all resumes submitted by search firms to any team member at BIC via email, or directly to a BIC team member in any form without a valid written search agreement in place for that position will be deemed the sole property of BIC, and no fee will be paid in the event the candidate is hired by BIC as a result of the referral or through other means.

We anticipate the application window for this opening will close on - 20 Dec 2025 At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world. A Day in the Life The Principal Product Security Engineer plays a critical role in ensuring the security of Medtronic Surgical Operating Unit medical device solutions. Reporting to the Director of Product Security, this role drives the integration of advanced cybersecurity measures, identifies and mitigates potential vulnerabilities, and supports initiatives that improve cyber-resiliency throughout the product lifecycle. You will serve as a technical subject matter expert and mentor, collaborating across teams and contributing to long-term improvements in our security posture. Careers that Change Lives In this engineering-focused role, you will join a world-class team of systems, mechanical, electrical, software, and quality engineers within Medtronic's Surgical Operating Unit (OU). The Surgical OU brings together the people and portfolios of Surgical Robotics and Surgical Innovations to advance surgical care through robotics, surgical energy technologies, and digital solutions. This role focuses on cybersecurity for medical devices and embedded systems. It is not an IT security, compliance, or GRC-focused position. The ideal candidate will have deep experience working with engineering teams to integrate cybersecurity into real-time systems, embedded firmware, connected devices, or other product-level security contexts. With the Medtronic Mission as our North Star, we build on our legacy of proven surgical solutions and continue advancing the promise of robotics and digital technologies to improve outcomes for our customers and patients. This is an onsite role and can be located at one of these office locations: Boston, MA, Lafayette, CO, Minneapolis, MN, or North Haven, CT with a strong preference of Boston or Lafayette. Make your impact by exploring a career with the world's leading Medical Device company, striving "to alleviate pain, restore health, and extend life." A Day in The Life The Principal Product Security Engineer plays a critical role in ensuring the security of Medtronic Surgical Operating Unit medical device solutions. Reporting to the Director of Product Security, this role drives the integration of advanced cybersecurity measures, identifies and mitigates potential vulnerabilities, and supports initiatives that improve cyber-resiliency throughout the product lifecycle. You will serve as a technical subject matter expert and mentor, collaborating across teams and contributing to long-term improvements in our security posture. Key Responsibilities: * Product Security Strategy & Continuous Learning - Stay abreast of emerging cybersecurity threats, technologies, and regulations specific to medical devices and health software. Contribute to OU and enterprise-wide product security strategy and roadmap development. * Secure Product Development Lifecycle - Drive security integration into all stages of the product lifecycle, from concept and design to postmarket. Work closely with system architects, software leads, and hardware engineers to embed secure design patterns in both embedded and cloud-connected environments. * Threat Modeling & Risk Assessment - Lead threat modeling sessions, conduct security risk assessments, and identify mitigation strategies in accordance with IEC 81001-5-1, ISO 14971, and FDA premarket cybersecurity guidance. * Security Architecture & Design - Collaborate on the design and implementation of secure architectures, focusing on secure boot, secure communications, data protection, access control, secure software updates, and hardware-software integration. * Security Testing & Analysis - Support and interpret results from vulnerability scans, penetration tests, and static/dynamic code analysis. Coordinate with internal teams and third-party vendors to ensure timely and appropriate risk mitigation. * Security Awareness & Mentorship - Promote a culture of security awareness within R&D and provide mentorship to junior engineers. Lead by example through documentation, review participation, and active knowledge sharing. * Regulatory & Standards Compliance - Ensure alignment with applicable standards (e.g., NIST, IEC 60601-4-5, IEC 81001-5-1) and support security documentation efforts for global regulatory submissions. * Vendor & Supply Chain Security - Review and assess the cybersecurity posture of third-party suppliers and open-source software components used within product designs. * Incident Response Support - Provide technical leadership during postmarket security incidents or field issues. Lead root cause investigations, containment strategies, and risk assessments. * Security Documentation - Maintain comprehensive security documentation, including threat model diagrams, risk assessments, shared service inventories, design patterns, security guidelines, and product security plans/reports. Must Have Requirements * Bachelor's degree with 7 years of experience * Or advanced degree with 5 years of technical experience Nice to Have * Bachelor's degree in a relevant engineering field of study (e.g., Computer Engineering, Software Engineering, or related discipline), completed and verified prior to start * Minimum 3 years of experience integrating security into embedded systems or connected medical devices in a regulated product development environment * Strong understanding of secure development lifecycle (SDLC), secure boot, cryptography, secure firmware update, secure communication, and hardware/software interface security * Master's degree in a relevant engineering or cybersecurity field * Industry-recognized certifications (e.g., CISSP, CSSLP, CISM, CEH) * Experience mentoring or technically guiding junior security engineers * Demonstrated ability to implement secure architecture in embedded and connected device ecosystems * Familiarity with FDA and MDR cybersecurity submission requirements * Knowledge of secure coding practices and common vulnerabilities (e.g., OWASP, CWE, CVSS) * Experience supporting cross-functional design reviews or formal design assurance processes * Working knowledge of secure boot chains, cryptographic controls, and device authentication protocols Physical Job Requirements The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role. Benefits & Compensation Medtronic offers a competitive Salary and flexible Benefits Package A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage. Salary ranges for U.S (excl. PR) locations (USD):$152,800.00 - $229,200.00 This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP). The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others). The following benefits and additional compensation are available to those regular employees who work 20+ hours per week: Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program). The following benefits and additional compensation are available to all regular employees: Incentive plans, 401(k) plan plus employer contribution and match, Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums). Regular employees are those who are not temporary, such as interns. Temporary employees are eligible for paid sick time, as required under applicable state law, and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico. Further details are available at the link below: Medtronic benefits and compensation plans About Medtronic We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission - to alleviate pain, restore health, and extend life - unites a global team of 95,000+ passionate people. We are engineers at heart- putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary. Learn more about our business, mission, and our commitment to diversity here. It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities. If you are applying to perform work for Medtronic, Inc. ("Medtronic") in any position which will involve performing at least two (2) hours of work on average each week within the unincorporated areas of Los Angeles County, you can find here a list of all material job duties of the specific job position which Medtronic reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of a conditional offer of employment. Medtronic will consider for employment qualified job applicants with arrest or conviction records in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

