Cyber security analyst jobs in Webster, MA - 117 jobs

Join a team focused on the success of our customers, the success of our communities, and the success of each other. Farm Credit East (FCE) is the leading provider of loans and farm advisory services to farm, forest product, fishing, and other agricultural business owners across the northeast with $13.5 billion in total loan volume and $29 million in annual financial services revenue from 18,000 customers across our 8-state territory. We are One Team Working Together with a focus on our five pillars: Outstanding Customer and Employee Experience, Quality Growth, Operational Excellence, Commitment to our Communities, and Protecting Customer Information. As part of our commitment to protecting customer information and enabling operational excellence, the Security Solutions Analyst plays a key role in supporting the secure design, implementation, and documentation of systems and cybersecurity initiatives. This role serves as a technical liaison between the Information Security team and internal and external stakeholders, including Farm Credit Financial Partners, Inc. (FPI). The analyst represents Information Security in the Architecture Review Board (ARB), evaluates strategic projects for security alignment, and ensures that security requirements are embedded in technical decisions and implementation plans. The analyst applies Security by Design principles, ensuring that systems and solutions are architected with security as a foundational principle. This includes adherence to internal standards, regulatory requirements, and industry best practices throughout the lifecycle of technology initiatives. The value drivers for this role are as follows: Secure Enablement of Initiatives Data Protection and Governance Support Alignment with Standards and Risk Appetite Operational Resilience and Incident Readiness Cross-Team Collaboration and Technical Alignment Come join a collaborative, customer-focused team at Farm Credit East! Duties and Responsibilities Security Architecture, Standards & Project Evaluations Represent Information Security in the Architecture Review Board (ARB) for all projects requiring architectural review. Evaluate strategic and technical initiatives for alignment with security architecture, regulatory requirements and risk posture. Conduct threat modeling to assess cybersecurity risk related to new projects and technologies. Apply security by design principles to ensure security is embedded throughout project lifecycles. Ensure solutions adhere to internal security standards, NIST CSF principles, and applicable regulatory frameworks. Ensure security standards are defined, are accurate, up-to-date, and aligned with FCE's risk appetite and industry best practices. Conduct security evaluations of internal and third-party systems, including encryption, patching, APIs, data residency, incident response, and third-party risk indicators. Review configurations and security controls for AI-enabled systems, including generative, agentic, and embedded AI. Evaluate risks related to model behavior, data usage, integration points, and alignment with internal standards and responsible AI security practices. Provide security oversight throughout the full lifecycle of systems, from design to deployment to decommissioning. System Configuration Oversight & Technology Service Provider Collaboration Provide guidance and maintain oversight for the configuration and security settings of all FCE systems. Partner with FPI and/or other outside vendors to ensure system configurations, access policies, and integration points meet FCE's security requirements. Participate in joint planning and review sessions to support shared initiatives and maintain architectural alignment. Maintain visibility into FPI-managed implementations and ensure security expectations are clearly communicated, documented, and tracked. Participate in change management process to assess the security impact of system changes, upgrades and new deployments. Initiative Coordination, Implementation Support & Incident Readiness Serve as a bridge between business and security to ensure cybersecurity initiatives are implemented effectively, securely and in alignment with organizational goals. Facilitate secure implementation of systems in alignment with architectural principles and engineering best practices. Monitor initiative progress and ensure readiness for integration with managed services. Ensure systems are configurated to support incident detection, logging, and response capabilities. Assist in tuning and optimizing security tools in collaboration with FPI or other external parties, such as data loss prevention (DLP), endpoint protection, and threat detection platform to improve visibility and reduce false positives. Lead the implementation of data classification and labeling, including applying classification rules, tagging sensitive data, and testing configurations to ensure accuracy and effectiveness. Contribute to incident readiness by validating that systems and integrations support timely response and containment of security events. Documentation, Reporting & Governance Develop and maintain technical documentation (e.g., workflows, configuration guides, implementation checklists). Maintain dashboards and reporting tools to track progress and security posture. Support audits, readiness assessments, and leadership reporting. Contribute to the development and maintenance of architecture standards and security metrics. Security by Design Enablement Facilitate effective communication of security risks and best practices for both technical and non-technical audiences. Champion Security by Design philosophy for embedding cybersecurity design thinking into organizational processes and enabling technologies. Contribute to internal education efforts by developing technical guides, reference material, and awareness content to promote security best practices. Promote a culture of security through collaboration, training, and knowledge sharing across departments. Translate technical tasks into business impact for non-technical stakeholders to support decision-making Support awareness and adoption of data classification and labeling frameworks, ensuring users understand how to handle sensitive information appropriately. Job Qualifications and Requirements: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field required. Master's degree or equivalent experience preferred. Minimum of 3-5 years of experience in cybersecurity, information security, or security engineering roles. Hands-on experience with security architecture or engineering support, including secure system design, configuration, and implementation. Experience working with data protection technologies, such as data loss prevention (DLP), data classification and labeling, trainable classifiers, and endpoint protection. Experience collaborating with managed service providers or external technology partners to implement and maintain secure systems. Exposure to governance frameworks such as NIST CSF, CIS Controls, or ISO 27001, with an understanding of how to align security standards with organizational risk appetite. Participation in architecture review boards (ARBs) or similar governance bodies is a strong plus. Experience supporting change management processes, including security impact assessments for system changes and deployments. Strong background in technical documentation, process mapping, and reporting to support visibility and compliance. Security-related certifications such as CISSP, CCSP or equivalent are preferred. Certifications in architecture or engineering support (e.g., ITIL, TOGAF, cloud security) are a plus. We offer hybrid work options after two weeks of employment with Farm Credit East. Hybrid work options are determined based on job role and balancing the needs of the customers, the team, and individual work performance. This will be reviewed based on manager discretion. Compensation and Benefits: Salary Range: $80,000 to $120,000 commensurate with experience Short-Term Incentive to reward business results Retirement Contributions : 401k match up to 6% of salary; or for those unable to take full advantage of the 401(k) match, verified student loan payments may qualify for an employer match