Cyber security analyst jobs in The Dalles, OR

FLEX IT has an immediate need for a Cyber Security Analyst with a proven track record of delivering world-class results with our Enterprise level client. The ideal candidate will bring a broad range of lean and agile experiences working within large-scale organizations. ALL LEVELS OF Cyber Security Analysts ARE ENCOURAGED TO APPLY Top Skillsets: (Based on Requirement) ?-Knowledge of information security standards, principles, and practices -Computer programming and/or scripting languagues (Python, Powershell, Java Script, Go) -Experience with massive log aggregation and analysis -Comfortable interfacing with other organizations regarding security policy Job Responsibilities: Elevate security analytics by distilling complex analytical concepts Enable a culture of data driven decision making Minimize complexity and focus on results Thrive in an entrepreneurial environment Use data to prove your point, think outside the box and solve problem creatively

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

A Senior Cyber Intrusion Detection Analyst is needed to provide advanced incident response and monitoring support. This is a hybrid position based in Washington, D.C., covering 5th shift work (7am7pm Saturday & Sunday, Friday 11pm7am, and Tuesday 7am3pm). Responsibilities Respond to cyber incidents, including SOC incident response calls and emails. Serve as Subject Matter Expert (SME) in investigations escalated from SOC Tier I & II analysts. Investigate phishing attempts and other potential cyber threats. Collaborate with SOC federal staff and Incident Handlers to triage, contain, and remediate incidents. Participate in Splunk engineer working groups to improve alerting rules and reduce false positives. Work closely with Threat Hunt and Security Intelligence teams to strengthen SOC capabilities. Follow established incident response procedures, while identifying process improvement opportunities. Manage incidents involving enterprise systems and sensitive data, including PII breaches. Detect, collect, analyze, and report cybersecurity incidents. Investigate and remediate malware infections. Analyze a variety of logs and alerts (firewall, IDS, malware, HIPS, PCAP, proxy, Windows/Active Directory, etc.) to identify anomalous activity and document findings. Conduct advanced log and malicious code reviews to support containment and recovery. Assist with cybersecurity workforce development by reviewing tickets and annotations. Required Qualifications Bachelors degree with 8+ years of cybersecurity experience (or equivalent). At least 6 years of intrusion detection examination experience. Experience with a wide range of security technologies and logging data, including WANs, IPS/IDS/HIPS, web logs, raw data logs, and event reviews. Strong knowledge of Splunk SIEM with 3+ years of advanced analytics experience (queries, Grep skills, firewall ACL review, Snort IDS events, PCAPs, and web server logs). Strong written and verbal communication skills. One or more advanced certifications, such as: CERT Certified Computer Security Incident Handler CEH (Certified Ethical Hacker) CISSP GCIH (Certified Incident Handler) GISF (Information Security Fundamentals) Clearance Must be able to obtain and maintain a Public Trust clearance. Working Place: Washington, D.C., District of Columbia, United States Company : 2025 Sept 11 Virtual Career Fair - GovCIO

We exist to wow our customers. We know we're doing the right thing when we hear our customers say, "How did we ever live without Coupang?" Born out of an obsession to make shopping, eating, and living easier than ever, we're collectively disrupting the multi-billion-dollar e-commerce industry from the ground up. We are one of the fastest-growing e-commerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce. We are proud to have the best of both worlds - a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurs surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day. Our mission to build the future of commerce is real. We push the boundaries of what's possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world. Role Overview As our Cyber Security Incident Response Team (CSIRT) for our Seattle office, you will be a part of our special forces within the BlueTeam. You must have a calm and collected mannerism in high-pressure and time sensitive situations, think like both an attacker and defender, and work with relevant teams to take the right and timely actions to analyze, respond and neutralize attacks. The BlueTeam is responsible for the detection and response to credible threats. We work hands-on developing detective capabilities, identifying mitigations to vulnerabilities and respond to potential threats to Coupang systems. BlueTeam CSIRT Engineers are unique individuals prepared to relentlessly resolve security issues by gathering and analyzing event data and conducting root-cause analysis. The Senior Security Engineer position requires an experienced CSIRT personnel that have expert working knowledge in IR, investigation and hunt techniques, root-cause security flaws and vulnerabilities, quickly assessing the potential cyber threats. Security Engineers are also expected to develop elegant solutions to complex problems and apply appropriate technologies while following security engineering best practices. What You Will Do Analyze and respond to security anomalies, intrusion attempts, and breaches, and root cause analysis, containment, creating the report Threat hunting to find undetected security threat from the SOC using data from end points, servers, clouds, network and other sources Ticket review, and security analysis escalated from SOC Improvement of incident response policies and procedures, and process of SOC. - Analyze and respond to Web security events by CDN security solutions (e.g. Akamai, CloudFlare) Analyze and respond to Email Security events Oncall to response urgent security events or security issues Collaborate effectively with internal teams through efficient communication Minimum Qualifications Bachelors Degree in Computer Science or a related technical field or equivalent professional experience. 2 years of experience in information Security with experience in Cyber Security Incident Analysis Preferred Qualifications 8+ years of experience in information security with at least 5+ years as a Cyber Security Incident Analyst Experience of Host based security investigation (Windows, Linux, Network/Security appliances) Experience of analyzing security event and knowledge of AWS or Cloud environment Experience of analyzing security event from Web security solutions (Akamai, CloudFlare) Experience of analyzing security event from network security and SaaS solutions (IPS/IDS, Network Monitoring solutions, Email Security, O365, etc) Experience of analyzing security event from endpoint security solutions (EDR, HIPS, Anti-Virus, DLP, etc) Experience and skills querying SIEM Solutions for analyzing security events from the logs Skill to analyze big data or big size logs Experience in Automation and Scripting using Bash, Python, PowerShell Proactive and proactive work attitude Pay & Benefits Our compensation reflects the cost of living across several US geographic markets. At Coupang, your base pay is one part of your total compensation. The base pay for this position ranges from $108,000/year in our lowest geographic market to $232,000/year in our highest geographic market. Pay is based on several factors including market location and may vary depending on job-related knowledge, skills, and experience. General Description of All Benefits Medical/Dental/Vision/Life, AD&D insurance Flexible Spending Accounts (FSA) & Health Savings Account (HSA) Long-term/Short-term Disability Employee Assistance Program (EAP) program 401K Plan with Company Match 18-21 days of the Paid Time Off (PTO) a year based on the tenure 12 Paid Holidays Paid Parental leave Pre-tax commuter benefits MTV - [Free] Electric Car Charging Station General Description of Other Compensation "Other Compensation" includes, but is not limited to, bonuses, equity, or other forms of compensation that would be offered to the hired applicant in addition to their established salary range or wage scale. Coupang is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or gender (including pregnancy, gender identity, gender expression, sexual orientation, transgender status), national origin, age, disability, medical condition, HIV/AIDS or Hepatitis C status, marital status, military or veteran status, use of a trained dog guide or service animal, political activities, or affiliations, citizenship, or any other characteristic or class protected by the laws or regulations in the locations where we operate. If you need assistance and/or reasonable accommodation in the recruiting process due to a disability, please contact us at ************************. Requisition # R0064937