at Nuvance Health The Cyber Security Engineer will have responsibility for incident response along with a desire to relentlessly champion best practices. This role will perform all functions required to support day-to-day data security operations, supporting and maintaining a broad suite of cyber security operations infrastructure, serving as a tier 2 escalation point during incident response and investigations and monitoring compliance with IT security policy. Participate in the planning, design, installation, maintenance and tuning of security operations systems in support of security policies and best practice. Work with Information Technology staff and business units to assess risk and address security issues. Responsibilities: • Manage security responsibilities, including firewalls, proxy systems, SIEM, EDR and other security devices. 15% • Strong skills implementing and tuning security components. 15% • Server as an escalation point during incident response and investigations. 15% • Maintain cyber security operations tool to insure detection, response and remediation of latest security threats 15% • Create and review reports on event and incidents. 10% • Stay up to date with latest security threats and assist with developing defense strategy's to combat them. 10 % • Investigate and respond to security violations 10% • Ability to maintain in depth knowledge of security and networking infrastructure utilized by the company including the management and reporting of each. 10% Education Skills Experience • Bachelor's degree in computer science field required • 2 or more years Security Operations with a minimum of 4 years IT experience. • Demonstrated experience in Incident response investigations. • Working knowledge of EDR technologies. • Working knowledge of SIEM technologies. • Working knowledge of common vulnerability management tools. • Working knowledge of enterprise firewall technologies preferred. • Working knowledge of web filtering and proxies preferred. • Working knowledge of MDM solution preferred. • Experience with DLP and IPS/IDS systems preferred. • Working knowledge of email filtering product preferred. • Working knowledge of litigation hold processing and forensic investigations preferred. • Experience participating in Red/Blue/Purple team exercises. • Experience working with information security practices, networks, software, and hardware. Other Information: • CISSP, CEH, or other equivalent certification is a plus. • Disaster recovery and business continuity experience is a plus. • Working knowledge with HIPAA regulations as they pertain to the healthcare industry. Working Conditions: Manual: Some manual skills/motor coord & finger dexterity Occupational: Little or no potential for occupational risk Physical Effort: Sedentary/light effort. May exert up to 10 lbs. force Physical Environment: Generally pleasant working conditions Company: Nuvance Health Org Unit: 1795 Department: Information Security Exempt: Yes Salary Range: $40.43 - $75.10 Hourly

**Duration: 12 months contract (with possible extension)** ***Note: Open to candidates who are willing to relocate at their own expense.** + The Workday Application Security Analyst is responsible for ensuring the confidentiality, integrity, and availability of data within the Workday system. + They design, implement, and maintain security configurations, including roles, permissions, and access controls, to protect organizational data and comply with company policies, industry standards, and regulatory requirements. **Job Functions & Responsibilities** + Develop and implement security roles, domain security policies, data and business process security within Workday + Ensure secure integration with other on‐premise and cloud applications like GRC tools + Configure and manage access permissions to ensure users have the appropriate level of access to data and functionality + Ensure compliance with company policies, industry standards (like SOC 2), and regulatory requirements (like GDPR) + Conduct regular security audits and assessments to identify vulnerabilities and areas for improvement + Assist in investigating and responding to security incidents, identifying root causes, and implementing preventive measures + Collaborate with IT, HR, and other stakeholders to align security efforts with business needs and ensure effective communication of security policies and procedures + Create and maintain documentation for security policies, procedures, and configurations, and provide training to users on security best practices + Stay abreast of Workday updates, industry trends, and emerging security threats to continuously improve security configurations and processes + Familiarity with other ERPs like SAP is preferred + Familiarity with GRC and Workday SoD (Segregation of Duties) management is desired **Skills** + SAP ERP (S/4 HANA is a plus) + Workday + Active Directory group management + GRC AC 10.1 and above + Microsoft Clienture + SuccessFactors + Applicable functional knowledge for SAP security areas like Finance, MM, ISU billing, etc. + SAP audit & compliance **Education & Certifications** + Bachelor's degree in engineering, IT, or related field + 7-10 years of hands‐on industry experience in Workday Security implementation and administration + Strong ITGC compliance knowledge for Workday + Familiarity with Workday risk management and GRC integration + Ability to identify, analyze, and resolve complex security and compliance issues + Strong interpersonal and communication skills, with the ability to effectively collaborate with diverse teams ** About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (*********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