in your 401(k) up to 6% of salary Defined Contribution retirement plan funded at 2-9% of salary depending on years of service Time Off: 15-25 days of vacation leave per year, depending on years of service 12 days of holiday leave per year 7.5 days of sick leave in your first year, followed by 12 days of sick leave per year thereafter; unlimited rollover of unused sick leave year to year Paid Parental Leave: Up to 80 hours of paid leave for birthing, non-birthing, and adoptive parents Family Care Leave: Additional leave options available under FMLA and company policy Health and Insurance: Comprehensive medical, dental, and vision plans, including preventive care and wellness programs to support your overall health and well-being Health Savings Account Life insurance at 2x base pay Accidental Death and Dismemberment insurance at 2x base pay Long-term disability insurance at 2/3 base pay Additional Benefits: Tuition reimbursement Continuing education and training Employee Assistance Program offering a wide variety of tools and resources Benefits Eligibility: Eligibility Begins: First of the month following your hire date Eligible Employees: Full-time employees working 30+ hours per week; Part-Time employees working 20+ hours per week. Farm Credit East is an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, parental status, political affiliation, disability status, protected veteran status, genetic information or any other status protected by federal, state or local law. It is our goal to make employment decisions that further the principle of equal employment opportunity by utilizing objective standards based upon an individual's qualifications for a specific job opening. In compliance with the Americans with Disabilities Act (“ADA”), if you have a disability and would like a reasonable accommodation in order to apply for a position with Farm Credit East, please call ************** or e-mail ************************************

Basic Qualifications Requires a Bachelor's degree in Systems Engineering, or a related Science, Engineering, Technology or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package ***Please note you will be onsite 100%. Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $112,924.00 - USD $125,275.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Job Title: Security Engineer Department: Technology Reports To: VP of Technology Pay Range: $150,000 - $175,000 per year, depending on experience FLSA Status: Exempt WHO WE ARE: Bay State Milling Company is a family-owned leader in grain-based food ingredients, proudly serving the industry since 1899. For over 125 years, we've been on a mission to promote the growth of nutritious, sustainable, and accessible food choices. Our portfolio spans flours, grains, seeds, and innovative plant-based ingredients, all crafted to meet evolving consumer demands for healthfulness, great taste, and affordability. Rooted in five generations of ownership, we combine deep milling expertise with forward-thinking innovation. From our flagship mill in Winona, Minnesota to facilities across North America, we partner with growers and customers to deliver quality and trust at every step. Guided by our core values-Integrity, Creativity, Collaboration, Caring, and Quality-we relentlessly pursue better for the food system and the communities we serve. JOB SUMMARY: The Security Engineer plays a critical role in safeguarding Bay State Milling's digital assets, infrastructure, and data. This position is responsible for designing, implementing, and maintaining security solutions that protect against cyber threats and ensure compliance with industry standards and regulatory requirements. The Security Engineer collaborates closely with all areas of the technology team and business stakeholders to assess risks, respond to incidents, and continuously improve the company's security posture. ROLE & RESPONSIBILITIES: Design and implement secure network, system, and application architectures. Evaluate and deploy security tools, technologies, and frameworks. Monitor systems for security breaches and investigate incidents. Lead response efforts for security events, including containment, remediation, and reporting. Conduct regular vulnerability assessments and penetration testing. Coordinate remediation efforts with infrastructure and application teams. Ensure compliance with internal policies, industry standards (e.g., NIST, ISO 27001), and regulatory requirements. Support audits and risk assessments and maintain documentation of security controls. Develop and deliver security awareness programs for employees. Provide guidance and training to technical teams on secure coding and system hardening. Manage and enforce identity and access controls across systems and applications. Implement role-based access and least privilege principles. Integrate security into cloud environments and CI/CD pipelines. Collaborate with Development teams to embed security into development workflows. Stay current with emerging threats, technologies, and best practices. Recommend and implement improvements to security policies, procedures, and tools. MINIMUM EDUCATION & WORK REQUIREMENTS: Bachelor's degree in computer science, Information Security, Cybersecurity, or a related field. Minimum of 5 years of firsthand experience in cybersecurity engineering, security operations, or related technical roles. Preferred certifications can include CISSP, CISM, or Cybersecurity Architect Proven experience with security technologies such as firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security platforms. Experience working in hybrid & cloud-native environments (e.g., AWS, Azure, GCP). Familiarity with secure software development practices and DevSecOps integration. KNOWLEDGE, SKILLS, AND ABILITIES: Strong understanding of network protocols, operating systems (Windows, Linux), and cloud infrastructure. Deep knowledge of cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Experience with SIEM platforms (e.g., Splunk, Sentinel), EDR solutions, and threat intelligence tools. Ability to assess and mitigate risks in complex enterprise environments. Strong analytical and problem-solving skills with attention to detail. Excellent communication skills, with the ability to translate technical risks into business impact. Ability to work independently and collaboratively in cross-functional teams. Familiarity with regulatory requirements such as GDPR, or CCPA. Experience with container security (e.g., Kubernetes, Docker) and infrastructure-as-code (e.g., Terraform, CloudFormation).

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: None Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) III is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: Assist the ISSM in meeting their duties and responsibilities. Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure all IS security-related documentation is current and accessible to properly authorized individuals. Ensure audit records are collected, reviewed, and documented (to include any anomalies) Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. Prepare reports on the status of security safeguards applied to computer systems. Perform ISSO duties in support of in-house and external customers. Conduct continuous monitoring activities for authorization boundaries under your preview. Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: 5+ years related experience, especially in developing RMF packages or bodies of evidence. 