Join us in stopping bad bots, for good! Kasada protects millions of online users everyday. Founded to stop automated bot attacks, we believe the internet should be a safe place for everyone. Bad bots are highly destructive. They take over accounts, steal content, overload systems and infrastructure and cause billions of dollars in damages every year. Seeking to restore trust in the internet, Kasada stops bots at the very first request including those that have never been seen before. We've grown from a few friends working out of a shipping container under the Sydney Harbour Bridge to now operating globally, we're spread across the world protecting some of the most well-known brands on the face of the earth. We're an innately curious team that's not afraid to bring bold ideas to create better ways of solving problems. We're looking for people who are passionate about solving some of the most difficult and pressing cybersecurity issues, while having fun doing it! The Role We're currently on the lookout for a Senior Security Analyst to join our Security Operations team, focused on taking on complex and high impact unwanted automation for our customers. This role will require you to act as an escalation point for other analysts, handle investigations end to end, and contribute to improving our investigative methods and tooling. Your experience in a similar role in a cyber security environment will be highly regarded. This position will allow you to apply your analytical skills in the fight against bad bots. Working with some of the world's biggest companies, you'll help reduce the damage caused by unwanted automation, while sharing your expertise and supporting our team. This is a remote role, to ensure timezone overlap with our Australia-based team candidates should be located on the West Coast. What you will be doing; Lead complex investigations and in-depth analysis of automated software activity within customer environments, driving cases to resolution. Act as an escalation point for incident response and threat detection, providing expert guidance on challenging or ambiguous cases. Apply and optimise a range of investigative tools and techniques to uncover patterns, anomalies, and root causes. Collaborate across teams to provide clear, actionable advice on complex investigations and contribute to improving detection and response processes. What you will bring; Demonstrable, recent experience in cybersecurity or IT security roles. Significant experience identifying and mitigating security risks in a web application or similar environments. Solid understanding of security frameworks, incident response methodologies, and threat intelligence. Familiarity with analytical security tools (e.g., Splunk, ElasticSearch, SQL, NoSQL databases). Solid knowledge of web technologies (TCP stack, HTTP/S, WebSockets, Browser Architectures, Operating Systems) Subject matter knowledge and awareness of automated cyber security attacks and/or bot groups. Relevant certifications (e.g., CISSP, CISM, CEH, Bachelors degree in a relevant field) are desirable but not essential. Critical and analytical mindset with proven ability to make sound, timely judgments. $140,000 - $175,000 a year The Benefits of being a Kasadian We want to ensure Kasada remains a great place to work and a place to do great work. It's important to us to build an inclusive environment where you can realize your full potential. We are a highly collaborative team regardless of location, placing a strong emphasis on our core values; and we have designed our benefits package so you can thrive, both inside and outside of work: - A stake in Kasada's global success with equity/stock options - Flexible working hours and arrangements - Create a schedule that suits you - Support for growing families - Generous parental leave allowances and resources to help in the lead up, during and after parental leave. - Resources for well-being to support your growth including our EAP - confidential counselling for you and your loved ones - Birthday leave - Wellness leave - An action packed calendar of fun in-person and virtual events Sound interesting? What's next? Hit the apply button and one of our team will set up an exploratory, confidential discussion. We have designed our hiring process to be streamlined and thorough so everyone can make the right call on whether it is the right move for you. We are an inclusive team and this extends to all candidates that interview with us. Interviews are conducted virtually however if you want to come onsite - just ask! When you apply, please tell us the pronouns you use and any adjustments you may need during the interview process, we want to ensure you are set up for success in every conversation. Still with us? Just a little bit more… Research shows that women and other marginalized individuals tend to only apply when they check every box. We're always keen to broaden our perspective, so if you think you have what it takes, but don't necessarily meet every single point above, please still get in touch, we'd love to have a chat and see if you could be a great addition to the team! Please note: Kasada is an e-verify employer (US based applicants only)