This role is Hybrid, 3 days a week to any local, US based UL Solutions Office. We are seeking a highly skilled Cloud Security Engineer with strong Application Security expertise to join our security architecture team. This role will be responsible for designing, implementing, and maintaining secure cloud environments and applications across multi-cloud platforms, with a focus on Azure. The ideal candidate will have hands-on experience with cloud-native security tools, DevSecOps practices, and compliance frameworks such as NIST 800-53, SOC 2, and CIS Controls. Cloud Security Engineering + Design and implement security controls for cloud infrastructure (Azure, AWS, GCP). + Develop and maintain security architecture patterns (e.g., hub-and-spoke, Zero Trust). + Integrate security tools such as Wiz, Microsoft Defender for Cloud, Silverfort, and Terraform. + Conduct threat modeling and risk assessments for cloud-native services. + Collaborate with IAM, SOC, and GRC teams to align cloud security with enterprise policies. Application Security + Perform secure code reviews, static/dynamic analysis, and vulnerability assessments. + Integrate security into CI/CD pipelines using tools like Snyk, Checkmarx, or Veracode. + Guide development teams on secure coding practices and OWASP Top 10. + Design and implement API security strategies including OAuth2, OpenID Connect, and mTLS. + Support remediation of application vulnerabilities and provide technical guidance. Compliance & Governance + Map cloud and application security controls to compliance frameworks (NIST 800-53, SOC 2, CIS). + Assist in audits and evidence collection for regulatory compliance. + Maintain documentation of security architecture, policies, and procedures. + Bachelor's degree in Computer Science, Cybersecurity, or related field. + 3-4 years of experience in cloud security engineering and application security. + Strong understanding of Azure security services and architecture. + Experience with infrastructure-as-code (Terraform, Bicep). + Familiarity with Snowflake security features and data protection strategies. + Knowledge of identity and access management (Azure AD, Conditional Access, MFA). + Hands-on experience with DevSecOps tools and practices. Preferred Qualifications + Certifications: Azure Security Engineer Associate, CISSP, CCSP, OSCP, or GIAC. + Experience with multi-subscription Azure environments. + Familiarity with Zero Trust architecture and implementation. + Experience with security automation and orchestration. Soft Skills + Strong analytical and problem-solving skills. + Excellent communication and collaboration abilities. + Ability to work independently and in cross-functional teams. + Passion for continuous learning and staying current with security trends. What you'll experience working for ULS UL Solutions has been pioneering change since 1894 and we're still leading the way. From day one, we've blazed a trail protecting the planet and everyone on it. Our teams have influenced billions of products, plus services, software offerings and more. We break things, burn things and blow things up. All in the name of safety science. That's where you come in - because none of it could happen without you. It takes passion to protect people, problem-solving to safeguard personal data and conviction to make the world a more sustainable place. It takes bold ideas and brilliant minds to build a better world for future generations across the globe. This is more than a job. It's a calling. A passion to use our expertise and play our part in creating a more secure, sustainable world today - and tomorrow. As a member of our safety science community, you'll use your ideas, your energy and your ambition to innovate, challenge and ultimately, help create a safer world. Everyone here is unique. But we're also a global community, working together to help create a safer world. Join UL Solutions and you can connect with the brightest minds in the business, all bringing their distinct perspectives and diverse backgrounds together to deliver real change. Empowering our customers to keep the world safe means thinking ahead. It means investing in training and empowering our people to learn and innovate. At UL Solutions, we help build a better future - one where everyone benefits. Join UL Solutions to be at the center of safety. To learn more about us and the work we do, visit UL.com Total Rewards: We understand compensation is an important factor as you consider the next step in your career. The estimated salary range for this position is $95,000 to $120,000 and is based on multiple factors, including job-related knowledge/skills, experience, geographical location, as well as other factors. This position is eligible for annual bonus compensation with a target payout of 10% of the base salary. This position also provides health benefits such as medical, dental and vision; wellness benefits such as mental and financial health; and retirement savings (401K) commensurate with the standard rewards offered in each individual location or country. We also provide full-time employees with paid time off including vacation (15 days), holiday including floating holidays (12 days) and sick time off (72 hours). #LI-SG2 #LI-Hybrid UL LLC has been and will continue to be an equal opportunity employer. To assure full implementation of this equal employment policy, we will take steps to assure that: Persons are recruited, hired, assigned and promoted without regard to race, color, age, sex or gender, sexual orientation, gender identity, gender expression, transgender status, religion, creed, national origin, ethnicity, citizenship, ancestry, disability, genetic information, military or veteran status, pregnancy, marital or familial status, or any other protected category under applicable law.

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success. Recruiting for this role ends on 12/31/25 The team Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions. Work You'll Do + Lead the design and deployment of Next-Generation SOC platforms, like Cortex XSIAM, including advanced detection rules and SOAR playbooks, and SIEM ingestion. + Integrate diverse log and telemetry sources, ensuring data quality and normalization. + Develop and optimize automated response workflows for incident containment and remediation. + Advise clients on advanced use cases, threat detection, and automation strategies. + Collaborate with cross-functional teams for solution enhancements and threat intelligence integration. + Present technical findings and recommendations to stakeholders. Required Qualifications + BA/BS degree in a technical field (e.g., Computer Science, Cyber Security) + 4-6 years of progressively responsible experience in cloud, network, or identity security domains, demonstrating increasing levels of responsibility, technical depth, and leadership over time + 3-4 years of experience with Security Operations tools and platforms including Cortex XSIAM, Cortex XDR, Splunk, or similar SIEM technologies + 3-4 years of Security Operations Center experience demonstrating expertise in detection engineering, automation and playbook development, or SOC maturity methodologies + 3-4 years of experience with one or more cloud service providers (AWS, GCP, Azure) and native security tools + 3-4 years of experience with management of log sources, data normalization, ingestion and manipulation of data + 3-4 years of experience working with detection and response platforms (EDR) like Microsoft Defender, Cortex XDR, CrowdStrike + 3-4 years of experience with governance, risk, or compliance initiatives involving common frameworks + Certifications including Palo Alto Networks' PCNSE or Certified Cybersecurity Associate or equivalent and/or similar cybersecurity certifications + Ability to travel up to 50%, on average, based on the work you perform and the clients and industries/sectors you serve. + Limited immigration sponsorship may be available Preferred Qualifications + Experience with Palo Alto Networks' platform of solutions including, but not limited to, next-generation firewalls, Cortex & Prisma Cloud, and Prisma Access, XDR, etc. + Strong understanding of vendor competitive analysis within Security Operations (e.g., competitive differences between competing SIEM solutions) + Proficiency with advanced scripting, playbook development within a SIEM, SOAR or Security platform + Basic proficiency with network routing protocols (e.g., BGP, ECMP) and network architecture concepts (e.g., network segmentation), in support of on-premise and secure cloud infrastructure use cases + Ability to communicate and advise on solution design based on client use-cases, requirements, or other success criteria + Previous consulting or "Big 4" experience + Relevant advanced cybersecurity or related network engineering certifications (e.g., CISSP, CEH, CCSP) Information for applicants with a need for accommodation: ************************************************************************************************************ The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $102,500 - $188,900. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