2+ years SAP experience required. Prior performance in roles such as System, Network Administrator or ISSO. Education: Bachelor's degree OR Associate's degree in a related area + 2 years' experience OR equivalent experience (4 years) Certifications: IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II . Clearance Required to Start: TS/SCI required. . Must be able to Attain - TS/SCI with CI Polygraph. #AirforceSAPOpportunities #ISSO III The likely salary range for this position is $102,000 - $138,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA MA Bedford Additional Work Locations: USA MA Avon, USA MA Boston, USA MA Braintree, USA MA Burlington, USA MA Cambridge, USA MA Fort Devens, USA MA Hanscom AFB, USA MA Norwood, USA MA Peabody, USA MA Quincy, USA MA Taunton, USA MA Waltham, USA MA Westwood Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Site: Mass General Brigham Incorporated Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham. Job Summary Summary The Mass General Brigham (MGB) Information Security Engineer III - Application and Cloud Security Lead provides leadership and expertise within the cybersecurity team, specifically overseeing security practices related to application development and cloud infrastructure. This role is responsible for ensuring robust and secure software development lifecycles, implementing advanced security strategies in cloud environments, and driving continuous improvement in both application security and cloud security posture. The Engineer will lead complex security projects, coordinate cross-team collaboration, and mentor junior and mid-level engineers to foster their professional growth. The ideal candidate is a deeply technical minded security professional focused on secure coding practices or development engineering with experience designing and executing strategic / programmatic roadmaps. The Information Security Engineer III may represent the organization in industry forums or regulatory discussions. Additionally, this role actively engages with external partners, vendors, and stakeholders to establish collaborative security strategies and ensure alignment with industry trends and best-in-class security practices. They should have prior experience building application and/or cloud security programs, and experience in multiple of the following areas: * DevSecOps * Strategic program build and design * Secure Code Development * Application Security Testing Tools * CI/CD Pipeline Hardening * Application and Code Vulnerability Analysis * Cloud security expertise Duties include * Collaboratively design the application and cloud security program to meet the needs of Mass General Brigham. Lead engineers in the execution of the strategic roadmap. * Leads the design, development, testing, and implementation of advanced security controls for application development and cloud environments based on published information security policies and business requirements * Establishes and maintains a secure software development lifecycle (SSDLC), incorporating security checkpoints, threat modeling, secure coding standards, and rigorous testing practices. * Drives the implementation and ongoing management of Cloud Security Posture Management (CSPM) tools and strategies, ensuring continuous monitoring and proactive remediation of cloud security issues. * Implement and maintain code analysis tools (e.g., SAST, DAST, IAST, SCA, etc.) to identify security vulnerabilities in code before deployment. Collaborate with development teams to integrate these tools into workflows and provide actionable insights to remediate identified issues, fostering a proactive approach to secure coding practices. * Serves as a technical leader within the cybersecurity team, providing guidance, mentorship, and professional development opportunities for junior and mid-level security engineers. * Collaborates closely with development, operations, and DevOps teams to embed security seamlessly into software development and deployment processes, fostering a DevSecOps culture. * Conducts and oversees application and cloud security assessments, including penetration testing, code reviews, configuration audits, and vulnerability management efforts. * Innovates by researching, evaluating, and proposing new security technologies and methods specifically designed to improve the organization's application and cloud security maturity. * Ensures high-quality, maintainable, and scalable security solutions through comprehensive architecture reviews, security assessments, and alignment with best practices. * Responds promptly and effectively to complex security incidents involving applications and cloud resources, providing expert guidance and leading remediation efforts. * Engages proactively with vendors, industry partners, and stakeholders to leverage external expertise, technologies, and best practices. * Aligns all actions and decisions with organizational values, including Patients First, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and demonstrates commitment to Diversity & Inclusion, Integrity & Respect, Learning & Continuous Improvement, Personal Growth, and Teamwork & Collaboration. * Performs other duties and responsibilities as assigned. Qualifications * Bachelor's degree in Information Security, Computer Science, or related field; advanced degrees or equivalent professional experience preferred. * Minimum of 5+ years of progressive experience in application security, cloud security, or related cybersecurity roles. * Relevant industry certifications preferred (CISSP, CCSP, CSSLP, AWS/Azure Security Specialty, GIAC certifications). Skills for Success * Expert-level knowledge and practical experience in secure software development methodologies, OWASP Top 10, and application security testing tools (SAST, DAST, IAST). * A comprehensive understanding of secure coding principles, with the ability to guide development teams in adhering to these best practices. Hands-on experience with static and dynamic application security testing tools is preferred. * Proven expertise in securing major cloud platforms (AWS, Azure, GCP), including experience with Cloud Security Posture Management tools, cloud-native security services, and infrastructure-as-code security. * Deep understanding of modern software architectures, microservices, APIs, and container security best practices (e.g., Docker, Kubernetes). * Ability to think strategically, creatively, and innovatively to design and implement robust security controls. * Demonstrated leadership skills with strong project management capabilities, able to effectively communicate complex technical security issues clearly to technical and non-technical stakeholders. * Proven track record of delivering and managing successful security projects and continuous improvement initiatives. * Strong ability to apply documented processes, playbooks, and frameworks (e.g., OWASP, NIST CSF, etc.) to effectively address and resolve a wide variety of application security challenges. * Knowledge of established security frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53 with a focus on their application in securing software and application environments. * Preferred certifications include: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), GIAC Penetration Tester Certification (GPEN), GIAC Experienced Penetration Tester (GX-PT), GIAC Certified Red Team Professional (GRTP), GIAC Security Operations Certified (GSOC), GIAC Security Expert (GSE), etc. * Must know how to use common M365 Office Suite of products. Additional Job Details (if applicable) * M-F Eastern Business Hours required * Hybrid onsite Flexible working model required weekly includes onsite in office (number of days weekly can vary, must be flexible for business needs) * 1-2 onsite days per week * Remote working days require stable, secure, quiet, compliant working station The salary range for this position is $92,102.14 to $155,032,25 annually. At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience, if applicable, education, certifications, and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums, and bonuses as applicable, and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. Remote Type Hybrid Work Location 399 Revolution Drive Scheduled Weekly Hours 40 Employee Type Regular Work Shift Day (United States of America) Pay Range $92,102.40 - $134,056.00/Annual Grade 7 At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience if applicable, education, certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. EEO Statement: Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veteran's Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact Human Resources at **************. Mass General Brigham Competency Framework At Mass General Brigham, our competency framework defines what effective leadership "looks like" by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused, half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance, make hiring decisions, identify development needs, mobilize employees across our system, and establish a strong talent pipeline.