TITLE: N/A JOB CODE: FLSA: Exempt SALARY GRADE: 7 CATEGORY: Full-time UNION REPRESENTATION: NA SCHEDULE: Hybrid SUPERVISORY ROLE Y/N: 11.2025 The Information Security Analyst I plays a critical role in safeguarding the organization's systems and information assets. This position supports the development and implementation of security strategies, tools, and guidelines to protect against unauthorized access, data breaches, and system disruptions. Responsibilities include monitoring and responding to Information Security-related alerts, supporting audit and risk assessment activities, evaluating internal controls, and recommending improvements to enhance security posture. The analyst assists in migrating non-compliant environments to meet regulatory standards and ensures adherence to data protection laws and banking industry compliance requirements. This role is foundational to maintaining the confidentiality, integrity, and availability of sensitive financial data and supporting the organization's overall cybersecurity framework. ESSENTIAL DUTIES Identity and Access Management Support access provisioning, modification, and termination processes to ensure timely and secure access control. Conduct administrator activity and user access reviews across IT systems, including privileged access audits and firewall/cloud app usage monitoring. Maintain asset and access inventories, perform recurring audits of critical systems, and reconcile against endpoint and network tools. Security Monitoring and Incident Response Monitor and respond to alerts from SIEM, IDS, firewalls, and endpoint protection systems. Conduct vulnerability scans, track remediation efforts, and facilitate related meetings. Maintain readiness for incident response activation, including participation in tabletop exercises. System Administration and Tool Management Administration of cloud computing environments, conditional access, and guest provisioning following established best practices. Manage software controls, browser extensions, and patching processes. Administer security camera system and ensure system uptime. Administer Mobile Device Management system. Threat Intelligence and Continuous Improvement Stay informed on emerging threats in the banking sector and contribute to threat intelligence reporting. Research and test new security tools, controls, and AI applications to enhance the Bank's security posture. Correctly identify true and false positives in alerting systems and tune these systems for continuous improvement. Security Awareness and Training Support phishing simulations and training campaigns, track completion, and report metrics to management. Documentation and Reporting Log findings, remediation efforts, and audit results in a structured ticketing system. Assist with vendor management program administration and reporting. Data Protection and Compliance Ensure compliance with GLBA, FFIEC, and other applicable regulations through log retention, configuration management oversight, and DLP monitoring. Administer data classification tools and respond to violations involving PII or sensitive data. Audit VPN usage and test controls across email, endpoint, and network security platforms. Completes mandatory compliance training in accordance with established deadlines. The position performs duties specific to the position and other functions as assigned. ROLE COMPETENCIES/SKILLS Attention to Detail Collaboration & Communication Diversity & Inclusion Execution & Ownership Time Management Compliance Innovation Systems Thinking Data Analysis & Management Information Security Network Operations Critical Thinking Consulting Analytical Thinking ENVIRONMENT, PHYSICAL & MENTAL ACTIVITIES The incumbent is in a non-confined office-type setting in which they are free to move about at will. It may include some minor annoyances such as noise, odors, drafts, etc. For Hybrid and Remote roles, work may also be performed away from BSB worksites depending on the position and requirements. For Hybrid/Remote work, employees are required to have an environment when working at home that has a dependable, high-speed internet connection and environment conducive to frequent phone or internet calls where private, confidential or other information is not visible, able to be overheard, or physically or electronically accessible to anyone else. The incumbent in the course of performing this position spends time writing, typing, speaking, listening, lifting (up to 10 pounds), driving, carrying, seeing (such as close, color and peripheral vision, depth perception and adjusted focus), sitting, pulling, walking, standing, squatting, kneeling and reaching. The incumbent for this position may operate any or all of the following: personal computer, cellular telephone, printer, fax, and other standard office equipment. The incumbent in this position must be able to accommodate reading documents or instruments, detailed work, problem solving, customer contact, reasoning, math, language, presentations, verbal and written communication, analytical reasoning, stress, multiple concurrent tasks and constant interruptions. The work environment characteristics, physical and mental demands described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. POSITION REQUIREMENTS Minimum Qualifications Bachelor's degree in Information Technology, Cybersecurity, or a related field, or equivalent combination of education and experience. 5 years of professional experience in IT support or related technical roles. Foundational understanding of cybersecurity principles, including access control, endpoint protection, and network monitoring. Familiarity with Microsoft 365, Active Directory, and basic system administration tasks. Ability to conduct audits, manage tickets, and document findings accurately. Strong analytical and troubleshooting skills. Effective communication skills and ability to collaborate across departments. Preferred Qualifications Bachelor's degree in Information Technology, Cybersecurity, or a related field. Experience with banking industry compliance standards (e.g., GLBA, FFIEC). Hands-on experience with security tools such as SIEM, DLP, IDS/IPS, EDR, Email Filtering, and Firewalls. Exposure to vulnerability management platforms and identity/access management processes. Familiarity with Microsoft cloud services and Mobile Device Management. Experience supporting or administering phishing simulations, security awareness programs, or similar efforts. Knowledge of vendor management platforms and data classification tools. Management reserves the right to change this position description at any time according to business needs. #LI_Hybrid