**Introduction** The CISO Cybersecurity Operations Platform (CSOP) team is looking to add an engineer to the Analytics and Data Exploitation team. The Platform provides the technology, services and expertise required by IBM's Cyber Threat Detection and Response teams. We support the Advanced Threat Detection (threat hunting, intelligence, incident response), Vulnerability Detection and Response, Innovation and Remediation, Security Operations Centers and Command Centers teams to deliver enterprise-wide security to one of the world's most established technology companies. We process tens of billions of events per day, meaning effective analysis and data exploitation practices are critical to our success. This is a technical position within the Analytics and Data Exploitation team who employ commercial, open source and in-house developed tools to deliver critical cybersecurity services such as event processing, automation, complex analytics and support to digital investigations. This role operates across our development, test, pre-production and production networks to create, maintain and improve our services -an important component of which is fault-finding and the ability to work within complex, dynamic environments. The right candidate thrives in high-pressure situations and has practical experience working with Big Data technologies -such as Spark, Hadoop and Elasticsearch. The role requires a proven, practical knowledge of container orchestration technologies -specifically Kubernetes and RedHat OpenShift. The work will include the design and optimization of container-deployed systems, as well as the day-to-day engineering and administration of the orchestration environment. This includes cluster management, Pod assignment / configuration, application virtual routing, security, container image registry management and optimization of the runtime engines. Wider knowledge of data ingestion, extraction, transformation and loading technologies is important - including Streamsets and Flink. The role is rounded-out by some software development tasks - all related to cyber security. These will involve Java, SQL, Python and automation scripting so experience with DevSecOps methods is highly advantageous. The Platform team employs hybrid cloud hosting and this includes provisioning, administration and management of services within environments spanning IBM Cloud, Amazon Web Services and Microsoft Azure. About the Team The CISO Cybersecurity Operations Platform (CSOP) team is looking to add an Email Security Engineer to the team. The CSOP provides the technology, services and expertise required by IBM's Cyber Threat Detection and Response teams. We support the Advanced Threat Detection (threat hunting, intelligence, incident response), Vulnerability Detection and Response, Remediation, Security Operations Center and Command Center teams to deliver enterprise-wide security to one of the world's most established technology companies. **Your role and responsibilities** Job Duties: · Contribute to the day-to-day work that supports our critical cybersecurity analysis and data processing workflows · Protect organization against phishing, spoofing, malware, and advanced threats while maintaining user experience and compliance · Familiarity with Exchange, ProofPoint Email Solutions, Powershell, Azure, and M365 suite · Design, implement and maintain secure email solutions within the Microsoft 365 tenant and related servces · Moniotr and respond to email-related security incidents, phishing attempts, and compromise events · Support the team leadership to improve overall exploitation of technologies that best serve our requirements · Partner with CIO and CISO teams to develop email security policies, rules, and playbooks - Work as part of a deeply technical, passionate team of engineers to tackle significant IT challenges **Required technical and professional expertise** · 3 or more years' experience in an email security engineer or similar role · Experience with Microsoft 365 Exchange or Proofpoint email solutions · Hands on experience with SPF, DKIM, and DMARC configuration and rollout at an enterprise level · Experience with (or a proven aptitude for) working within a fast-paced environment where the success criteria are defined by external factors. This includes having to change course quickly, based on the evolving needs of a complex and dynamic environment · Strong experience with incident response processes for phishing and email-based threats · Experience with IBM Cloud, AWS, Azure or similar cloud environments · Strong understanding of email protocols ISMPT, IMAP, POP3) and security controls · Familiarity with SIEM tools for monitoring and automation on email threats · Excellent problem-solving, communication, and documentation skills **Preferred technical and professional experience** · Experience with secure email gateways (Proofpoint, M365, etc) · Microsoft certification · Knowledge of zero trust frameworks and modern authentication methods (MFA, conditional access) · Familiarity with cloud-native security tools (Sentinel, Defender, XDR) · Understanding of email encryption solutions (TLS, S/MIME, PGP) · Experience in large enterprise environments with hybrid Microsoft Exchange deployments · Ansible experience is a strong advantage IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

I have a client located in the East Setauket, NY area that has an opportunity for a Information Security Risk Analyst. If you or any of your colleagues are interested in discussing this opportunity please click Apply Now. In this role you will be an Information Security Risk Analyst for a client that works in the medical industry. This role is responsible for monitoring, determining, and reviewing potential and current information security risks. This is a 3 month and possibly longer contract. This role must be performed on-site. The pay on this role is $30.00 to $40.00 an hour based on experience. Job Requirements: 3+ years of experience with O365 and Purview platforms Experience reviewing daily Risky Users Ability to communicate with internal users to evaluate high risk access Ability to monitor the company's networks and identify security breaches Perform 3rd party security reviews using UpGuard TPRM tool Monitor DoJ DSP attestations and manage vendor communication and certs Help assist in creating IS runbook Document security processes Analyze Business Associate Agreements and provide recommendations on security & Liability Support Audit responses and investigations #VIS