Classified Security Analyst Clearance Level: Must have a Top Secret Clearance to be considered for this opportunity and eligible for SCI At Aquila Technology, you will see our team's passion every day, whether we are building a robust, policy-compliant IT system or stress-testing a system to identify gaps and security vulnerabilities. To own the advantage, we ensure our team owns results and gets the work done right the first time by deploying smart, purposeful solutions that work. Aquila is the right people with the right skills driving the right outcomes. We call this the Aquila Advantage. Aquila Technology is seeking a Security Analyst to join our team in supporting one of the country's premier defense research organizations. The Security Analyst will will work in a team dedicated to identify and counter security threats and development of game-changing technology in support of national security, including guarding against compromise by foreign intelligence agencies and insider threats. There are a few requirements for the position: Must be a U.S Citizen- Authorized to Work in the US - Must have an Active Top Secret/ Clearance and eligible for a SCI (Green Cards / Visas DO NOT qualify) Willingness to undergo a comprehensive background investigation and maintain a personal security clearance. (Aquila would sponsor you for the security clearance.) Must be within 100 miles from Lexington Massachusetts. Must Have Currently holds a Top Secret/SCI clearance 3 years - Ensures compliance with operational security and emergency action plans. 3 years - Experience as a Security Officer or Control Officer 3 years - Facilitates indoctrinations and debriefings, personnel file maintenance 3 years - Familiarity with security management software, such as SIMS and government databases such as DISS 3 years - Investigates and documents security incidents, develops and manages corrective actions. 3 years - NISPOM 32 CFR Part 117 experience 3 years - Oversee facility access control and assist with drafting construction security plans Nice to Have Degree Level: Bachelor's Degree Responsibilities to Include: Physical Security: Oversees facility access control, construction and renovation activities, and develops Construction Security Plans (CSPs). Classified Material Control: Manages the creation, transfer, and destruction of classified materials and digital media in accordance with policy. Personnel Security: Conducts indoctrinations and debriefings, maintains personnel security files, manages reporting, and coordinates visit authorizations. Security Education & Awareness: Delivers annual training, access briefings, and OPSEC awareness programs. Risk Management: Investigates, documents, and resolves security incidents; implements corrective actions. Emergency Planning: Maintains compliance with operational security and emergency action plans. Requirements: Experience: Minimum 3 years as a CPSO, CSSO, TSCO, or PSO supporting DoD or Intelligence Community programs. Regulatory Knowledge: Proficient in applying DoD and IC security directives, including NISPOM (32 CFR Part 117) and ICD requirements. Education: Bachelor's degree or equivalent experience (minimum 3 years). Technical Skills: Proficient with SIMS, DISS, and standard business software (Excel, Word, PowerPoint). Benefits and Perks: Aquila team members experience the opportunity to be part of a fast-paced, customer-focused, and technically innovative work environment. Aquila strives to deliver the best of the best in technical services to our customers. Candidates that possess a love for technical challenges, a desire to constantly learn, and the desire to establish themselves as critical players within a team will enjoy calling Aquila Technology home. Our Perks Include: PTO - 15 days (vacation/sick) 10 paid holidays - 6 standard (New Year's, Memorial Day, Independence Day, Labor Day, Thanksgiving, and Christmas) - 4 floating holidays prorated based on your day of hire 1.5 paid days, or 12 hours, for approved volunteer work 1 week of paid maternity/paternity LOA after 1 year of Full-time employment Tuition & Training Reimbursement - 5K annually for pre-approved, job-related tuition, certification, or professional conferences 401K with Fidelity 100% immediate vesting; Plan eligibility begins 90 days following the date of hire. Aquila matches 50 cents on the dollar, up to 6%. Cell Phone & Internet Reimbursed up to $150 monthly to cover cell phone, data, and home internet expenses. Buy Your Own Device (BYOD) Allowance Reimbursed up to $1500 for the purchase of a qualified technology device. Eligible after 90 days of employment, and benefit renews every three years. Clearance Level: Active Top Secret with SCI eligibility Location: Onsite 100%, 5 days/wk; position hours 11 a.m.-7 p.m.; occasional after-hours response or local travel as required. Interview Process: Initial zoom screening, and then a second round virtual panel interview with the hiring team. We are an Equal Opportunity Employer.

Site: Mass General Brigham Incorporated Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham. Job Summary Summary The Mass General Brigham (MGB) Information Security Engineer III - Application and Cloud Security Lead provides leadership and expertise within the cybersecurity team, specifically overseeing security practices related to application development and cloud infrastructure. This role is responsible for ensuring robust and secure software development lifecycles, implementing advanced security strategies in cloud environments, and driving continuous improvement in both application security and cloud security posture. The Engineer will lead complex security projects, coordinate cross-team collaboration, and mentor junior and mid-level engineers to foster their professional growth. The ideal candidate is a deeply technical minded security professional focused on secure coding practices or development engineering with experience designing and executing strategic / programmatic roadmaps. The Information Security Engineer III may represent the organization in industry forums or regulatory discussions. Additionally, this role actively engages with external partners, vendors, and stakeholders to establish collaborative security strategies and ensure alignment with industry trends and best-in-class security practices. They should have prior experience building application and/or cloud security programs, and experience in multiple of the following areas: • DevSecOps • Strategic program build and design • Secure Code Development • Application Security Testing Tools • CI/CD Pipeline Hardening • Application and Code Vulnerability Analysis • Cloud security expertise Duties include • Collaboratively design the application and cloud security program to meet the needs of Mass General Brigham. Lead engineers in the execution of the strategic roadmap. • Leads the design, development, testing, and implementation of advanced security controls for application development and cloud environments based on published information security policies and business requirements • Establishes and maintains a secure software development lifecycle (SSDLC), incorporating security checkpoints, threat modeling, secure coding standards, and rigorous testing practices. • Drives the implementation and ongoing management of Cloud Security Posture Management (CSPM) tools and strategies, ensuring continuous monitoring and proactive remediation of cloud security issues. • Implement and maintain code analysis tools (e.g., SAST, DAST, IAST, SCA, etc.) to identify security vulnerabilities in code before deployment. Collaborate with development teams to integrate these tools into workflows and provide actionable insights to remediate identified issues, fostering a proactive approach to secure coding practices. • Serves as a technical leader within the cybersecurity team, providing guidance, mentorship, and professional development opportunities for junior and mid-level security engineers. • Collaborates closely with development, operations, and DevOps teams to embed security seamlessly into software development and deployment processes, fostering a DevSecOps culture. • Conducts and oversees application and cloud security assessments, including penetration testing, code reviews, configuration audits, and vulnerability management efforts. • Innovates by researching, evaluating, and proposing new security technologies and methods specifically designed to improve the organization's application and cloud security