GW Information Technology (GW IT) provides empowering tools and caring support for all members of The George Washington University (GW) community. We are focused on driving digital transformation and innovation to enable the academic and operational excellence of our students, faculty, staff, and researchers. At GW IT, we are committed to cultivating a team culture that values diversity, inclusion, respect and collaboration, and invests in each of our team members to grow in their technology and career skills. The Senior Cloud Security Analyst is a mid-level position within GW IT's Application Security team that will collaborate on application security risk assessments, threat modeling, vulnerability assessments specific to GW IT's cloud environment. Primary Responsibilities: Experience evaluating security controls and the application of commonly used cyber risk standards and frameworks: e.g., NIST 800-171, NIST -800-53, CIS , OWASP . Familiarity with cloud computing environments (e.g., AWS , Azure) Experience in the secure design of cloud-based solutions to measurable performance and security standards Familiarity with cloud-managed security services such as Amazon Inspector, AWS WAF and Shield, and AWS Directory Service. Ability to translate security risks and misconfigurations into product security rules and controls to map against standards, policies and procedures. Familiarity with AWS and Azure core cloud infrastructure capabilities, features, and services. Review cloud logging reports for events that occur in the cloud environment. Performs other related duties as assigned. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position Minimum Qualifications Qualified candidates will hold a Bachelor's degree in an appropriate area of specialization plus 5 years of relevant professional experience, OR, a Master's degree or higher in a relevant area of study plus 3 years of relevant professional experience, OR a Bachelor's degree in an appropriate area of specialization plus 3 years of relevant professional experience PLUS a relevant IT Security certification. Degree must be conferred by the start date of the position. Degree requirements may be substituted with an equivalent combination of education, training and experience. Preferred Qualifications 4 years of relevant experience with cloud security requirements Experience working within a distributed team via collaborative tools Certifications: 1+ security certification (e.g., CISSP ) Familiarity with Linux and Windows in cloud environments Experience in secure design of cloud-based solutions to measurable performance and security standards Ability to perform forensic file system analyses to identify indicators of compromise system timeline Experience evaluating log data and cloud-hosted virtual machines to detect security incidents and initiate appropriate steps as a first responder Experience assessing cloud-based security controls using security tools and threat modeling Work Schedule Monday - Friday, 8am - 5pm (occasional evenings and weekends)