Current Saint Francis Employees - Please click HERE to login and apply. Full Time Days PLEASE NOTE: Due to the nature of this role, candidates must be either local to the area or willing to relocate, as this position requires full-time onsite presence. Job Summary: As a member of the Information Security team, responsibilities include manages and mitigates information security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting and implementing systems, policies and processes. Provides information security risk insight and guides management on information security risk issues and serves as advisor to peers, team members and management. Minimum Education: Bachelor's degree in Computer Science, MIS, Computer Engineering, Cyber Security or related discipline. Licensure, Registration and/or Certification: None. One or more of the following certifications are preferred: Certified Information Systems Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Auditor (CISA). Work Experience: 3 - 4 years related experience inclusive of two years working directly in an Information Services department and previous experience with HIPAA/PHI compliance programs, policies, procedures, risk assessments and audits. Knowledge, Skills and Abilities: In-depth knowledge of cyber security methodology and security practices. Knowledge of HIPAA, PCI, SOX, ISO and NIST cybersecurity frameworks. Knowledge of intrusion detection and intrusion prevention systems, penetration and vulnerability testing. Knowledge of data loss prevention, anti-virus and anti-malware software tools. Knowledge of computer networking, TCP/IP, routing and switching, network protocols and packet analysis tools. Knowledge of Windows, UNIX and Linux operating systems. Excellent problem solving and analytical skills. Excellent written and oral communication skills. Excellent organizational and interpersonal skills. Ability to work independently as well as in a team setting. Essential Functions and Responsibilities: Define, implement, and enforce information security policies, strategies, and procedures that align with healthcare laws and regulations, such as HIPAA. Conduct and/or support targeted risk assessment. Determine significant risk points and exercise process for risk assessment and risk acceptance. Review assessment results for vulnerabilities, gaps, control deficiencies, and work with key stakeholders to establish plans for sustainable resolution. Maintain an effective information security awareness program and educate internal teams on best practices. Ensures that business and clinical software applications include adequate information and security controls. Establish and maintain metrics based on the information security framework used at SFHS. Decision Making: Independent judgment in making decisions from many diversified alternatives that are subject to general review in final stages only. Working Relationships: Works directly with patients and/or customers. Works with internal customers via telephone or face to face interaction. Works with external customers via telephone or face to face interaction. Works with other healthcare professionals and staff. Works frequently with individuals at Director level or above. Special Job Dimensions: None. Supplemental Information: This document generally describes the essential functions of the job and the physical demands required to perform the job. This compilation of essential functions and physical demands is not all inclusive nor does it prohibit the assignment of additional duties. Information Technology - Information Security - Yale Campus Location: Tulsa, Oklahoma 74136 EOE Protected Veterans/Disability

Thanks & Regards Rajesh KRG Technologies, Inc., ************ Ext :514 Job description: L3 Resource with good experience in handling end to end infrastructure security operations which includes o Perimeter security (Checkpoint & CISCO ASA Firewalls etc.) o Endpoint security (Sophos , Symantec etc.) o Web Gateways ( Sophos, Blucote) o Email Gateways ( Sophos, Symantec etc.) o Vulnerability Management (Qualys, DDI etc.) o Information security & Compliance ( IS Auditing, Policies & Procedure reviews) o Global Access Management o SIME (ArcSight etc.) · Should have hands on experience in troubleshooting issues · Should have good experience in ITIL Processes(Change management, Problem management, Incident Management etc. ) · Technically sound on the above listed technologies / tools · Good experience in performing Security incident analysis · Preferably the candidate should have certifications like CISSP, CISA, CISM · Should have good communication & presentation skills Additional Information All your information will be kept confidential according to EEO guidelines.

What you'll do • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server) • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles • Implement Data Loss Prevention (DLP) strategies and controls • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions • Design and implement data tokenization strategies where appropriate • Secure data processing pipelines and ensure appropriate controls for data workflows • Create and maintain data security documentation, including policies, procedures, and standards • Collaborate with development teams to ensure security best practices in data handling • Conduct vulnerability assessments of the firm's database architecture and associated data storage and processing systems • Assist in monitoring and managing security patching and upgrade processes for database platforms What's required • Bachelor's degree in computer science, cybersecurity, or related technical field • 6+ years of experience in data/database security engineering and governance • Deep expertise in database security, particularly SQL Server • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required) • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds) • Extensive knowledge of encryption technologies for both structured and unstructured data • Broad knowledge of secure data/file sharing solutions and ETL workflows • Experience designing and implementing data tokenization solutions • Experience with data classification and DLP technologies • Scripting/automation capabilities (eg: SQL, PowerShell, Python) • Commitment to the highest ethical standards Qualifications Ivy league colleges education preferred or huge plus. Additional Information All your information will be kept confidential according to EEO guidelines.