maturity. • Ensures high-quality, maintainable, and scalable security solutions through comprehensive architecture reviews, security assessments, and alignment with best practices. • Responds promptly and effectively to complex security incidents involving applications and cloud resources, providing expert guidance and leading remediation efforts. • Engages proactively with vendors, industry partners, and stakeholders to leverage external expertise, technologies, and best practices. • Aligns all actions and decisions with organizational values, including Patients First, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and demonstrates commitment to Diversity & Inclusion, Integrity & Respect, Learning & Continuous Improvement, Personal Growth, and Teamwork & Collaboration. • Performs other duties and responsibilities as assigned. Qualifications Bachelor's degree in Information Security, Computer Science, or related field; advanced degrees or equivalent professional experience preferred. Minimum of 5+ years of progressive experience in application security, cloud security, or related cybersecurity roles. Relevant industry certifications preferred (CISSP, CCSP, CSSLP, AWS/Azure Security Specialty, GIAC certifications). Skills for Success Expert-level knowledge and practical experience in secure software development methodologies, OWASP Top 10, and application security testing tools (SAST, DAST, IAST). A comprehensive understanding of secure coding principles, with the ability to guide development teams in adhering to these best practices. Hands-on experience with static and dynamic application security testing tools is preferred. Proven expertise in securing major cloud platforms (AWS, Azure, GCP), including experience with Cloud Security Posture Management tools, cloud-native security services, and infrastructure-as-code security. Deep understanding of modern software architectures, microservices, APIs, and container security best practices (e.g., Docker, Kubernetes). Ability to think strategically, creatively, and innovatively to design and implement robust security controls. Demonstrated leadership skills with strong project management capabilities, able to effectively communicate complex technical security issues clearly to technical and non-technical stakeholders. Proven track record of delivering and managing successful security projects and continuous improvement initiatives. Strong ability to apply documented processes, playbooks, and frameworks (e.g., OWASP, NIST CSF, etc.) to effectively address and resolve a wide variety of application security challenges. Knowledge of established security frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53 with a focus on their application in securing software and application environments. Preferred certifications include: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), GIAC Penetration Tester Certification (GPEN), GIAC Experienced Penetration Tester (GX-PT), GIAC Certified Red Team Professional (GRTP), GIAC Security Operations Certified (GSOC), GIAC Security Expert (GSE), etc. Must know how to use common M365 Office Suite of products. Additional Job Details (if applicable) M-F Eastern Business Hours required Hybrid onsite Flexible working model required weekly includes onsite in office (number of days weekly can vary, must be flexible for business needs) 1-2 onsite days per week Remote working days require stable, secure, quiet, compliant working station The salary range for this position is $92,102.14 to $155,032,25 annually. At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience, if applicable, education, certifications, and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums, and bonuses as applicable, and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. Remote Type Hybrid Work Location 399 Revolution Drive Scheduled Weekly Hours 40 Employee Type Regular Work Shift Day (United States of America) Pay Range $92,102.40 - $134,056.00/Annual Grade 7 At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience if applicable, education, certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. EEO Statement: Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veteran's Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact Human Resources at **************. Mass General Brigham Competency Framework At Mass General Brigham, our competency framework defines what effective leadership “looks like” by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused, half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance, make hiring decisions, identify development needs, mobilize employees across our system, and establish a strong talent pipeline.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Job Overview: We are seeking a highly skilled and experienced Senior Security Engineer to join our IAM Engineering organization. The ideal candidate will have extensive solution-building experience across various Ping Identity products, including PingFederate, Ping DaVinci, PingOne, PingCentral, PingAccess, PingDirectory, AWS, and PingID Mobile. This role focuses on engineering rather than operations, and a background in Identity and Access Management (IAM) is a significant plus. Key Responsibilities: Design, develop, and implement IAM solutions using Ping Identity products such as PingFederate, PingDaVinci, PingOne, PingCentral, PingAccess, PingDirectory, and PingID Mobile. Architect and build secure and scalable IAM frameworks and solutions tailored to meet business and technical requirements. Collaborate with cross-functional teams to integrate IAM solutions with various applications and systems, ensuring seamless authentication and authorization processes. Develop and maintain AWS-based IAM solutions, leveraging cloud services to enhance security and scalability. Provide technical leadership and mentorship to junior engineers, fostering a culture of continuous learning and innovation. Conduct thorough security assessments and audits of IAM systems, identifying and mitigating potential risks and vulnerabilities. Stay current with the latest trends and best practices in IAM and security engineering, applying this knowledge to improve existing solutions. Work closely with stakeholders to understand their requirements and translate them into technical specifications and solutions. Develop and maintain comprehensive documentation for IAM solutions, including design documents, configuration guides, and operational procedures. Qualifications: Bachelor's degree in computer science, Information Security, or a related field. A master's degree is a plus. Minimum of 8+ years of overall experience in security engineering or a related field. At least 3+ years of experience with Ping Identity products, including PingFederate, Ping DaVinci, PingOne, PingCentral, PingAccess, PingDirectory, and PingID Mobile. At least 5+ years of experience with cloud services, particularly AWS. Strong engineering background with hands-on experience in building and deploying IAM solutions. Proficiency with AWS services and IAM integrations in cloud environments. In-depth understanding of IAM principles, including authentication, authorization, single sign-on (SSO), multi-factor authentication (MFA), and directory services. Experience with any programming language is a plus(Java preferably). Excellent problem-solving skills and the ability to troubleshoot complex IAM issues. Strong communication and collaboration skills, with the ability to work effectively in a team-oriented environment. Relevant certifications such as CISSP, CISM, or similar are a plus. Preferred Experience: Experience in Identity and Access Management (IAM) in large-scale enterprise environments. Familiarity with security standards and protocols such as SAML, OAuth, OpenID Connect, and LDAP. Experience with DevOps practices and tools for automation and continuous integration/continuous deployment (CI/CD). Compensation: $140,000.00 per year Who We Are CARE ITS is a certified Woman-owned and operated minority company (certified as WMBE). At CARE ITS, we are the World Class IT Professionals, helping clients achieve their goals. Care ITS was established in 2010. Since then we have successfully executed several projects with our expert team of professionals with more than 20 years of experience each. We are globally operated with our Head Quarters in Plainsboro, NJ, with focused specialization in Salesforce, Guidewire and AWS. We provide expert solutions to our customers in various business domains.