Job Title: “Information Security Specialist” (Cyber security analysis) Duration: 9+ Months (with high possibility of extending into full time) Job Description: This position is in Corporate Information Security and under the direction of the Manager, Third-Party Cybersecurity Assessments. The Cybersecurity Assessment Analyst will perform cybersecurity assessments on new and existing third parties. The Analyst will construct detailed and summary reports of assessments, including customized reports, as needed. The Analyst will work with Subject Matter Experts (SME) to develop and apply risk assessment criteria (aligned with Policy) to new and existing suppliers using internal and external business intelligence. The Analyst will work with Third-Party Risk Management, Privacy and Legal Counsel, Procurement and Contract Managers, Compliance, and Business Owners to develop and maintain an internal service model that informs the business of key risks in a timely manner to limit unnecessary impediments and avoid bureaucracy. Specific responsibilities: - Coordinate the development of information security policies, standards and procedures. Work with key IT offices, data custodians and governance groups in the development of such policies. Ensure that company policies support compliance with external requirements. Oversee the dissemination of policies, standards and procedures to the user community - Coordinate the development and delivery of an education and training program on information security and privacy matters for employees, other authorized users, and vendors - Serve as the company compliance officer with respect to state and federal information security policies and regulations. Work with the -designated internal audit, SOX compliance, legal, and HR on compliance issues as necessary. Prepare and submit and submit required reports to external agencies. - Develop and implement an Incident Reporting and Response System to address security incidents (breaches), respond to alleged policy violations, or complaints from external parties. - Serve as the official company contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities. - Develop and implement an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation, and oversee vulnerability testing. Required Qualifications: Talent management, results focus and inspirational leadership. Essential Functions • Conduct third-party cybersecurity risk assessments, applying established criteria • Support assessment team with quality assurance reviews over work product and reporting • Collaborate with internal partners and third parties to mitigate and otherwise resolve third-party cyber risks • Consistently deliver on commitments, deadlines and objectives while remaining in scope and leveraging appropriate tools, methods, frameworks, and professional standards • Demonstrate consistent credibility with business partners and leadership while recommending initiatives, identifying gaps, and potential issues • Continuously demonstrate the ability to work independently while representing the services of the department with the highest level of professionalism • Demonstrate the ability to appropriately influence business decisions, and the professional judgment for selecting the appropriate methods and techniques to do so Preferred Qualifications: • Solid background both educationally and via professional experience. No less than 3 years' professional experience in business operations, project/program management, finance, risk management, information security, business analytics or similar. • Experience in large companies and/or complex environments, or providing professional consulting services for them. • Demonstrated abilities in problem-solving and analysis: identifies issues, analyses information to assess root cause and relationships, risks, and potential risk responses. Proven ability to synthesize and summarize complex data into concise recommendations and reports. • Demonstrated strong business writing and professional oral communication skills. • Proven ability to balance multiple priorities, adapt to a constantly changing business environment, work independently, drive projects to completion, and meet deadlines in a fast-paced environment-with only periodic supervision. • Ability to work collaboratively and manage and initiate effective cross-functional relationships. • Strong computer skills, including MS Office products (e.g. Word, Excel, PowerPoint, Visio) and other business software to prepare reports, memos, summaries, and analyses. Desired • Analytical - Synthesizes complex or diverse information; Collects and researches data; employs intuition and experience to complement data; Designs work flows and procedures. • Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness. Applies feedback to improve performance; Monitors own work to ensure quality • Planning/Organizing - Prioritizes and plans work activities to achieve success; Sets and achieves goals and objectives; Develops realistic action plans • Professionalism - Reacts well under pressure; Keeps commitments; Accepts responsibility for own actions. • Career Growth: Focus on cyber security auditing with potential advancement goals in engineering or threat analysis roles • Self-directed team player with Agile environment experience Education Minimum Required • Bachelor's Degree • Equivalent experience is acceptable. License or Certification Desired: (one of the following): CISA (Certified Information Systems Auditor) GSEC (GIAC Security Essentials Certification) CompTIA - Security+ ECSA - EC-Council Certified Security Analyst SSCP (Systems Security Certified Practitioner) Other: Six Sigma, PMP or Agile certificates Other comments - suppliers: Organizational skills; office suite knowledge; and good communication skills are “must haves”. Cyber security analysis experience is preferred. Additional Information All your information will be kept confidential according to EEO guidelines.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Avint, LLC is seeking a highly skilled and mission-driven Information System Security Officer (ISSO) to join our team. The ideal candidate will bring deep technical expertise, hands-on experience securing complex systems, and a strong understanding of U.S. Government cybersecurity standards. This role requires a cybersecurity professional who can confidently lead system authorization activities, oversee compliance efforts, and ensure the security and integrity of both cloud and on-premises environments. Candidates must be U.S. citizens with an active Top Secret clearance and SCI eligibility, hold a DoD 8570 certification (such as CISSP or Security+), and be comfortable working on-site in Washington, D.C. or across the DC Metro area five days per week. This position also requires the ability to travel domestically and internationally up to 25%. Requirements Position Requirements: U.S. citizenship Active U.S. DoD Top Secret clearance with SCI eligibility Active DoD 8570 certification (e.g. CISSP, Security+) Be on site in Washington, DC or customer location in the DC Metropolitan area 5 days per week Ability to travel domestically and internationally up to 25% of the time Background in systems administration, software development, systems engineering, and/or deep familiarity with Linux operating systems Experience with risk management framework (RMF) software systems (eMASS, Xacta, etc) Experience with information system scanning utilities (Nessus, OpenSCAP, etc) Experience with cloud and on premises environments Experience assessing and authorizing IT systems against U.S. Government standards such as FISMA, FedRAMP, and NIST SP 800-53 Benefits Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, and generous time off and Federal Holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development! Salary range $110,000 to $115,000

Be Challenged and Make a Difference In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture. Description of Task to be Performed:AnaVation is seeking a mid-level ISSO for our mission critical customer in Washington, DC. You will work as part of a highly talented team providing security compliance expertise on high priority projects. Daily duties include, but are not limited to:· Developing, maintaining, and assessing Security Assessment & Authorization (SA&A) packages resulting in an authority to operate (ATO) for IT systems.· Creating and maintaining SSPs and supporting documentation in accordance with agency guidelines and directives. This includes writing implementation statements, creating supporting documentation (e.g., contingency Plans, Incident Response Plans, Account Management Plans, etc.), and performing self-assessments, while working with system stakeholders.· Develop, coordinate, test, and train personnel on Incident Response Plans and Contingency Plans.· Ensuring that information systems are accredited, maintain their ATO, and are being continuously monitored.· Performing risk assessments for government systems, to include cloud-based systems.· Performing security control assessments to include collecting supporting artifacts/evidence and interviewing system owner/owner representatives.· Having an in-depth knowledge of the Risk Management Framework (RMF).· Maintaining and tracking system POA&Ms.· Conducting vulnerability management and analysis.· Reviewing and analyzing government policy.· Improving on processes and procedures and making recommendations to improve the security posture of the agency's IT systems and applications. This position requires a Top-Secret clearance with SCI eligibility and the ability to obtain a CI Poly. This position is on-site in Washington DC with no remote option.Required Qualifications: Bachelor's in Computer Science, or other related analytical, scientific, or technical discipline 4+ years' experience with NIST, FISMA, and Security Assessment & Authorization. Knowledgeable on various security-related NIST publications (e.g., SP 800-53r5, SP 800-53A, SP 800-18r1, etc.) In-depth knowledge of information security principles, methodologies, and best practices. Experience in conducting risk assessments and implementing security controls. Proficiency in using security tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability management tools. Knowledge of incident response procedures. Obtain a CI Poly. Can be on-site 5 days a week. Preferred Qualifications: Desirable Qualifications (Education/Certificates, Experience, Physical, etc.): Certifications: CISSP FedRAMP and Cloud experience (e.g., Azure, AWS, Oracle (OCI)) Hands-on experience using a Governance, Risk, and Compliance tool, such as CSAM or eMASS. Ability to conduct gap analysis on non-federated vendor audit results, such as SOC Type 2, HIPAA comparison review and analyst against NIST SP 800-53 Revision 5 security controls. Ability to accurately manage complex workstreams, comprehend the application of the RMF, and understand the application of security controls across the interface, application, operating system, network, and database layers of modern information systems. Understand the applicable artifacts used as evidence to assess compliance. Experience with multiple tools providing security functions such as vulnerability management (e.g., Nessus), configuration management (e.g., BigFix, SCCM, ePO), endpoint protection (e.g., antivirus, ATP), data loss prevention, and intrusion detection software and hardware. Ability to evaluate data flows, network diagrams, and logical security boundaries. Familiarity with the use of data analysis tools, including the use of Microsoft Excel or PowerBI to combine data from multiple sources. Benefits · Generous cost sharing for medical insurance for the employee and dependents · 100% company paid dental insurance for employees and dependents · 100% company paid long-term and short term disability insurance · 100% company paid vision insurance for employees and dependents · 401k plan with generous match and 100% immediate vesting · Competitive Pay · Generous paid leave and holiday package · Tuition and training reimbursement · Life and AD&D Insurance About AnaVation AnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team. If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you! AnaVation is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