Duration: 6+ Months Experienced Firewall administrator for operational implementation, maintenance and configuration of firewalls. Key Responsibilities: Performs maintenance and changes in firewalls as required. Implementation of new firewalls as required Assists with troubleshooting network connectivity as it relates to firewalls Utilizes change management, request, and ticketing systems, documents status updates and problem resolutions Complete All assignments in a timely manner with an acceptable level of quality Maintains documentation related to work area Completes network change requests Follows documented processes, procedures and policies Performs customer service duties and responds to customer and project requests as defined by management Other related duties assigned as needed. Qualifications/Requirements: Bachelor's degree and with 3 to 4 years of operational experience administering Firewalls 4 or more years networking/firewall background Must have networking TCP/IP routing protocol experience Desired Characteristics: In-depth experience in security aspects of multiple platforms, operating systems, software, communications and network protocols is desired Competency in verbal, written, and presentation communications and interpersonal understanding Ability to understand customer's business needs. Leadership of work teams/groups Ability to work with all levels of employees Highly motivated and able to work effectively under minimal supervision in a fast-paced environment Team-oriented, placing priority on quality and the successful completion of team goals Organization and planning skills that include: time management, project coordination and management, and the ability to handle multiple deadlines and associated pressures. Competency in developing effective solutions to business problems Ability to analyze problems and to make decisions REQUIRED SKILLS YEARS OF EXPERIENCE WHEN THE SKILL WAS LAST USED Expert knowledge of Cisco Security products, ASA and Firepower Expert knowledge of NSX Expert knowledge of Palo Alto systems Security Certifications a Plus Must have networking TCP/IP routing protocol experience Networking/firewall background Operational experience administering Firewalls Additional Information All your information will be kept confidential according to EEO guidelines.

**About Us** EMCOR Construction Services, Inc. (ECS) is a division of EMCOR Group, Inc. ECS focuses on three core competencies: electrical construction, mechanical construction, and fire protection. Our nationwide group of mechanical and electrical companies have decades of experience in virtually all U.S. markets. **Job Summary** **About Us:** EMCOR Group, Inc. (NYSE: EME) is a Fortune 500 company and a leader in mechanical and electrical construction, industrial and energy infrastructure, and building services. A provider of critical infrastructure systems. EMCOR gives life to new structures and sustains life in existing ones by it planning, installing, operating, maintaining, and protecting the sophisticated and dynamic systems that create facility environments. This includes electrical, mechanical, lighting, air conditioning, heating, security, fire protection, and power generation systems--in virtually every sector of the economy and for a diverse range of businesses, organizations and government. EMCOR represents a rare combination of broad reach with local execution, combining the strength of an industry leader with the knowledge and care of 170 locations. **Job Title:** -- Security Analyst - Identity and Access Management **Job Summary:** -- The Security Analyst for Identity and Access Management (IAM) is responsible for supporting EMCOR's Security Program with a focus on identity systems, single sign-on (SSO), and user lifecycle management. This role also plays a key part in administering Microsoft Sentinel and Defender, using Kusto Query Language (KQL) to enhance threat detection, automate response, and strengthen the organization's overall security posture. **Essential Duties and Responsibilities:** -- + Support and monitor the enterprise information security system as directed by management. + Manage daily operations and support for IAM products, including incident and ticket resolution. + Administer Entra ID, with expertise in SSO, Conditional Access, and modern authentication methods. + Deploy and maintain IAM systems for user life-cycle, access governance, and PAM. + Investigate and resolve IAM security incidents using established tools and procedures. + Provide expertise during incidents, document findings, and help improve protocols. + Help design, implement, and maintain Microsoft Sentinel and Defender security monitoring, including custom KQL queries and automation. + Collaborate with security and IT teams to enhance IAM maturity and awareness. + Maintain and upgrade servers and applications supporting security tools. + Monitor emerging threats and advise stakeholders on responses. + Perform special projects as needed. **Qualifications:** -- + A minimum of five years' experience with Microsoft Active Directory, preferably within a multi-domain environment. + At least three years' experience working with Microsoft Entra ID. + A minimum of two years' experience utilizing the Microsoft Defender Platform and/or Microsoft Sentinel. + At least one year's experience with Privileged Access Management systems. + Demonstrated proficiency in using PowerShell for administration and automation purposes. + Practical experience and/or comprehensive understanding of one or more of the following technologies: MFA, SSO, SAML, OAuth, OpenID, SCIM, and REST API. + Proven ability to communicate effectively and interact professionally with personnel at all organizational levels. + Strong project management capabilities. + Ability to consistently deliver an exceptional standard of customer service. Notice to prospective employees: There have been fraudulent postings and emails regarding job openings. EMCOR Group and its companieslist open positions here (****************************************************************************************************** DateDesc&w=&wc=&we=&wpst=) . Please check our available positions to confirm that a post or email is genuine. EMCOR Group and its companies do not reach out to individuals to help with marketing or other similar services. If an individual is contacted for services outside of EMCOR's normal application process - it is probably fraudulent. **As a leading provider of mechanical and electrical construction, facilities services, and energy infrastructure, we** **offer employees a competitive salary and benefits package and we are always looking for individuals with the talent and skills required to contribute to our continued growth and success. Equal Opportunity Employer/Veterans/Disabled** **Benefits: We are** **committed to providing employees a comprehensive benefits package which includes medical, dental, and vision coverage, along with health savings and flexible spending accounts, life insurance, disability, a 401(k) Savings Plan, College Coach and employee assistance program.** **\#emcor** **\#LI-MJ1** **Equal Opportunity Employer** As a leading provider of mechanical and electrical construction, facilities services, and energy infrastructure, we offer employees a competitive salary and benefits package and we are always looking for individuals with the talent and skills required to contribute to our continued growth and success. Equal Opportunity Employer/Veterans/Disabled **Notice to Prospective Employees** Notice to prospective employees: There have been fraudulent postings and emails regarding job openings. EMCOR Group and its companieslist open positions here (************************************** . Please check our available positions to confirm that a post or email is genuine. EMCOR Group and its companies do not reach out to individuals to help with marketing or other similar services. If an individual is contacted for services outside of EMCOR's normal application process - it is probably fraudulent. Email a Friend Email a Friend **ID** _2025-2663_ **Company** _EMCOR Construction Services, Inc._ **Category** _Information Technology_ **Position Type** _Full-Time_ **Posted Date** _2 months ago_ _(10/14/2025 1:00 PM)_