Job Description Aquinas Consulting is currently looking to fill an IT Security and Compliance Engineer job for our direct client in East Hartford, CT. In this role, you will design, implement, and manage security controls across cloud and on-prem environments while guiding clients through compliance requirements. You will support audits, assess gaps, and respond to incidents - ensuring clients maintain strong security postures. IT Security and Compliance Engineer Job Responsibilities: Design and implement security architectures across cloud, on-prem, and hybrid client environments Manage and optimize security tools including EDR, MDR, MFA, SIEM, firewalls, and VPNs Collaborate with NOC/SOC partners to monitor threats and respond to incidents Conduct gap assessments and advise on remediation plans for compliance frameworks such as NIST, CMMC, and PCI Support client audits by coordinating evidence collection and documentation Perform vulnerability scans, risk assessments, and configuration reviews Create and maintain security policies, procedures, and environment documentation Deliver security awareness training for internal teams and client personnel Develop and execute incident response playbooks and handle security events Improve security processes and tools, ensuring audit readiness and SLA compliance Stay current on industry trends and recommend new security measures Qualifications: Strong knowledge of servers, network infrastructure, and security technologies (firewalls, VPNs, MFA, SIEM, MDR, EDR) Experience securing cloud platforms such as AWS, Azure, or GCP, including IAM and native controls Familiarity with compliance frameworks such as NIST, CMMC, PCI, ISO 27001, etc. Excellent troubleshooting skills and experience supporting incident response Strong written and verbal communication skills with both technical and non-technical audiences Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience) 4+ years in cybersecurity engineering (MSP/MSSP/SOC experience preferred) Relevant certifications such as CompTIA Security+, CISSP, CISM, GIAC, or ISO 27001 Lead Implementer preferred If you are interested in this IT Security and Compliance Engineer job in East Hartford, CT, please apply now to be connected with a member of our team. Please note: Applying to this role is an agreement to have your information entered into our database and acknowledgement that a recruiter will reach out to you either by phone, email, and/or text message regarding this and similar job opportunities. Aquinas Consulting is a woman and minority owned company headquartered in Milford, CT that provides Engineering, Information Technology (IT), and Manufacturing staffing solutions throughout the US. We take pride in 20 years of service to our clients, our hiring managers, our consultants, and our local community. Aquinas is an affirmative action, equal opportunity employer and committed to considering all qualified applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. *************************

Are you a cybersecurity pro ready to lead security operations and compliance initiatives? Join our team today FT, Direct HireOnsite$105-125KNetwork infrastructure, servers, cloud platforms, compliance frameworks such as NIST, security technologies-firewalls, VPN, SIEM, Gap assessments, Incident response Are you a cybersecurity professional who thrives on protecting organizations and guiding them through complex compliance requirements? Join our team as a Security and Compliance Engineer and help clients secure their environments across cloud, on-prem, and hybrid infrastructures. In this role, you'll: Design, implement, and manage security architectures and controls. Guide clients through compliance frameworks like NIST, CMMC, PCI, and ISO 27001. Manage and optimize security tools (EDR, MDR, SIEM, MFA, firewalls, VPNs). Respond to incidents, conduct risk assessments, and develop remediation strategies. Maintain policies, procedures, and documentation while delivering security awareness training. Guide clients through frameworks such as NIST, CMMC, PCI, and ISO 27001. Conduct gap assessments and recommend remediation strategies. Support audits with evidence collection, reporting, and documentation. Perform vulnerability scans, risk assessments, and configuration reviews Requirements: 4+ years in cybersecurity engineering (MSP/MSSP/SOC experience preferred). Experience with cloud security (AWS, Azure, GCP) and IAM. Knowledge of compliance frameworks (NIST, PCI, ISO 27001, CMMC). Strong troubleshooting, communication, and problem-solving skills. Relevant certifications preferred: CISSP, CISM, Security+, GIAC, ISO 27001 Lead Implementer. #INDTPG

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance Type: Secret - Current Security Clearance Status: Active and existing security clearance required on day 1 At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified Systems Security Engineer II (P2) to join our elite Systems Security Engineering (SSE) team for the Systems Directorate in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Portsmouth, RI. What You Will Do Support the development of cybersecurity requirements, design and architecture artifacts, plans, and policies. Support security development and test efforts implementation of security controls of networking devices, databases, operating systems, and hardware and software component Implement proper cybersecurity controls Integrate cybersecurity development activities Qualifications You Must Have Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience Active and transferable U.S. government issued Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Experience working in the Naval industry Qualifications We Prefer Experience in Cybersecurity Engineering Usage of information security toolsets including anti-virus, Vulnerability Assessment, HIDS/ NIDS. host-based or endpoint security solutions, Multi-Factor Authentication (MFA), and Security Incident and Event Management (SIEM) and centralized auditing tools familiarity with splunk is preferred Linux Bash scripting or Python scripting experience Experience with National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) DoDI 8570.01-M IAT Level-II Compliant Certification (e.g. Security+, CISSP, or equivalent) Security systems engineering involving various computer hardware and software S/W operating system and application solutions in both a stand-alone and in LAN/WAN configurations Experience with IT and/or network and system security administration, including operating system security configuration and account management best practices for UNIX, MS Windows, Red Hat Enterprise Linux, and CISCO systems What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation Relocation Eligible - Relocation assistance is available As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 68,900 USD - 131,100 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Job Description We are seeking an experienced Application Security Engineer to join our Software Security team and take charge of ensuring the security and integrity of our software applications. The ideal candidate will have advanced knowledge of secure software development, extensive experience with identifying vulnerabilities, and the ability to implement robust security solutions. This role will require collaboration with development teams, security architects, and other stakeholders to integrate security best practices into all stages of the software development lifecycle. The Impact Your key responsibilities will consist of the following to ensure applications are resilient against emerging threats, reducing potential financial and reputational damage from security incidents. Conduct in-depth security assessments, including vulnerability scanning, and code reviews. Leverage automated tools and manual testing techniques to identify, risk assess and prioritize and propose mitigation strategies for identified threats and application-level vulnerabilities (e.g., OWASP Top 10, etc.) ensuring our applications meet security standards and reducing exposure to data breaches. Collaborate with security architects to design secure application architectures that align with industry best practices. Ensure secure coding practices are followed, and security controls are incorporated into software designs. Conduct detailed threat modeling to identify attack vectors and potential weaknesses. Collaborate with our SDLC Council to develop and maintain secure coding standards, empowering developers to integrate security into the development process. Partner with DevOps teams to implement security within CI/CD (continuous integration & delivery) pipelines for automated and seamless deployment of secure code. Assist in incident response activities related to application security breaches, providing rapid identification and mitigation guidance. Ensure compliance with security regulations, frameworks, and industry standards such as OWASP. Leverage reporting tools to demonstrate the overall risk through metrics (KPIs, KRIs, OKRs) of vulnerabilities and code defects to cyber assets for various team leaders and executive leadership for