At PLEXSYS, our teams design, build and deliver Live, Virtual, and Constructive (LVC) innovation and training solutions to customers around the world. With over 200 employees in seventeen states and four foreign countries, we contribute our success to enabling better training…everyday…across the globe. As an employee of PLEXSYS, you'll find a culture that empowers you to achieve your professional objectives, give your personal best, and work with other highly passionate individuals. Our core values of integrity, excellence, teamwork and agility drive our daily decisions, identify our focus areas, and inspire our organizational culture. GENERAL DESCRIPTION The Information System Security Officer (ISSO) is responsible for ensuring the appropriate operational security posture for information systems and as such, works in close collaboration with the ISSM, CPSO, and FSO. The ISSO must have detailed knowledge and expertise required to manage the security aspects of an information system and is assigned the day-to-day responsibility for assigned systems. Responsibilities include implementation of the requirements of Risk Management Framework, including the Joint Special Access Program (SAP) Implementation Guide (JSIG), NIST 800-53, or other security requirements as assigned. This position will report to the Corporate Information Assurance Manager and work in close collaboration with the AFSO and FSO. The ISSO is responsible for developing and updating the security authorization package, managing and controlling changes to the system, and assessing the security impact of those changes. Ensure systems are operated, maintained, and disposed of following security policies and procedures as outlined in the security authorization package. Report all security-related incidents to the ISSM. Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure audit records are collected, reviewed, and documented. Duties also include physical and environmental protection, personnel security, and incident handling. DUTIES & RESPONSIBILITIES Lead the information system security program for their assigned location to include implementation and validation of automated informational security, ensuring security requirements as contracted are satisfied Maintain and establish the accreditation of classified information systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Ensure all security procedures are being followed such as patching, AV updates, continuous monitoring, trainings, and self-inspections Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees Conduct system audits in accordance with security accreditation package requirement Lead the information system security program for their assigned location to include implementation and validation of automated informational security, ensuring security requirements as contracted are satisfied Maintain and establish the accreditation of classified information systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Ensure all security procedures are being followed such as patching, AV updates, continuous monitoring, trainings, and self-inspections Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees Conduct system audits in accordance with security accreditation package requirements Conduct vulnerability scans and analysis Conduct maintenance on the networks, systems, and hardware Perform software upgrades on networks, systems, and hardware Perform security assignments in accordance with the Automated Information System requirements and local regulations Understand and follow NISPOM/ODAA/RMF/JAFAN/ICD/NIST/JSIG classified system accreditation and certification requirements Other duties as assigned REQUIREMENTS Bachelor's degree in related field or 4 years' experience in related field DoD 8570 compliant, IAT Level II Experience with Windows based administration of Information Systems Ability to work within compliance standards; previous experience with RMF, HIPAA , PCI DSS, or equivalent compliance standard preferred Strong experience in networking, active directory, centralized logging solutions, vulnerability scanning and anti-virus solutions Experience with security audits for information systems Strong communication and problem-solving skills Ability to work in both a team environment as well as independently Must be organized and detail oriented Ability to obtain and maintain Top Secret clearance with the ability to obtain approval for SAP/SCI access DESIRABLE Have previous experience with DoD Security Regulations and Policies PERKS As a PLEXSYS employee, you can expect certain advantages; such as advancement based on performance, competitive wages, valuable benefits and a great working environment. Our team is committed to ensuring an environment that empowers individuals to realize their full potential by providing opportunities and necessary support to achieve personal and professional goals. Medical/Vision/Prescription/Dental Benefits Life, AD&D and Long Term Disability Coverage Paid Holidays, Military Leave, and Paid Time Off 401k Plan with eligibility from first day of employment Education reimbursement for job-related courses for full-time employees PriceClub/COSTCO/Sam's Club annual membership

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Minimize attack surfaces by removing as many unnecessary components as possible from kernelspace and userspace Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Create OS-level attestation and integrity monitoring systems Apply security patches, develop patches for custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Serve as a subject matter expert for OS security questions and designs Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with secure boot technologies Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