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **The opportunity** As application senior security specialist for the Security Certification Team, candidate will be resposible to conduct application vulnerability assessment and penetration testing of EY applications before they move into production and support the team to meet overall security certification goals and client requirements. **Your key responsibilities** + Capable of conducting application & network penetration testing and vulnerability assessments + Preparing detailed security review reports and remediation guidances + Researching new application security vulnerabilities and attack vectors + Leading strategic initiatives and mentoring new team members + Support the team in updating their skill and knowledge **Skills and attributes for success** + Hands on experience of Web, thick client, Mobile, VOIP, Wireless application security testing. + Proficient in automated and manual application testing methodologies. + Expert in using manual testing tools such as Burp Professional, Nmap, Wireshark, Nessus, echomirage. + Expert in using automated application scan tool Webinspect / Qualys WAS, CheckMarx, WhiteSource etc.. + Basic Knowledge of programming language like C/C++, C#, JAVA, ASP.NET and familiar with PERL/Python Scripting. + Familiar with OWASP and Secure SDLC standards + Knowledge of common security requirements within ASP.NET & Java application + Good Knowledge of TCP/IP, Network Security. + Knowledge / experience on code review + Good Technical aptitude, problem solving and ability to quickly learn and master new topics and domains. + Excellent communication skills; written and verbal. **Supervision Responsibilities:** None **Other Requirements:** Flexible work environment **Education:** + Bachelor's degree in a technical discipline such as Engineering or Computer Science or equivalent work experience in IT and Information Security. **Experience:** + 4 - 6 yrs. experience in application security assessment + Hands on experience of Web, thick client, Mobile Application security reviews. + Exposure and good understanding of the various manual testing methodologies. **Certification Requirements:** + Desirable: IT security Certifications (CEH. ECSA, OSCP etc..). **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $76,400 to $138,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $91,700 to $157,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

We anticipate the application window for this opening will close on - 20 Dec 2025 At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world. **A Day in the Life** The Principal Product Security Engineer plays a critical role in ensuring the security of Medtronic Surgical Operating Unit medical device solutions. Reporting to the Director of Product Security, this role drives the integration of advanced cybersecurity measures, identifies and mitigates potential vulnerabilities, and supports initiatives that improve cyber-resiliency throughout the product lifecycle. You will serve as a technical subject matter expert and mentor, collaborating across teams and contributing to long-term improvements in our security posture. **Careers that Change Lives** In this engineering-focused role, you will join a world-class team of systems, mechanical, electrical, software, and quality engineers within Medtronic's Surgical Operating Unit (OU). The Surgical OU brings together the people and portfolios of Surgical Robotics and Surgical Innovations to advance surgical care through robotics, surgical energy technologies, and digital solutions. This role focuses on cybersecurity for medical devices and embedded systems. It is not an IT security, compliance, or GRC-focused position. The ideal candidate will have deep experience working with engineering teams to integrate cybersecurity into real-time systems, embedded firmware, connected devices, or other product-level security contexts. With the Medtronic Mission as our North Star, we build on our legacy of proven surgical solutions and continue advancing the promise of robotics and digital technologies to improve outcomes for our customers and patients. This is an onsite role and can be located at one of these office locations: Boston, MA, Lafayette, CO, Minneapolis, MN, or North Haven, CT with a strong preference of Boston or Lafayette. _Make your impact by exploring a career with the world's leading Medical Device company, striving "to alleviate pain, restore health, and extend life."_ **A Day in The Life** The Principal Product Security Engineer plays a critical role in ensuring the security of Medtronic Surgical Operating Unit medical device solutions. Reporting to the Director of Product Security, this role drives the integration of advanced cybersecurity measures, identifies and mitigates potential vulnerabilities, and supports initiatives that improve cyber-resiliency throughout the product lifecycle. You will serve as a technical subject matter expert and mentor, collaborating across teams and contributing to long-term improvements in our security posture. **Key Responsibilities** : + **Product Security Strategy & Continuous Learning** - Stay abreast of emerging cybersecurity threats, technologies, and regulations specific to medical devices and health software. Contribute to OU and enterprise-wide product security strategy and roadmap development. + **Secure Product Development Lifecycle** - Drive security integration into all stages of the product lifecycle, from concept and design to postmarket. Work closely with system architects, software leads, and hardware engineers to embed secure design patterns in both embedded and cloud-connected environments. + **Threat Modeling & Risk Assessment** - Lead threat modeling sessions, conduct security risk assessments, and identify mitigation strategies in accordance with IEC 81001-5-1, ISO 14971, and FDA premarket cybersecurity guidance. + **Security Architecture & Design** - Collaborate on the design and implementation of secure architectures, focusing on secure boot, secure communications, data protection, access control, secure software updates, and hardware-software integration. + **Security Testing & Analysis** - Support and interpret results from vulnerability scans, penetration tests, and static/dynamic code analysis. Coordinate with internal teams and third-party vendors to ensure timely and appropriate risk mitigation. + **Security Awareness & Mentorship** - Promote a culture of security awareness within R&D and provide mentorship to junior engineers. Lead by example through documentation, review participation, and active knowledge sharing. + **Regulatory & Standards Compliance** - Ensure alignment with applicable standards (e.g., NIST, IEC 60601-4-5, IEC 81001-5-1) and support security documentation efforts for global regulatory submissions. + **Vendor & Supply Chain Security** - Review and assess the cybersecurity posture of third-party suppliers and open-source software components used within product designs. + **Incident Response Support** - Provide technical leadership during postmarket security incidents or field issues. Lead root cause investigations, containment strategies, and risk assessments. + **Security Documentation** - Maintain comprehensive security documentation, including threat model diagrams, risk assessments, shared service inventories, design patterns, security guidelines, and product security plans/reports. **Must Have Requirements** + Bachelor's degree with 7 years of experience + Or advanced degree with 5 years of technical experience **Nice to Have** + Bachelor's degree in a relevant engineering field of study (e.g., Computer Engineering, Software Engineering, or related discipline), completed and verified prior to start + Minimum 3 years of experience integrating security into embedded systems or connected medical devices in a regulated product development environment + Strong understanding of secure development lifecycle (SDLC), secure boot, cryptography, secure firmware update, secure communication, and hardware/software interface security + Master's degree in a relevant engineering or cybersecurity field + Industry-recognized certifications (e.g., CISSP, CSSLP, CISM, CEH) + Experience mentoring or technically guiding junior security engineers + Demonstrated ability to implement secure architecture in embedded and connected device ecosystems + Familiarity with FDA and MDR cybersecurity submission requirements + Knowledge of secure coding practices and common vulnerabilities (e.g., OWASP, CWE, CVSS) + Experience supporting cross-functional design reviews or formal design assurance processes + Working knowledge of secure boot chains, cryptographic controls, and device authentication protocols **Physical Job Requirements** The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position. The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role. **Benefits & Compensation** **Medtronic offers a competitive Salary and flexible Benefits Package** A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage. Salary ranges for U.S (excl. PR) locations (USD):$152,800.00 - $229,200.00 This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP). The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others). The following benefits and additional compensation are available to those regular employees who work 20+ hours per week: Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program). The following benefits and additional compensation are available to all regular employees: Incentive plans, 401(k) plan plus employer contribution and match, Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums). Regular employees are those who are not temporary, such as interns. Temporary employees are eligible for paid sick time, as required under applicable state law, and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico. Further details are available at the link below: Medtronic benefits and compensation plans (************************************************************************************************************** **About Medtronic** We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission - to alleviate pain, restore health, and extend life - unites a global team of 95,000+ passionate people. We are engineers at heart- putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary. Learn more about our business, mission, and our commitment to diversity here (************************* . It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities. If you are applying to perform work for Medtronic, Inc. ("Medtronic") in any position which will involve performing at least two (2) hours of work on average each week within the unincorporated areas of Los Angeles County, you can find here (*************************************************************************************************************************************** a list of all material job duties of the specific job position which Medtronic reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of a conditional offer of employment. Medtronic will consider for employment qualified job applicants with arrest or conviction records in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions. Our Mission - to alleviate pain, restore health, and extend life - unites a global team of 95,000+ passionate people. We are engineers at heart- putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary. **We change lives** . Each team member, each day, helps to improve and redefine how the world treats the most pressing health conditions, from heart disease to diabetes. Our industry leadership comes from the passion and ingenuity of our people. That's who we are. Working alongside one another, we use science, medicine, and a profound understanding of the human body to build extraordinary technologies that can transform lives. **We build extraordinary solutions as one team** . With one Medtronic Mindset defining how we work. Speed and decisiveness run through our DNA. Diverse perspectives inspire our bold answers to any challenge that comes our way. And we deliver results the right way, breakthrough after patient breakthrough. **This life-changing career is yours to engineer** . By bringing your ambitious ideas, unique perspective and contributions, you will... + **Build** a better future, amplifying your impact on the causes that matter to you and the world + **Grow** a career reflective of your passion and abilities + **Connect** to a dynamic and inclusive culture that welcomes the challenge of life-long learning These commitments set our team apart from the rest: **Experiences that put people first** . Respect for people is the hallmark of our humanity. It fuels our team to positively impact even a single life. And it means we put our people first at Medtronic as well, creating a culture of belonging and always pushing to get you the career-building resources you need. **Life-transforming technologies** . No matter your role, you contribute to technologies that transform lives. What we build empowers patients to live life on their terms. **Better outcomes for our world** . Here, it's about more than the bottom line. Our Mission to improve human welfare drives us. We advance healthcare, society, and equity with every design, inside and outside our walls. **Insight-driven care** . Fresh viewpoints. Cutting-edge AI, data, and automation. You're shaping the future of healthcare technology and defining the next generation of breakthroughs in care It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities. For sales reps and other patient facing field employees, going into a healthcare setting is considered an essential function of the job and we expect our employees to comply with all credentialing requirements at the hospitals or clinics they support. This employer participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here (*********************************** . For updates on job applications, please go to the candidate login page and sign in to check your application status. If you need assistance completing your application please email ******************* To request removal of your personal information from our systems please email *****************************

What you'll do • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server) • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles • Implement Data Loss Prevention (DLP) strategies and controls • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions • Design and implement data tokenization strategies where appropriate • Secure data processing pipelines and ensure appropriate controls for data workflows • Create and maintain data security documentation, including policies, procedures, and standards • Collaborate with development teams to ensure security best practices in data handling • Conduct vulnerability assessments of the firm's database architecture and associated data storage and processing systems • Assist in monitoring and managing security patching and upgrade processes for database platforms What's required • Bachelor's degree in computer science, cybersecurity, or related technical field • 6+ years of experience in data/database security engineering and governance • Deep expertise in database security, particularly SQL Server • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required) • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds) • Extensive knowledge of encryption technologies for both structured and unstructured data • Broad knowledge of secure data/file sharing solutions and ETL workflows • Experience designing and implementing data tokenization solutions • Experience with data classification and DLP technologies • Scripting/automation capabilities (eg: SQL, PowerShell, Python) • Commitment to the highest ethical standards Qualifications Ivy league colleges education preferred or huge plus. Additional Information All your information will be kept confidential according to EEO guidelines.