risk prioritization and enablement of risk-based decision-making. Stay up to date with the latest security threats, vulnerabilities, and industry trends to inform and improve security strategies. Strong problem-solving abilities and analytical thinking. Excellent communication skills to explain security issues to both technical and non-technical stakeholders. A team player with the ability to work in a collaborative, fast-paced environment. The Minimum Qualifications Bachelor's or master's degree in computer science, Information Security, or a related field. Minimum of 5+ years of experience in application security, penetration testing, or secure software development. The Ideal Qualifications Relevant security certifications such as CEH, OSCP, or GWAPT) from an industry recognized certifier (e.g., SANS/GIAC, CompTIA, ISACA, ISC2, etc.) Strong knowledge of secure software development methodologies, including threat modeling, code reviews, and static/dynamic analysis. Experience in integrating security into DevOps (DevSecOps) and CI/CD environments. Strong technical knowledge of web application security, cloud security (AWS, Azure, GCP), mobile security, infrastructure as code (IaC), container security, and API security. Familiarity with SAST, DAST, and IAST tools. Deep understanding of common vulnerabilities (e.g., OWASP Top 10) and their mitigations. Advanced understanding and experience with writing source code (e.g., JavaScript, Java, C/C++/C#, Python, etc.) and familiarity with software security frameworks (e.g., Maven, Node, Gradle, etc.). Experience with identifying security vulnerabilities/defects in dockers, containers, and Kubernetes. Experience with cloud deployment and automation tools (Terraform, GitHub Actions, Jenkins, AWS Cloud Formation Templates, Secrets Managers). Knowledge of compliance and regulatory frameworks (SOC 2, etc.). Education: Bachelor's or master's degree in computer science. Skills and Experience: Required Skills: MITIGATION CLOUD SECURITY METRICS SCANNING GCP Additional Skills: SOC INFORMATION SECURITY API DYNAMIC ANALYSIS C JAVA MAVEN AMAZON WEB SERVICES PROBLEM-SOLVING GITHUB DEPLOYMENT REPORTING TOOLS INCIDENT RESPONSE C/C++ CONTINUOUS INTEGRATION/DELIVERY TERRAFORM CODING DEV OPS EXCELLENT COMMUNICATION SKILLS JAVASCRIPT SOFTWARE SECURITY COMPTIA PYTHON STRUCTURED SOFTWARE GIAC SDLC JENKINS CODING STANDARDS TEAM PLAYER GRADLE KUBERNETES

Job Specification: Title: Security Operations Center Supervisor Schedule: Thursday-Saturday (10:30pm-6:30am) Pay: $28.85/hour The Security Operations Center (SOC) Supervisor oversees the daily operations of the SOC to ensure the continuous protection of people, property, and assets. The supervisor is responsible for managing SOC Analysts, ensuring compliance with post orders, coordinating incident response, and maintaining communication with site management, field personnel, and clients. Key Responsibilities * Supervise, train, and mentor SOC Analysts to ensure effective performance and adherence to operational procedures. * Oversee monitoring of Avigilon and related security systems across all client sites. * Ensure all incidents, alarms, and emergencies are responded to promptly and documented accurately. * Conduct quality control checks on incident reports, shift summaries, and communications. * Coordinate with site supervisors, managers, and law enforcement as needed during critical incidents. * Develop, review, and update SOC post orders, policies, and standard operating procedures. * Ensure proper shift coverage, scheduling, and timely dissemination of information between shifts. * Assist in performance evaluations, disciplinary actions, and ongoing professional development of SOC staff. * Provide leadership during emergencies and maintain command presence in high-stress situations. Qualifications * High school diploma or equivalent required; Associate or Bachelor's degree preferred (Criminal Justice, Security Management, or related field). * Minimum of 2-4 years of experience in a Security Operations Center, with at least 1 year in a leadership or supervisory role. * Proficient in Avigilon Control Center (ACC) and other video management or access control systems. * Strong leadership, communication, and decision-making skills under pressure. * Experience in report writing, investigation management, and coordination with external agencies. * Proficiency with Microsoft Office Suite and incident tracking software. * Ability to train and motivate a diverse team in a 24/7 operational environment. * Must meet standards for professionalism, conduct, and background clearance. "Securitas is committed to diversity, equity, inclusion and belonging in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other applicable legally protected characteristic." #MetroBoston

More than 1,000 organizations worldwide-from 25 Fortune 100 companies to small enterprises-use Bit9 + Carbon Black to increase security, reduce operational costs and improve compliance. Leading managed security service providers (MSSP) and incident response (IR) companies have made Bit9 + Carbon Black a core component of their advanced threat prevention, threat detection and incident response services. With Bit9 + Carbon Black, you can arm your endpoints against advanced threats. Job Description We are looking for a Cloud Security Engineer who can provide hands-on technical engineering and ownership of the growing cloud security program, across multiple providers. You will work closely with our Product Management group as well our Cloud Operations team to help build secure and robust systems responsible for serving all of Bit9 + Carbon Black customers. Role Description: The Cloud Security Engineer provides cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Additionally, the Cloud Security Engineer assists in the development of cyber security requirements, conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in this environment. Key Responsibilities: Serves as the subject matter expert (SME) on Cloud Security for Bit9 + Carbon Black Develops standards, policies and procedures as well as best practices documentation. Participate in efforts that tailor the company's security policies and standards for use in cloud environments Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers. Propose and/or design technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset Lead and influence multi-disciplinary teams in implementing and operating Cyber Security controls. Work closely with application developers and database administrators to deliver creative solutions to complex technology challenges and business requirements. Provides Info security architecture & systems engineering consulting to other IT and business teams. Automate security controls, data and processes to provide better metrics and operational support Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments Stay current on emerging security threats, vulnerabilities and controls. Identify and Implement new security technologies and best practices into Bit9's Cloud offerings Evaluates new technologies against established requirements and validate the security of the technology. Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams Supports the monitoring and maintaining network security suite of tools. Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis Qualifications Bachelor's degree in related business or technical areas, or an equivalency of education and work experience. Minimum of 5-7 years of IT Security and/or security engineering experience 5-7 years related experience in Computer Security, with proven focus on Cloud Security. Clear passion for cloud Security and Cloud technologies. Must have experience with virtualization (cloud or non-cloud) Expert knowledge of Cloud infrastructure, security architectures, and standards Deep technical knowledge of Amazon Web Services, and FedRAMP Able to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels Able to automate/script daily tasks through Python, Bash or equivalent Experience with web-based applications or web-services Proficient in Linux system design, automation and operations Experience in designing and implementing standards, specifications and procedures. Demonstrated ability to take initiative and accountability for achieving results. Strong interpersonal, oral, and written communication skills Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) Skilled in discussing complex security issues in understandable business terms. Very detailed knowledge of system security vulnerabilities and remediation techniques Security certification desired (e.g., CISSP, GIAC, CEH, etc) Experience using Microsoft Visio Additional Information About us: Cyber attacks are now the new normal. Advanced hackers, nation states, organized crime groups and nefarious actors are doing anything and everything they can to get their hands on valuable information that isn't theirs. With more than enough attack vectors out there, we at Bit9 + Carbon Black are looking for more creative and committed security professionals to protect today's top organizations. Bit9 + Carbon Black is an equal opportunity employer.