FLEX IT has an immediate need for a Cyber Security Analyst with a proven track record of delivering world-class results with our Enterprise level client. The ideal candidate will bring a broad range of lean and agile experiences working within large-scale organizations. ALL LEVELS OF Cyber Security Analysts ARE ENCOURAGED TO APPLY Top Skillsets: (Based on Requirement) -Knowledge of information security standards, principles, and practices -Computer programming and/or scripting languages (Python, PowerShell, Java Script, Go) -Experience with massive log aggregation and analysis -Comfortable interfacing with other organizations regarding security policy Job Responsibilities: Elevate security analytics by distilling complex analytical concepts Enable a culture of data driven decision making Minimize complexity and focus on results Thrive in an entrepreneurial environment Use data to prove your point, think outside the box and solve problem creatively Perform log analysis and correlate disparate datasets to identify abnormal behavior. Respond to security events, drive issues to closure, and engage all appropriate resources. Support service request in-take process and communicate back to requestors promptly. Provide enforcement of security policies, standards and procedures. Stay current on security technologies, trends, standards and best practices. Creation of new alerts and rule logic adjustments. Document Security process and procedures, as well as providing input for streamlining and updates of current procedures. Respond to security alerts in a fast-paced, 24x7x365 operational environment across Windows, Linux, Mac, and Azure/AWS cloud systems and additional 2nd tier requests. Investigate phishing and malware incidents using EDR, SIEM, and proxy tools as well as forensic artifacts such as running processes and network connections Malware research and sandboxing. Collaborate with IR analysts to test and build new SOAR playbooks and command-line tools using Python, enabling automated response to malicious browser extensions and cyber threat intelligence IOCs Identify opportunities for security alert tuning and assist with deployment, reducing triaged tickets Shifts 12-hr Repeat Cycle 10 Weeks Rotation Fixed plan, no rotation Week one 24 Hours Week Two 60 Hours 2-2-3 Schedule Example below: Work two days, two days off, work three days. Two days off, Work two days, Three days off. The schedule is a rotating 10 weeks of days and then 10 weeks of nights. At Flex IT we believe that diverse teams improve our business. We are an equal opportunity employer and do not discriminate on the basis of race, religion, color, nationality, gender, sexual orientation, age, marital status, veteran status, or disability status. Flex IT is an IT Services Firm dedicated to advancing the careers of IT Professionals. We work with some of the most recognized companies in the country to place IT professionals that stand out amongst their peers. Talented individuals need challenging opportunities. To discover your next great opportunity and begin to build a career path, contact us today.

Type of Requisition: Regular Clearance Level Must Currently Possess: None Clearance Level Must Be Able to Obtain: None Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Security Information, Security Monitoring, Security Requirements, Security System Design, System Security Certifications: None Experience: 7 + years of related experience US Citizenship Required: No Job Description: Seize your opportunity to make a personal impact as an Information Systems Security Officer supporting the Case Management Modernization (CMM) Program. The CMM program is an initiative to support the Administrative Office of the US Courts (AO) in developing a modern cloud-based solution to support all 204+ federal courts across the United States. GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career. The Information Systems Security Officer will work as part of the CMM Enterprise Data Warehouse (EDW) team to deploy a secured cloud-native EDW platform and support the statutory and operational reporting, data cataloging, and other analytical objectives. RESPONSIBILITIES: Provide subject matter expertise for implementing secure by design concept into development to include security design principles, data protection, threat and vulnerability management, compliance and governance, threat and vulnerability management, and performance risk assessments. Provide an advanced level of information security expertise needed to solve difficult challenges pertaining to the design and implementation of information security solutions, which may include, but is not limited, to networking, operating system, application and database security relative to both techniques and technologies. Identify, document, and automate the integration of security controls into the enterprise architecture and system development life cycle process enabling ongoing (continuous) security monitoring, automated security authorization, and transparent risk reporting. Gain organizational approval for the design and architecture of security requirements for cloud environment including the DWaaS component. Implement and maintain upon approval. Design, implement and maintain layered system security architectures encompassing software, hardware, and communications to support the requirements and provide for present and future cross-functional needs and interfaces. Provide subject matter expertise and hands-on guidance to teams for embedding secure-by-design principles throughout the product lifecycle, including threat modeling and secure coding practices. Design and implement cloud workloads, services, databases, etc. with security as a primary consideration, including network segmentation, granular access control, data protection, and encryption and zero trust principles. Integrate automated security testing in the CI/CD pipelines enabling real-time feedback and rapid remediation of vulnerabilities during development and deployment. Collaborate with the AO Information System Security Office (ISSO) to schedule periodic penetration testing and conduct vulnerability assessments. Provide monthly and ad hoc reports on identified vulnerabilities, remediation actions, and security breaches covering all access layers (database, application, infrastructure). Include trend analysis and recommendations for continuous improvement. Maintain a risk register and track mitigation process. Propose, implement, and validate security risk mitigation activities for all non-production and production environments with documented evidence of effectiveness. Validate successful implementation of risk mitigation activities for all non-production and production environments. Develop and maintain all Cloud Security Documentation: System Security Plan, Business Continuity Analysis, Disaster Recovery Plan, other documents required for Authority to Operate (ATO). Create and maintain a Cloud Security Roadmap, provide updates quarterly and obtain organizational approval for all security architecture and design artifacts. Implement and document technical and administrative controls to protect sensitive data from unauthorized internal access, including logging, monitoring, and access reviews. Provide operational support for identity and access management (IAM) with granular role-based access controls, integration with on-premises identity management solutions in accordance with Judiciary enterprise security standards and cloud identity solutions and enable product teams to maintain a private image catalog for team specific isolation. Support secure design and operation of multi-segment networks, multiple subnets, and virtual network routing, with regular security assessments and documentation. Provide product teams with and enforce approved standards for logging and data retention, ensuring logs are protected, searchable, and compliant with regulatory requirements. Document and maintain Standard Operating Procedures (SOPs) for cyber security. Automate repetitive security tasks (e.g., patching, compliance checks, incident response) to improve efficiency and reduce human error. Implement regular reviews and updates of security controls, policies, and procedures to address emerging threats and technological changes. Implement regular reporting on security KPIs (e.g., mean time to detect/respond, vulnerability remediation time, compliance status) to demonstrate effectiveness and inform decision-making. Establish a process for ongoing assessment and improvement of governance controls. Provide guidance and recommendations to stakeholders for containment, validation, and eradication, and support remediation and recovery of incidents (including coordination, documentation, timeline tracking, and resource identification/utilization). REQUIRED EXPERIENCE & QUALIFICATIONS: 7+ years of experience project leadership in monitoring computer networks and security issues, investigating and resolving security and cybersecurity incidents. Bachelor's degree in Computer Science, Computer Programming, Computer Engineering or relevant computer-based major. Preferred: Certified Information Systems Security Professional (CISSP). Preferred: Architect certification from at least one of the cloud service providers (CSPs). Experience in documenting security incidents and performing security vulnerability assessments. Experience working with Agile teams and SAFe to perform testing and uncovering system and network vulnerabilities. Strong working experience in AWS Cloud Security (Certification is preferred) (3+ years' experience). Required past ATO experience in AWS environment for large agency. (4+ years' experience). Required solid understanding of NIST Standards. Experience with the ATO process, FedRAMP, CIS, ISO 27001. (4+ years). Solid understanding on ICAM, SIEM, Vulnerability management tools. Experience with CSAM or similar tools. The likely salary range for this position is $127,500 - $172,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: None Telecommuting Options: Remote Work Location: USA DC Washington Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Aditi Staffing is an MBE certified, IT Staffing firm in the US offering contract, contract-to-hire & direct hire career opportunities with Fortune Firms. Recently recognized as one of the fastest growing staffing firms and top diversity firm by the Staffing Industry Analysts, Aditi Staffing has been a partner of choice for candidates and clients. Visit our website: http://www.aditistaffing.com/ Job Description Role: Information Security Analyst Location: Information Security Analyst 6-8 years of experience in information security / technology or related field. Advanced verbal and communication skills with diverse cross functioning groups. Strong background and experience in policy development, program administration. In depth knowledge and experience in incident response activities and compliance. Ability to plan, organize and prioritize tasks to complete independently and within time frame established. While technical knowledge of information technology and security issues is highly desirable, technical expertise and resources will be available from units such as Security Operations to support the information security and privacy program. Strong technical writing abilities. Very good understanding of security controls, control systems, and business drivers that impact security controls. Knowledge of SEC, FFC, Sarbanes-Oxley (SOX) and or Gramm-Leach Bliley Act regulatory policies & guidelines. Strong background in security authentication, security applications development methodologies, security architecture and operational procedures, organization, business continuity skills, disaster recovery skills, identity management skills and hands on experience implementing products / solutions e.g. NetIQ, Entrust, Netegrity, Oblix, PKI, and some director service, RSA, strong understanding of the development and maintenance of RBAC s (Role Based Access Controls). Ability to work collaboratively with a broad range of constituencies essential. A demonstrated ability to work with diverse cross functional groups of people is required. Good to Have: Knowledge of the following technologies a plus: Intrusion Detection / Prevention Systems for networks and hosts Security Event Management Systems Vulnerability Assessment Systems Secure transfer protocols such as SSH, SCP and Connect Direct Secure Plus Diagnostic tools such as packet capture/decode and WAN probes IP Networking Windows Systems administration and security tools Experience with remote access, terminal servers, etc a plus Experience in the administration of UNIX Solaris, HP/UX, or Linux and Windows operating systems a plus Experience in developing and administering an information security program desirable Working knowledge of and experience in the policy and regulatory environment of information security, especially in higher education is desirable Additional Information Regards, Arun Kumar R arunkr(AT)aditistaffing.com D: 425-457-7916

Responsibilities: Conduct Security Assessment and Authorization (A&A) support for IT systems Conduct Security A&A documentation review Update IT Security Compliance SOPs Monitor and report on FISMA Compliance activities Conduct Plan of Action and Milestone (POA&M) management and quality control activities and ensure accuracy of the organization's Security A&A tool. Support Ongoing Authorization (OA) by review of the security controls Working Place: Washington D.C., District of Columbia, United States Company : Sept 25 - Tria

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Responsibilities: Conduct Security Assessment and Authorization (A&A) support for IT systems Conduct Security A&A documentation review Update IT Security Compliance SOPs Monitor and report on FISMA Compliance activities Conduct Plan of Action and Milestone (POA&M) management and quality control activities and ensure accuracy of the organization's Security A&A tool. Support Ongoing Authorization (OA) by review of the security controls The Need-to-Have Skills & Qualifications: Working knowledge and experience with CSAM and RMF Experience working with system stakeholders to assess and manage system cybersecurity risk Knowledge of the process to obtain a system ATO and requirements to maintain the ATO Working Place: Washington, D.C., District of Columbia, United States Company : Sept 25 - Tria