Site Name: USA - Massachusetts - Cambridge Are you looking for an opportunity to enhance your project management expertise within a cutting-edge global environment? If so, this Facilities Engineering Manager role could be an ideal opportunity to explore. As OT Security Engineer you will provide technical expertise and implementation resources for all automation and control systems activities on new and existing equipment and facilities in the New England Region. This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following: * Liaising with the Site Team with assets residing on the OT with aiding in reviews, audits and any questions / queries with relation to OT security * Maintaining the OT security standard requirements on the identified workstreams OT * Ensuring vendors are managed appropriately at site in terms of OT security compliance * Responsible for OT security related works in the identified workstream, including Capital Projects, to ensure they comply with the GSK OT Security standards, guidance, processes and procedures * Support delivery of cyber security training to the site * Responsible for engaging with GSK OT teams to deliver projects or provide service * Responsible for input into improvement strategies to deliver business benefits. * Responsible for providing technical input during solution design, development, testing and implementation * To act as an OT Network Technical authority on related matters where required * To act as an advocate for OT Cybersecurity, enabling supply divisions to maximize the exploitation of technology Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: * Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field. * 5+ years of experience in cybersecurity, with at least 2 years focused on OT environments. * Knowledge of ICS, SCADA, and OT security principles. * Familiarity with OT protocols (e.g., Modbus, OPC, DNP3) and security tools (e.g., Splunk, Palo Alto Networks, Siemens TIA Portal). * Experience with regulatory frameworks such as NIST, IEC 62443, and ISO 27001. Preferred Qualifications: If you have the following characteristics, it would be a plus: * Exposure to IT infrastructure and Cyber Security risk reduction * Effective communication skills with the ability to interface with operational, capital projects and senior management within the organization * Certifications such as CISSP, GICSP, or ISA/IEC 62443 Cybersecurity Expert. * Strong problem-solving and analytical skills. * Ability to communicate complex technical risks to non-technical stakeholders. * Experience in the pharmaceutical or manufacturing industry is a plus. Why GSK? At GSK, we value the contributions of every team member and are committed to offering a supportive and dynamic work environment. Here's what you'll enjoy as part of our team: * Purpose-Driven Work: Play a key role in protecting the systems that help us deliver life-saving medicines. * Career Growth: Access to training, certifications, and development opportunities to advance your career. * Inclusive Culture: Work in a collaborative and diverse environment where innovation thrives. * Competitive Benefits: Comprehensive health coverage, retirement plans, and family-friendly perks. #LI-GSK We encourage you to apply if you are passionate about making a difference and have the skills to thrive in this role. Join us in creating a healthier world! Please visit GSK US Benefits Summary to learn more about the comprehensive benefits program GSK offers US employees. Why GSK? Uniting science, technology and talent to get ahead of disease together. GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation; oncology; HIV; and infectious diseases - to impact health at scale. People and patients around the world count on the medicines and vaccines we make, so we're committed to creating an environment where our people can thrive and focus on what matters most. Our culture of being ambitious for patients, accountable for impact and doing the right thing is the foundation for how, together, we deliver for patients, shareholders and our people. If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at ************** (US Toll Free) or *************** (outside US). GSK is an Equal Opportunity Employer. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), military service or any basis prohibited under federal, state or local law. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site. Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit the Centers for Medicare and Medicaid Services (CMS) website at *********************************

Senior Cyber Security Analyst is an experienced cyber security individual who maintains the security of an organization's technical environment. They study existing security hardware and software, evaluate new security options and makes recommendations for improvement. Senior Cyber Security Analyst also identifies weak spots in a cyber security system that may be breached and creates procedures to manage threats. Senior Cyber Security Analyst monitors networks for suspicious activity and potential cyber threats. They keep up on threat intelligence, install and maintain security software and encryption. They are responsible for aiding in the planning of security systems, implementing policy and identifying business processes that may violate intended and acceptable use policies. They monitor and remediate vulnerabilities. Senior Cyber Security Analyst works on advanced, complex technical projects or business issues requiring state of the art technical or industry knowledge. Duties and Responsibilities Responsibilities include, but are not limited to the following: Assist in developing, operating, and evolving Cloud Access Security solutions and capabilities Performs system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems Performs threat and vulnerability assessments, followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities Research, recommend, and implement streamlined automation processes Develops and maintains documentation for security systems and procedures Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems Provide support to one or more projects simultaneously. Delivers projects on schedule Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization Assists and trains junior team members in the use of security tools, the preparation of security reports and the resolution of security issues Applies patches where appropriate and, removes or otherwise mitigates known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity Using threat intelligence information research emerging threats and vulnerabilities to aid in the identification of incidents Job Knowledge - Remains up-to-date in assigned area of responsibility: possesses skills and knowledge to perform job effectively; efficiently and safely; acquires, understands, and applies technical and professional information and skills; understands and adheres to policies and procedures Supports the creation of security incident response, business continuity/disaster recovery plans, including conducting tests, publishing test results and making changes necessary to address deficiencies Analyzes problems and alternative solutions and takes appropriate timely action to achieve desired business results. Seeks unique and novel solutions to problems and considers impact of final resolution Perform security standards testing against computers before implementation to ensure security Provide Key Performance Metrics to our Risk Management team to help coordinate risk tracking. Educate internal teams on information security best practices. Assist in technical audits of IT Systems and controls. Other duties as assigned. Corporate Compliance Responsibility - As an essential function, responsible for complying with Neighborhood's Corporate Compliance Program, Standards of Business Conduct, applicable contracts, laws, rules and regulations, policies and procedures as it applies to individual job duties, the department, and the Company. This position must exercise due diligence to prevent, detect and report unlawful and/or unethical conduct by fellow co-workers, professional affiliates and/or agents Qualifications Qualifications Required: Bachelor's degree in Computer Science or a related area and/or sufficient experience in IT Security to equate to the degree. Minimum 10 years' experience Information Systems Minimum 5 years' of Information Security Experience, working with vulnerability management tools (Application/Code vulnerability scanners). Minimum 5 years' experience working with DNS, routing, authentication, VPN, proxies, IDS/IPS, and DDOS mitigation technologies Strong analytical and problem-solving skills to enable effective security incident and problem resolution Strong knowledge of threats and common vulnerabilities associated with exploitation techniques. Hands on experience with Patch Management, and Encryption algorithms Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel Knowledge of Microsoft Windows AD group policy management and WSUS integration Hands on experience with SIEM monitoring, Patch Management, and Encryption algorithms. Familiar with NIST, HiTrust, and CIS Critical Security Controls Demonstrated experience implementing or operation of security hardware or software. Demonstrated Knowledge of Azure AD and Office 365 Ability to articulate technical risk issues in business terms Ability to work well under minimal supervision Security Certification (CISSP, CCSP, GIAC, CISM) Experience scripting and automating (PowerShell, python) Demonstrated experience with strategic thinking and risk based decision making Preferred Knowledge of network infrastructure including routers, switches, firewalls, wireless, and associated protocols Knowledge of SCCM, Nutanix, VMware, Linux, Web and email content filtering, Signal Sciences, Rapid 7, CrowdSrike, CyberArk Strong understanding of TLS, HTTPS, SFTP, SSH, IPSec Neighborhood Health Plan of Rhode Island is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Basic Qualifications RRequires a Bachelor's degree in Systems Engineering, or a related Science, Engineering, Technology or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibilityrequirements for access to classified information. Due to the nature of work performed within our facilities, U.S.citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package #CJ3 Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $124,397.00 - USD $138,003.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans