Cyber security analyst jobs in Wisconsin

We at Agap Technologies Inc. help our clients build successful businesses by enabling them to synergize state-of-the-art technology with exceptional talent. We offer a full suite of IT solutions and services, from custom software development to staffing. Our multidisciplinary team of experts in areas like data analysis, automation, personnel development and management, and project management helps us offer a unique set of tech-driven solutions and services that allow our clients to achieve their business objectives in the most efficient way possible. Our technical competence is further built upon by our high standards of professionalism, diligence, and ethics, which has enabled us to deliver top-notch services to our clients and exceed expectations every time. Job Description Our Training Features: · You will receive top quality instruction that is famous for Online IT training. · Trainees will receive immediate response to any training related queries, either technical or otherwise. We advise our trainees not to wait till the next class to seek answers to any technical issue. · Training sessions are conducted by real-time instructor with real-time examples. · Every training session is recorded and posted to the batch after each weekend class. · We are offering online training on Cyber Security. . Provide OPT Stem Ext.: Guidance and support for applying for the 24-month OPT STEM extension Help with OPT Employment letter: Help with drafting and obtaining OPT employment letters that meet USCIS requirements. · We provide training in technology of your choice. · Good online training virtual class room environment. · Highly qualified and experienced trainers. · Professional environment. · Special interview training · Training for skill enhancement. · Study material and Lab material provided. · E-Verified company. If you are interested or if you know anyone looking for a change, please feel free to call or email me for details or questions. I look forward to seeing resumes from you or your known and highly recommended candidates. Thanks Additional Information All your information will be kept confidential according to EEO guidelines.

This is a key role within General Imaging (GI) Ultrasound with a focus on vulnerability management and incident response capability. In this role you will work in a team to identify risks and communicate and track product vulnerabilities. GE HealthCare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world. Job Description Responsibilities Duties include (but are not limited to): * Technical ownership of product security feature deliverables, with the ability to gather and analyze data, develop architectural requirements and lead implementation efforts * Work closely with cross-functional teams in requirements gathering and software design Roles and Responsibilities * Scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment * Engage in incident response methods, lead incident response processes related to product cyber * Create and track meaningful metrics around product cyber risk and compensating controls * Create vulnerability and incident trend analysis to improve product design * Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components * Engage and administer End of Life processes for digital products * Consult architects on security requirements and utilize best practices to meet requirements * Engage in application and domain-specific threat modeling and attack surface analysis/reduction * Respond promptly and in detail to customer-sponsored penetration tests * Provide guidance on automated testing tools and techniques * Discover and mitigate vulnerabilities in sensitive Critical Infrastructure/ Key Resource Domains (CI/KR) * Develop and design innovative cyber security solutions for unique and complex technologies * Work in partnership with government agencies, leading industry experts, and academia * Leverage traditional and non-traditional research methodologies to advance GE HealthCare's overall Cybersecurity practice * Assess and investigate specific threats in terms of severity and impact * Create detailed reports on vulnerabilities, bugs, and design flaws * Create IPS/IDS rules or other mitigations to protect vulnerable systems * Interact with global teams to promote consistency and maximize synergies across common software platforms * Able to join the team and gain mastery of the Ultrasound domain and contribute towards the development Software Infrastructure * Drive world-class quality in the development and support of products * Apply principles of SDLC and methodologies like Lean/Agile/XP, CI, Software and Product Security, Scalability, Documentation Practices, refactoring and Testing Techniques * Understand performance parameters and assess application performance * Proactively share information across the team, to the right audience with the appropriate level of detail and timeliness * Design, develop, implement, test and deploy subsystem/security solutions and apply in-depth knowledge of product related technologies, technology platforms, architectures, engineering design principles and advancements * In collaboration with principal engineers/architects and execution leaders, assist in the analysis, design and development of the product roadmap * Manage design evolution across multi-generation product releases * Perform design and code reviews, and provide feedback on product security Required Qualifications * Bachelor's degree in computer science or "STEM" Majors (Science, Technology, Engineering and Math) with minimum of 4 years of professional experience including Cyber Security * Certification in the Privacy, Security & Regulatory domain or related certification * Experience in object-oriented design methodology and various programming languages such as C/C++. Hands-on experience in C++ on Windows a plus. * Working knowledge in configuration management tools such as Perforce, GIT, ClearCase, etc... * Experience working with Windows API and application programming * Experience in software platform, advanced applications, user-interface design and/or systems engineering especially in the healthcare domain -preferably Ultrasound * Good skills in knowing how to debug software issues * Experience with multicore and multi-threaded software design and computing environment * Experience driving technical design reviews * Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate, and influence across all organizational levels * Proven analytical and problem resolution skills * Demonstrated ability to work with and/or lead blended teams, including global teams * Experience setting up and maintaining automation in CI/CD workflow pipelines a plus Desired Characteristics Technical Expertise: * Familiarity with identifying, analyzing, and ethically exploiting the various classes of vulnerabilities that affect executable code * Strong knowledge of TCP/IP networking. Ability to use Wireshark to capture and analyze network traffic * Hands-on experience working with Windows and Linux based systems * Programming skills in one or more languages (we develop using Python, C, C++, CUDA, and others) * Ability to understand machine language, operating systems, common APIs, libraries, and runtime environments and how they interact with hardware, firmware, and binary code * Familiarity with digital electronics and microcontrollers. Exposure to SCADA/DCS systems or industrial technologies * Business Acumen: Able to translate vulnerability information into business risks relevant to our customers * Attention to detail with initiative to explore alternate technology and approaches to solving problems * Good understanding of workflow in the healthcare industry * Knowledge of ultrasound or demonstrated experience with development of medical device software * Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance * Experience with secure coding principles; code signing and secure boot * Experience with penetration testing and ethical hacking * Knowledge of CI/CD and automation tools (Chef, Git, Jenkins) * Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML) * Knowledge of application risk identification and evaluation techniques, and knowledge of Cyber Security and related engineering functions * Experience securing applications within cloud platforms such as AWS, Azure, etc. * Must be willing to work onsite at least 3 days a week in Wauwatosa/Waukesha, Wisconsin * Self-starter, energizing, results oriented and able to multi-task; tenacious and organized * Ability to foresee obstacles, identify workarounds, leverage resources, rally teammates * Ability to influence and build consensus with other scrum teams and leadership * Demonstrates adaptability and openness to change, effectively navigating ambiguity and responding to evolving information, circumstances, and priorities * Exhibits clear and strategic thinking, translating complex strategies into actionable steps. Makes timely, informed decisions and communicates priorities with clarity and precision #LI-ONSITE #LI-WI #LI-RV1 We will not sponsor individuals for employment visas, now or in the future, for this job opening. Additional Information GE HealthCare offers a great work environment, professional development, challenging careers, and competitive compensation. GE HealthCare is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. GE HealthCare will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable). While GE HealthCare does not currently require U.S. employees to be vaccinated against COVID-19, some GE HealthCare customers have vaccination mandates that may apply to certain GE HealthCare employees. Relocation Assistance Provided: No

Assist DWD's security team with general security maintenance duties, inclusive of account provisioning - password resets - account deletions. Also assist with security analysis and design, compliance and risk assessment activities and provide consultation services regarding security best practices. Hardware/Software Environment: Knowledge of multiple computer platform security admin tools expected; inclusive of mainframe RACF, network AD, MS -outlook, multi -factor, and others.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Job Description This is a hybrid position requiring 3 days in office at our Middleton, WI office location. #LI-Hybrid At CapSpecialty, we are a specialty underwriting company being driven by well-informed, entrepreneurial and proactive employees. Come join our exciting company where you can really make an impact, and each individual's unique skills and talents are recognized and valued. You will find an accessible leadership team that welcomes opinions and ideas. We owe much of our success to our collaborative environment and set of three guiding principles rooted in customer-centricity, employee excellence and corporate culture. We offer competitive compensation and benefits packages - including an innovative open vacation plan, generous paid sick and parental leave, fully vested matching 401k, company-paid group term life insurance and short- & long-term disability plans, professional and educational growth opportunities, flexible and casual work environment, and recognition for exceptional performance. Please see our full list of Total Rewards here. CapSpecialty is seeking an Information Security Analyst who will support our organization's cybersecurity operations. The analyst will assist in monitoring systems, investigating alerts, managing access controls, and supporting compliance efforts. This role includes exposure to Identity & Access Management (“IAM”) and other key areas of information security. Duties/Responsibilities: Conduct investigations into and properly document security incidents, including evaluating incident impact and recommending corrective actions to management. Collate security metrics and generate reports from the security systems as needed. Support managing accounts and permissions in IAM systems, including recommending improvements to identity governance where appropriate. Perform tasks as assigned to meet any audit requests. Help maintain IAM documentation and workflows. Help maintain and promote security policies, procedures, and training materials. Oversee assigned components of the security awareness programs, and track employee participation including following up on training completion. This may include reporting compliance metrics to leadership. Manage the physical security program, providing recommendations for updates as needed. Keep up to date and current on security trends. Other related duties and initiatives, as assigned. Supervisory Responsibilities: None. Core Competencies: Proven ability to deal well with ambiguity, prioritize tasks, resolve issues and deliver measurable results in an agile, fast-paced environment. Excellent oral and written communication skills. Ability to manage difficult customer situations, elicit customer feedback, analyze and resolve customer issues. Excellent analytical, problem solving, collaboration and time-management skills. A high level of integrity and commitment to confidentiality. Must be highly self-motivated requiring minimal direction. Have a passion for Information Security and a desire to advance personal growth through continuing professional education, self-study, and pursuit of technical certifications. Education and Experience: Associate's degree in computer science or equivalent. 1+ years of relevant experience in IT with exposure to cybersecurity practices, technologies, and methodologies is preferred. Basic understanding of security principles, threats, and controls is desirable. Familiarity with IAM concepts and tools (i.e. Active Directory, Okta, Azure AD) is a plus but not required. Familiarity with security controls and technologies desired (i.e. firewall, SIEM, DLP, WAF, and IPS.). Physical Demands Prolonged periods of sitting at a desk and working on a computer. May be required to lift up to 15 pounds at times. CapSpecialty is a leading provider of specialty insurance and bonds for small- to mid-sized businesses in the U.S., offering casualty, professional liability, surety and fidelity products in all 50 states and the District of Columbia. By working with select partners through a limited distribution model, CapSpecialty's creative, hard-working team provides personalized service and cultivates mutually successful partnerships to deliver positive results. CapSpecialty is an operating subsidiary of Berkshire Hathaway, and its carriers have an A ("Excellent") rating from A.M. Best, writing both admitted and non-admitted policies. For more information, please visit CapSpecialty.com. Apply today! Equal Employment Opportunity Employer Powered by ExactHire:184950

At Children's Wisconsin, we believe kids deserve the best. Children's Wisconsin is a nationally recognized health system dedicated solely to the health and well-being of children. We provide primary care, specialty care, urgent care, emergency care, community health services, foster and adoption services, child and family counseling, child advocacy services and family resource centers. Our reputation draws patients and families from around the country. We offer a wide variety of rewarding career opportunities and are seeking individuals dedicated to helping us achieve our vision of the healthiest kids in the country. If you want to work for an organization that makes a difference for children and families, and encourages you to be at your best every day, please apply today. Please follow this link for a closer look at what it's like to work at Children's Wisconsin: *********************************** Children's Wisconsin is seeking a Senior Information Epic Security Analyst- to join our team! Location: Remote but must be local to Milwaukee What you will do: The IS Security Analyst-Epic will perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Ensures that user community understands and adheres to necessary procedures to maintain security. Must be able to weigh business needs against security concerns and articulate issues to management. Primary EPIC security lead on Enterprise Information Security team responsible for management of Epic user records (EMP users, including background users) which includes the life cycle management of the records (creation, modification, inactivation) and auditing as appropriate. Collaborates with app analysts teams who manage the templates and sub templates. Participates in the development of workflows, system configuration, change documentation, optimization and support related to Epic security, while working with application teams to deploy functionality changes, new modules or departments, update security classes, modify provider records, conduct user analysis, and implement security enhancements. Leads and assists in the development of department and organization wide policies and procedures, while effectively communicating policies and procedures impacting Identity and Access management to end users, leadership, and peers to ensure compliant practices. Provides guidance on optimizing security build based on appropriate minimum necessary standards. Responsible for the on-going maintenance, testing, support and optimization of Epic user security and provider management, with focus on role based access. Epic certification is a requirement. Excellent organizational skills and ability to manage work load while assigned to multiple simultaneous projects with minimal supervision. Thorough understanding of user account administration in a network environment. Thorough understanding of security auditing principles. Familiarity with current common paradigms for violating system integrity. Top-tier security performance tuning skills and trouble-shooting required. Works closely with all levels of the organization to ensure that security is consistent with organizational security standards, information access requirements and business strategies. Coordinates with IS entities regarding technical considerations (user rights/privileges, system access) to ensure proper implementation and provides on-going support for all security operations. Works collaboratively with Internal Audit, Corporate Compliance, Human Resources and other departments on security related issues and projects. Works with cross-functional teams to perform reviews and tests of IS internal controls to ensure existing systems are operating as designed and contain adequate controls. Monitors and analyzes technology security and recommends appropriate IS policies, procedures and practices to strengthen security operations. Provides consultation regarding audit, regulatory and security management activities across IS functional areas. Coordinates the IS component of both internal and external audits, federal and state examinations. ESSENTIAL FUNCTIONS: Demonstrates behaviors outlined in the Core Competencies the Blue Kids Way to provide service excellence as a committed partner to children, families and co-workers. Recommends and maintains policies and procedures related to information security. Monitors the organization's overall security fabric. Assesses security needs and capabilities of the organization. Makes regular reports to management concerning security measures. Makes recommendations for improvement as required. Identifies and provides information security awareness training as appropriate. Identifies appropriate courses to enhance security capabilities and competencies of the organization. Works with management to perform and maintain risk assessments. Ensures organization compliance with the security sections of Federal and State statutes, including HIPAA, as well as regulatory requirements. Coordinates investigations into potential security infractions. Determines and designs appropriate tests for all aspects of information security. Activities may include attempted “cracking” of system security, review of audit trails and attempted theft of devices. Evaluates system effectiveness and makes change recommendations as necessary. Coordinates periodic reviews of system security by outside consultants, including vulnerability assessments, penetration tests, HIPAA reviews and PCI compliance. Works with IS teams to implement recommendations as appropriate. Monitors, evaluates and makes recommendations regarding perimeter security including prevention against attack, viruses, and other forms of malicious software. Monitors, evaluates and makes recommendations regarding email and Internet content filtering. Evaluates and makes recommendations regarding requested changes to perimeter security. Recommends policies and procedures for controlling remote access by employees, non-employees and vendors. Reviews and makes recommendations regarding security oriented software applications and workstation security, including patch management, user rights management, and operating system configuration. Keeps current on security issues through seminars, publications and self-education on an on-going basis. MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED: Requires bachelor's degree in computer science or related technology field. Master's degree preferred. Requires 7 years of relevant computer systems experience, preferably in a hospital or healthcare setting. Significant experience in IS security administration including compliance, audit, and information security management. Epic Security certification is a requirement. Professional certification (e.g. CISA, CISM or CISSP) preferred. Thorough understanding of risk analysis, disaster recovery and audit tracking. Familiarity with current common paradigms for violating system integrity. Must have excellent interpersonal skills to effectively communicate with all levels of hospital personnel, vendors and IS personnel. Must possess the ability to deliver clear, concise communications and presentations. Must be able to train others on key IS security concepts. Children's Wisconsin is an equal opportunity / affirmative action employer. We are committed to creating a diverse and inclusive environment for all employees. We treat everyone with dignity, respect, and fairness. We do not discriminate against any person on the basis of race, color, religion, sex, gender, gender identity and/or expression, sexual orientation, national origin, age, disability, veteran status, or any other status or condition protected by the law. Certifications/Licenses:

For one of our long-term multiyear projects we are looking for a Security Analyst out of Madison, WI. This Security Analyst will specialize in securing web applications developed and supported by the Department of Children and Families (DCF). Responsibilities: • Research and implementation of cyber threat preventative designs and standards. This role includes developing processes to follow during a cyber-attack and taking an active role during a cyber-attack. • Working with several areas of DCF BITS and with the State of Wisconsin data center specialists, the analyst will advise on policies and procedures to implement web application security into application designs and also to identify and implement secure infrastructure design and configurations. • This security analyst will work with the DCF BITS IT Security officer, application team managers and technical leads, and business partners to respond to and document controls in order to meet various audit requirements. • Designs and coordinates implementation of security controls. • Monitors compliance with security policies and procedures. • The security analyst will coordinate and collaborate with multiple BITS sections, business partners, and other State Agencies. • Create compelling presentations to share effective practices, process improvements to BITS, business partners, and executives as requested. • Mentors development teams on how to implement security controls. • Lead a culture change to actively integrate security controls into the current SDLC at DCF. Qualifications: • Relies on extensive experience and judgment to plan and accomplish goals. • Must remain abreast of the ever evolving and new cyber security trends and preventative methods, current technology, emerging technology, and industry trends. • Must have experience with a variety of the security concepts, practices, and procedures. • Must have excellent communication skills, facilitation skills, mentoring skills and ability to work under pressure. • Security Analyst capabilities with 8 or more years of web application security experience. • Proficiency with a wide variety of security concepts, practices, and procedures. • Skill creating compelling presentations to share effective practices, process improvements to IT and business partners. • Must have web application development experience and web application infrastructure experience. • Ability to become a trusted process advisor, with a high level of operational thinking and ability to analyze IT systems. • Experience in development and facilitation of planning, orientation and training sessions with executives, management and other agencies desired. • Strong analytical and systemic thinking skills, with ability to synthesize information from many sources to develop technical and business recommendations. • Effective communication skills including excellent listening skills and the ability to communicate technically and professionally with all levels of staff both verbally and in writing.

The Security Analyst- Pen Testing plays a critical role in facilitating continued growth and execution within our security practice. This highly skilled and detail-oriented Consultant will have deep knowledge in Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Hardware Penetration Testing. The ideal candidate will be responsible for identifying vulnerabilities across software and hardware systems, advising on remediation strategies, and communicating findings clearly to both technical and non-technical stakeholders. Primary Responsibilities: * Conduct in-depth SAST, DAST, and SCA assessments across a variety of application types (web, mobile, desktop, APIs). * Perform hardware penetration testing on embedded systems, IoT devices, and industrial control systems (ICS), including debug interface discovery, firmware extraction and analysis, and secure boot review. * Develop and maintain threat models, attack trees, and risk assessments for both software and hardware systems. * Identify and exploit vulnerabilities using both manual techniques and automated tools, simulating real-world attack scenarios. * Provide detailed technical reports and executive summaries tailored to different audiences, including developers, engineers, and leadership. * Collaborate with product and engineering teams to prioritize and remediate vulnerabilities, offering secure design and coding recommendations. * Participate in security architecture reviews and code reviews to identify potential weaknesses early in the development lifecycle. * Assist in the development and implementation of security testing methodologies, checklists, and standard operating procedures. * Conduct security tool evaluations and help integrate them into CI/CD pipelines for continuous security testing. * Lead or support red team/blue team exercises, tabletop simulations, and incident response drills. * Stay abreast of the latest security trends, vulnerabilities, and threat actor tactics, techniques, and procedures (TTPs). * Contribute to internal knowledge bases, training sessions, and technical workshops to upskill team members and clients. * Engage with clients to understand their security needs, define testing scopes, and deliver high-quality consulting services. * Ensure all testing activities comply with legal, ethical, and organizational guidelines, including responsible disclosure practices. * Develop and present organized report findings to technical audiences.

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** Black Lotus Labs is seeking a Principal Security Engineer on the Research & Analysis team. This team leverages Lumen's global visibility of one of the world's largest and most interconnected IP backbones and a petabyte-scale compute cluster to perform cutting edge threat research, hunting and tracking advanced persistent threat actors (APTs) and emerging criminal activity as the threat actors traverse the internet. They empower customers to stay ahead of the evolving threat landscape. **The Main Responsibilities** + Serve as Threat Research Subject Matter Expert, offering guidance and support to the Black Lotus Labs team on threat hunting activities, such as identifying knowledge gaps, troubleshooting technical challenges, developing solutions, and mentoring team members in overcoming obstacles. Set priorities for what threats to analyze to maximize team's impact. + Conduct threat research across technical data sets, fusing Black Lotus Labs telemetry with third party data sets, to automate detection of the latest threat attacker tools, techniques and procedures (TTPs) with a goal of automating detection. + Use industry-leading technical knowledge of adversary capabilities and infrastructure and define, develop, and implement techniques to lead the team in tracking sophisticated adversaries, delivering actionable threat intelligence data to Lumen customers. + Lead and enhance threat hunting operations by actively engaging with other research teams, building strong partnerships to achieve shared goals, exploring new data sources, and mentoring team members in executing workflows and solving complex challenges. + Provide expert analysis and strategic insights on emerging threats and vulnerabilities, translating complex technical information into actionable intelligence for executive leadership and external stakeholders. + Spearhead thought leadership initiatives by leading Black Lotus Lab's voice at security conferences and internal executive briefings. **What We Look For in a Candidate** + Proven experience in threat hunting and in-depth technical security research, demonstrating a strong track record of successfully identifying, tracking, and disrupting nation-state and cybercriminal threat actors. + Deep understanding of advanced threat hunting methodologies, attacker tactics, techniques, and procedures (TTPs), and the ability to derive actionable threat hunts from complex data sets. + Demonstrated experience building prototype threat hunting solutions and large data analysis tools with Python (or other equivalent languages). + Proven experience initiating and coordinating technical projects focused on telemetry collection, TTP based threat hunting, or developing threat hunt tools that have cross-organization impact on threat visibility, including leading private-public partnerships and multi-company collaborations. + 5+ years of experience in the IC, DoD or similar tracking and defending against nation state threat activity. + Exceptional communication and presentation skills, including the ability to clearly and concisely convey complex technical information to both technical and non-technical audiences, ranging from executives and board members to conference attendees and internal stakeholders. + Experience presenting at industry conferences and in the media. + Highly organized with the ability to manage multiple tasks, prioritize effectively, and triage competing demands in a fast-paced environment. + Proven ability to lead and manage complex technical projects, effectively driving them to successful completion. + Active TS/SCI clearance with poly **Well-experienced candidates may also have the following skills: ** + Proficiency in malware reverse engineering and incident response. + 5+ years of experience leading teams of technical threat discovery professionals. + Software development experience in Docker and big data technologies like Hadoop, Spark, and Tensor Flow. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** \#LI-JS1 Requisition #: 339093 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 12/09/2025

SummaryThis is a key role within General Imaging (GI) Ultrasound with a focus on vulnerability management and incident response capability. In this role you will work in a team to identify risks and communicate and track product vulnerabilities. GE HealthCare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.Job DescriptionResponsibilities Duties include (but are not limited to): Technical ownership of product security feature deliverables, with the ability to gather and analyze data, develop architectural requirements and lead implementation efforts Work closely with cross-functional teams in requirements gathering and software design Roles and Responsibilities Scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment Engage in incident response methods, lead incident response processes related to product cyber Create and track meaningful metrics around product cyber risk and compensating controls Create vulnerability and incident trend analysis to improve product design Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components Engage and administer End of Life processes for digital products Consult architects on security requirements and utilize best practices to meet requirements Engage in application and domain-specific threat modeling and attack surface analysis/reduction Respond promptly and in detail to customer-sponsored penetration tests Provide guidance on automated testing tools and techniques Discover and mitigate vulnerabilities in sensitive Critical Infrastructure/ Key Resource Domains (CI/KR) Develop and design innovative cyber security solutions for unique and complex technologies Work in partnership with government agencies, leading industry experts, and academia Leverage traditional and non-traditional research methodologies to advance GE HealthCare's overall Cybersecurity practice Assess and investigate specific threats in terms of severity and impact Create detailed reports on vulnerabilities, bugs, and design flaws Create IPS/IDS rules or other mitigations to protect vulnerable systems Interact with global teams to promote consistency and maximize synergies across common software platforms Able to join the team and gain mastery of the Ultrasound domain and contribute towards the development Software Infrastructure Drive world-class quality in the development and support of products Apply principles of SDLC and methodologies like Lean/Agile/XP, CI, Software and Product Security, Scalability, Documentation Practices, refactoring and Testing Techniques Understand performance parameters and assess application performance Proactively share information across the team, to the right audience with the appropriate level of detail and timeliness Design, develop, implement, test and deploy subsystem/security solutions and apply in-depth knowledge of product related technologies, technology platforms, architectures, engineering design principles and advancements In collaboration with principal engineers/architects and execution leaders, assist in the analysis, design and development of the product roadmap Manage design evolution across multi-generation product releases Perform design and code reviews, and provide feedback on product security Required Qualifications Bachelor's degree in computer science or “STEM” Majors (Science, Technology, Engineering and Math) with minimum of 4 years of professional experience including Cyber Security Certification in the Privacy, Security & Regulatory domain or related certification Experience in object-oriented design methodology and various programming languages such as C/C++. Hands-on experience in C++ on Windows a plus. Working knowledge in configuration management tools such as Perforce, GIT, ClearCase, etc... Experience working with Windows API and application programming Experience in software platform, advanced applications, user-interface design and/or systems engineering especially in the healthcare domain -preferably Ultrasound Good skills in knowing how to debug software issues Experience with multicore and multi-threaded software design and computing environment Experience driving technical design reviews Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate, and influence across all organizational levels Proven analytical and problem resolution skills Demonstrated ability to work with and/or lead blended teams, including global teams Experience setting up and maintaining automation in CI/CD workflow pipelines a plus Desired Characteristics Technical Expertise: Familiarity with identifying, analyzing, and ethically exploiting the various classes of vulnerabilities that affect executable code Strong knowledge of TCP/IP networking. Ability to use Wireshark to capture and analyze network traffic Hands-on experience working with Windows and Linux based systems Programming skills in one or more languages (we develop using Python, C, C++, CUDA, and others) Ability to understand machine language, operating systems, common APIs, libraries, and runtime environments and how they interact with hardware, firmware, and binary code Familiarity with digital electronics and microcontrollers. Exposure to SCADA/DCS systems or industrial technologies Business Acumen: Able to translate vulnerability information into business risks relevant to our customers Attention to detail with initiative to explore alternate technology and approaches to solving problems Good understanding of workflow in the healthcare industry Knowledge of ultrasound or demonstrated experience with development of medical device software Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance Experience with secure coding principles; code signing and secure boot Experience with penetration testing and ethical hacking Knowledge of CI/CD and automation tools (Chef, Git, Jenkins) Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML) Knowledge of application risk identification and evaluation techniques, and knowledge of Cyber Security and related engineering functions Experience securing applications within cloud platforms such as AWS, Azure, etc. Must be willing to work onsite at least 3 days a week in Wauwatosa/Waukesha, Wisconsin Self-starter, energizing, results oriented and able to multi-task; tenacious and organized Ability to foresee obstacles, identify workarounds, leverage resources, rally teammates Ability to influence and build consensus with other scrum teams and leadership Demonstrates adaptability and openness to change, effectively navigating ambiguity and responding to evolving information, circumstances, and priorities Exhibits clear and strategic thinking, translating complex strategies into actionable steps. Makes timely, informed decisions and communicates priorities with clarity and precision #LI-ONSITE #LI-WI #LI-RV1 We will not sponsor individuals for employment visas, now or in the future, for this job opening. Additional Information GE HealthCare offers a great work environment, professional development, challenging careers, and competitive compensation. GE HealthCare is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. GE HealthCare will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable). While GE HealthCare does not currently require U.S. employees to be vaccinated against COVID-19, some GE HealthCare customers have vaccination mandates that may apply to certain GE HealthCare employees. Relocation Assistance Provided: No

The JFG Information Security Engineering & Operations Analyst plays a key role in supporting JFG's Identity & Access Management (IAM), Cyber Threat Management, and Vulnerability Management services. This role helps support IAM services to provision, deprovision, and certify access to JFG systems. It also helps detect, analyze, hunt for, and report on cybersecurity events related to malware, network intrusion, and data loss protection and insider threat incidents. This role is also responsible for finding and reporting on internal and external vulnerabilities on JFG systems. This role will be supported by a Managed Detection & Response (MDR) services and Identity & Access Management Managed services. Occasional off-hour and weekend work will be expected. Very little (less than 5%) business travel is expected in this role. This role will be located in Racine, Wisconsin. Ability to come in-office would be required (working a hybrid schedule.) KEY RESPONSIBILITIES: * Detect, analyze, contain, and remediate threats and vulnerabilities across the JFG environment. * Operate and support vulnerability management, data loss protection, cybersecurity monitoring, cybersecurity incident response, intrusion analysis, root-cause-analysis (digital forensics), cyber-threat intelligence, and malware analysis technologies. * Lead and report on incidents involving malware, network intrusion, insider-threat, internal investigations and litigation support activities. * Incorporate Cyber Threat Intelligence into operational signal intelligence and reporting. * Proactively investigate JFG environment for threats based on Cyber Threat Intelligence and known threat methods and patterns (aka Threat Hunting). * Operate and support Identity Governance and Administration technologies to support timely on/off-boarding of people and regular access governance reviews to ensure appropriate access. * Support weekly/monthly/quarterly/annual operational metrics, reports and dashboards. * Assist with maintaining the Cybersecurity Incident Response Plan. * Collaborate on the continuous improvement of Information Security Operations processes, workflows, and procedures (e.g. RunBooks). * Automate repetitive tasks and drive efficiencies with measurable benchmarks to show progress. JOB REQUIREMENTS: * Associates degree in Information Security, Cybersecurity preferred * 0-2 years' experience * Types of certification preferred: Security+, CEH, SSCP * Experience with Python and PowerShell scripting languages for automation preferred * Good report writing and communication skills * Has a basic understanding of the Information Security platforms at JFG, common Information Security controls and frameworks, networking concepts and technologies, as well as Windows and Linux environments Come as you are. Johnson Financial Group supports and is committed to the principle of equal employment opportunity. We make all employment-related decisions without regard for an individual's race, color, religion, sex, sexual orientation, age, national origin, citizenship, disability, veteran status, or any other protected status as required by law.

We believe that the right opportunity can provide a huge jumpstart towards earned expertise. As our Information Security Analyst, you'll be part of the team responsible for maintaining the security and integrity of all data and systems in our Community First enterprise environment. This is an entry-level position where excellent mentorship and real-world applications will allow you to grow and mature your understanding of cyber security threats, technologies, and countermeasures. As you learn and grow, you'll have the opportunity to serve as a Subject Matter Expert (SME) and resource to other IT teams and CU leadership. You'll be part of the conversation when discussing and recommending security initiatives to manage risk or address enterprise information security issues. You'll have first-hand experience examining infrastructure and devices to identify security flaws and recommend fixes. Your work will also include analyzing security processes/procedures and recommending new technologies or updates to combat current threats/risks, monitoring event logs to identify anomalous activity, and taking the necessary action to protect all credit union systems and data. If all of this sounds like your idea of an engaging work environment...we should talk! As our Information Security Analyst, you'll: Provide members and staff with secure, reliable, efficient, and user-friendly systems that support short and long term objectives for Community First Manage information security systems that support business operations and member facing systems Collaborate with staff both internal and external to the department to provide system support and improvements that benefit either staff or members directly Assist in developing and documenting plans for securing systems that support the business objectives to either improve business functionality or provide enhancements for members Assist in business continuity planning and systems security for business and member facing systems as required Contribute to the regulatory compliance as assessed from risk assessments and audits; both internal and external Research changing trends in information security threats and technology in contrast to regulations to ensure Community First remains compliant while delivering competitive products and services for businesses and members Contribute to the implementation of Protective Controls through Vulnerability Management, System Hardening, Attack Surface Reduction programs Contribute to the implementation of Detective Controls through SIEM, log analysis, Threat hunting programs, network monitoring tools Support Information Security Incident Response events following the Community First Information Security program and procedure Contribute to the implementation, management, and documentation of security technologies deployed by Community First: SIEM, Firewalls, IPS, and other security-related devices. Work collaboratively with Community First IT teams to support Information Security goals and projects. Research and contribute to the secure technology infrastructure based on regulatory requirements and industry best practices Assist in developing and maintaining the Community First's Information Security Program; this includes answering staff questions about security, responding to security incidents, documenting processes and procedures, and preparing materials for ongoing security knowledge transfer to staff. Contribute to standards for documenting information systems and changes to them and for testing new systems and updates for current programs before they are put into production Obtain certifications or attend technology and/or other conferences to remain informed of new industry trends, strategies, and opportunities; with strong consideration of changes within the credit union industry Respond to Information Security Events outside business hours or during on-call support An ideal candidate will have a combination of: Bachelor's degree or a combination of education and relevant experience (Infrastructure or Information Security related) Have obtained or are pursuing a current Information Security certification (example: Security+, CySA+, GSEC) Functional knowledge of new and emerging technologies, systems, and resources in the industry. Including but not limited to: Knowledge and understanding of network infrastructure and associated network ports and protocols Knowledge and understanding of enterprise operating systems, server administration, and management Ability to develop and document repeatable processes and procedures. Awareness of or practical hands-on with SIEM & Vulnerability Management programs Awareness of or practical hands-on with SIEM & Vulnerability Management programs Awareness of the MITRE ATT&CK framework Prior experience working with a traditional Infrastructure or Information Security program or examples of similar work done as part of school, or other professional training programs

Menasha Corporation Employees, please log-in to your Workday account to apply for positions. ABOUT US (AND OUR EXCITING FUTURE) Menasha Corporation is all about possibilities. Our two businesses, Menasha Packaging and ORBIS Corporation, are leaders in their industries, providing corrugated and plastic packaging products and related services to major global companies. Our employees make the difference, proving that great ideas, collaboration and quality turn possibilities into success. Working at Menasha Corporation means that your insights provide cutting-edge solutions for our customers. If you like to make things happen and are passionate about what you do, you're going to want to be here. Join us and become part of the power behind possible. About The Opportunity We are looking for a senior engineer and visionary leader to build and run our enterprise Identity & Access Management (IAM) program with a deep focus on CyberArk and full identity lifecycle automation. You will design and own the joiner/mover/leaver process, build birthright access models, integrate HR → IAM → AD systems, and lead the roadmap for privileged and non-privileged identity controls across the organization. This is a strategic technical role the opportunity to define how identity security operates for years to come.Key Responsibilities Program Ownership Own the architecture, engineering, and operations for the CyberArk IAM ecosystem. Build the complete JML process-including business logic, workflows, API-driven automation, approvals, and governance. Define and implement enterprise birthright access across HRIS, directory services, SaaS, and on-prem applications. Establish standards, controls, KPIs, and audit processes for identity and privileged access. Technical Leadership Design end-to-end integrations between HR systems (Workday, SuccessFactors, etc.), IAM, AD/AAD, CyberArk, and enterprise apps. Lead automation efforts using PowerShell, Python, REST APIs, and CI/CD pipelines. Implement PAM controls including password rotation, session management, onboarding, and continuous monitoring. Partner with HR, IT, Cloud, and Internal Audit to build identity governance and compliance frameworks. Strategic Direction Serve as product owner for CyberArk and identity lifecycle automation. Mentor a small team of IAM/PAM engineers as the program scales. Drive the technical roadmap aligned with Zero Trust and least-privilege principles. Present architecture, metrics, and risk posture to the Senior Director IT Security and Compliance. Required Experience 7+ years in IAM/PAM engineering, with 4+ years hands-on CyberArk (PAS, CPM, PSM, Conjur, EPM preferred). Demonstrated experience designing or owning JML automation. Strong automation skills in PowerShell, Python, or equivalent. Proven background integrating HRIS with IAM (Workday, SuccessFactors, BambooHR, etc.). Architecture experience with AD/Azure AD, LDAP, SSO, SAML/OIDC, SCIM. Experience leading or influencing teams, programs, or major initiatives. Strong communication skills. Preferred Qualifications Prior program ownership of an IAM or PAM platform. Cloud identity experience (Azure, AWS, GCP). Two companies, one vision. Menasha Corporation consists of two companies that are leading the way to a sustainable future with packaging and supply chain solutions. Founded in 1849 and headquartered in Neenah, Wisconsin, we employ over 7,500 employees in 112 facilities in North America and Europe. Our companies are leading corrugated and plastic packaging manufacturers and supply chain solution providers. Our Menasha Packaging Company is the largest independent provider of packaging and supply chain service solutions in North America, designing, printing, and fulfilling graphic packaging, display and merchandising solutions for over 1,800 brands, both in-store and online. Our ORBIS business believes there is a better way to optimize today's supply chains, with reusable packaging products and services. Reusable containers, pallets, dunnage, bulk systems and metal racks improve the flow product all along the supply chain to reduce costs, enhance profitability and add sustainability. Our products and services are used by global, name-brand companies in the food, beverage, health and beauty, over-the-counter pharmaceutical, industrial, automotive, and electronics industries. Come build an exciting, rewarding career with us, where you'll have opportunities to grow. The possibilities are endless. The power is yours! Menasha Corporation and its subsidiaries and affiliates are equal opportunity employers. All qualified applicants will be provided with equal employment opportunities without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or genetic information.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Job DescriptionUnder general supervision of the Security & Accounts Management Manager, this position works as a part of the Security & Accounts Management team and is responsible for provisioning and de-provisioning access to DOC networks, resources and applications. This position maintains a high level of security by following all DOC and enterprise security policies and procedures. This position requires strong interpersonal skills, multi-tasking skills, time management, and the ability to execute projects and solve complex problems. Technical support responsibilities require expertise of multiple platforms, operating systems and various security software systems. This position shall comply with the Department's administrative rules and the agency's policies and procedures including those related to the Department's overall Reentry philosophy of using evidence-based strategies, practices and programs which target an offender's individual criminogenic needs and risk level. TIME% GOALS AND WORKER ACTIVITIES 50% A. Coordination of the account provisioning, de-provisioning, projects and maintenance for DOC platforms and applications. A1. Utilize security rules to grant / revoke access to applications, servers, group folders, etc. A2. Coordinate activities within the account management staff to provide timely response to customer requests. A3. Create and maintain security rules, ensuring that they enforce security standards and policies. A4. Coordinate and handles projects relating to or involving account management functions. A5. Create Email accounts, distribution lists and group mailboxes. A6. Inform all customers of security procedures for applications, requests and services offered by account management. A7. Identify customer problem areas where additional education / training is needed. A8. Coordinate account management activities as needed across other agencies. A9. Recommend and provide updates to procedural documentation. A10. Provide timely resolution for customer access issues and formal requests. A11. Participate in system / application integration planning, testing and troubleshooting of access issues. A12. Work closely with project teams to determine application, server, folder, group and individual user access to systems. 15% B. Assist in the adherence and implementation of policies, standards and procedures for all areas of IT Security. B1. Implement the standards and training requirements for IT Security administration. B2. Coordinate the implementation of department-wide policies, procedures and standards for applications and platforms and ensure agency-wide standardization. B3. Supports the implementation of department-wide Security Awareness training program. - Support functions. B4. Act as liaison to resolve security-related issues with other agencies in a timely manner. B5. Assess and recommend updates to security policies, procedures and standards. B6. Supply information required in LAB and DOJ audits as required. B7. Recommend automation techniques to eliminate manual procedures. B8. Provides support of Cybersecurity activities - Creates, improves, and maintains policies, procedures and standards. 15% C. Monitoring, auditing and analysis of security systems. C1. Provide advice to management on implementing and monitoring Security systems. C2. Provide advice to BTM in the design and implementation of policies and procedures to provide an acceptable level of Security systems. C3. Identify threats or serious issues regarding user access that may be caused by added new software and systems. C4. Perform audits of security on access. C5. Security Risk mitigation - Identify potential security risks to the organization and provides recommendations to management. C6. Working with management to reduce and mitigate risk to the organization. 10% D. Performance of other job-related activities and special assignments. D1. Identify areas that need improvement and work with sections supervisor to lay down the ground work to implement these improvements. D2. Audit access to numerous applications used by the DOC to ensure users are not over provisioned. D3. Update staff development plans as changes occur and work with management on career objectives. D4. Attend presentations, conferences and seminars as directed. D5. Identify training needs and request approval to attend. D6. Perform other duties as assigned. 10% E. Assist IS Technical Services Consultant/Admins and/or Specialist with their responsibilities. E1. Coordinate Security for internal systems i.e. (WICS, DEVSECOPS, Email systems) E2. Perform Audits on EMR access as well as adding security rights through back EMR systems. E4. Perform other duties as assigned. Job Knowledge, Skills & Abilities 1. Knowledge of current DOC hardware and software architectures. 2. Knowledge of network concepts. 3. Knowledge of Windows network environments. 4. Advanced knowledge of Active Directory and group privileges. 5. Knowledge of all State and DOC security standards, policies and procedures. 6. Experience working with security issues in a distributed computing environment. 7. Knowledge of network operating system security issues. 8. Knowledge and demonstrated work experience with internet / intranet application security issues (e.g. LDAP). 9. Advanced problem-solving skills and the ability to make independent judgment decisions or contact appropriate parties to assist. 10. Effective oral and written communication skills. 11. Knowledge of effective people communication skills. 12. Knowledge of project planning. 13. Knowledge of products and applications, in order to create effective security roles. 14. Ability to multi-task. 15. Ability to expedite issues in a timely manner. 16. Customer focused, yet firm enough to ensure strict compliance to DOC security policies and procedures. 17. Knowledge and demonstrated work experience with security techniques, tools and security infrastructure. 18. Ability to communicate clearly and effectively to both technical peers and less technical customers in person and via written media such as e-mail, reports and project charters RequirementsProject Details: Under general supervision of the Security & Accounts Management Manager, this position works as a part of the Security & Accounts Management team and is responsible for provisioning and de-provisioning access to DOC networks, resources and applications. This position maintains a high level of security by following all DOC and enterprise security policies and procedures Additional details: A well-qualified candidate will have experience with the following: - Coordinate and handles projects relating to or involving account management functions. - Create Email accounts, distribution lists and group mailboxes. - Inform all customers of security procedures for applications, requests and services offered by account management. - Identify customer problem areas where additional education / training is needed. - Coordinate account management activities as needed across other agencies. - Recommend and provide updates to procedural documentation. - Provide timely resolution for customer access issues and formal requests. - Participate in system / application integration planning, testing and troubleshooting of access issues. Experience with these skills is a bonus: - Perform audits of security on access. - Security Risk mitigation - Identify potential security risks to the organization and provides recommendations to management.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

This is a key role within General Imaging (GI) Ultrasound with a focus on vulnerability management and incident response capability. In this role you will work in a team to identify risks and communicate and track product vulnerabilities. GE HealthCare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world. Job Description Responsibilities Duties include (but are not limited to): * Technical ownership of product security feature deliverables, with the ability to gather and analyze data, develop architectural requirements and lead implementation efforts * Work closely with cross-functional teams in requirements gathering and software design Roles and Responsibilities * Scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment * Engage in incident response methods, lead incident response processes related to product cyber * Create and track meaningful metrics around product cyber risk and compensating controls * Create vulnerability and incident trend analysis to improve product design * Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components * Engage and administer End of Life processes for digital products * Consult architects on security requirements and utilize best practices to meet requirements * Engage in application and domain-specific threat modeling and attack surface analysis/reduction * Respond promptly and in detail to customer-sponsored penetration tests * Provide guidance on automated testing tools and techniques * Discover and mitigate vulnerabilities in sensitive Critical Infrastructure/ Key Resource Domains (CI/KR) * Develop and design innovative cyber security solutions for unique and complex technologies * Work in partnership with government agencies, leading industry experts, and academia * Leverage traditional and non-traditional research methodologies to advance GE HealthCare's overall Cybersecurity practice * Assess and investigate specific threats in terms of severity and impact * Create detailed reports on vulnerabilities, bugs, and design flaws * Create IPS/IDS rules or other mitigations to protect vulnerable systems * Interact with global teams to promote consistency and maximize synergies across common software platforms * Able to join the team and gain mastery of the Ultrasound domain and contribute towards the development Software Infrastructure * Drive world-class quality in the development and support of products * Apply principles of SDLC and methodologies like Lean/Agile/XP, CI, Software and Product Security, Scalability, Documentation Practices, refactoring and Testing Techniques * Understand performance parameters and assess application performance * Proactively share information across the team, to the right audience with the appropriate level of detail and timeliness * Design, develop, implement, test and deploy subsystem/security solutions and apply in-depth knowledge of product related technologies, technology platforms, architectures, engineering design principles and advancements * In collaboration with principal engineers/architects and execution leaders, assist in the analysis, design and development of the product roadmap * Manage design evolution across multi-generation product releases * Perform design and code reviews, and provide feedback on product security Required Qualifications * Bachelor's degree in computer science or "STEM" Majors (Science, Technology, Engineering and Math) with minimum of 4 years of professional experience including Cyber Security * Certification in the Privacy, Security & Regulatory domain or related certification * Experience in object-oriented design methodology and various programming languages such as C/C++. Hands-on experience in C++ on Windows a plus. * Working knowledge in configuration management tools such as Perforce, GIT, ClearCase, etc... * Experience working with Windows API and application programming * Experience in software platform, advanced applications, user-interface design and/or systems engineering especially in the healthcare domain -preferably Ultrasound * Good skills in knowing how to debug software issues * Experience with multicore and multi-threaded software design and computing environment * Experience driving technical design reviews * Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate, and influence across all organizational levels * Proven analytical and problem resolution skills * Demonstrated ability to work with and/or lead blended teams, including global teams * Experience setting up and maintaining automation in CI/CD workflow pipelines a plus Desired Characteristics Technical Expertise: * Familiarity with identifying, analyzing, and ethically exploiting the various classes of vulnerabilities that affect executable code * Strong knowledge of TCP/IP networking. Ability to use Wireshark to capture and analyze network traffic * Hands-on experience working with Windows and Linux based systems * Programming skills in one or more languages (we develop using Python, C, C++, CUDA, and others) * Ability to understand machine language, operating systems, common APIs, libraries, and runtime environments and how they interact with hardware, firmware, and binary code * Familiarity with digital electronics and microcontrollers. Exposure to SCADA/DCS systems or industrial technologies * Business Acumen: Able to translate vulnerability information into business risks relevant to our customers * Attention to detail with initiative to explore alternate technology and approaches to solving problems * Good understanding of workflow in the healthcare industry * Knowledge of ultrasound or demonstrated experience with development of medical device software * Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance * Experience with secure coding principles; code signing and secure boot * Experience with penetration testing and ethical hacking * Knowledge of CI/CD and automation tools (Chef, Git, Jenkins) * Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML) * Knowledge of application risk identification and evaluation techniques, and knowledge of Cyber Security and related engineering functions * Experience securing applications within cloud platforms such as AWS, Azure, etc. * Must be willing to work onsite at least 3 days a week in Wauwatosa/Waukesha, Wisconsin * Self-starter, energizing, results oriented and able to multi-task; tenacious and organized * Ability to foresee obstacles, identify workarounds, leverage resources, rally teammates * Ability to influence and build consensus with other scrum teams and leadership * Demonstrates adaptability and openness to change, effectively navigating ambiguity and responding to evolving information, circumstances, and priorities * Exhibits clear and strategic thinking, translating complex strategies into actionable steps. Makes timely, informed decisions and communicates priorities with clarity and precision #LI-ONSITE #LI-WI #LI-RV1 We will not sponsor individuals for employment visas, now or in the future, for this job opening. Additional Information GE HealthCare offers a great work environment, professional development, challenging careers, and competitive compensation. GE HealthCare is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. GE HealthCare will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable). While GE HealthCare does not currently require U.S. employees to be vaccinated against COVID-19, some GE HealthCare customers have vaccination mandates that may apply to certain GE HealthCare employees. Relocation Assistance Provided: No

For one of our long-term multiyear projects we are looking for a CISSP Security Analyst out of Madison, WI. • Leading efforts to maintain the central point of contact for the reporting and sharing of information involving computer Security Incidents. • Leading efforts to minimize negative impacts and disruptions resulting from Security Incidents. • Leading efforts to identify, collect, and preserve necessary data and evidence relating to Security Incidents. • Leading efforts to provide findings, root causes, lessons learned and recommended actions to prevent future Security Incidents. Skills & Responsibilities: • Strong understanding of security technologies, including but not limited to: firewall, IDS, policy management, security processes, logging/monitoring, antivirus, vulnerability assessment, patch management, and incident response. • Solid understanding of common and emerging attack vectors. • Strong understanding of TCP/IP network and information systems ports, protocols, and services. • Experience in automating repeatable tasks by leveraging common scripting languages (PowerShell, Python, bash, etc.). • Bachelor's degree in Computer Information Science, Information Technology, Information Systems Security, or related field, or equivalent experience. • Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), GIAC Security Essentials (GSEC), or other information security certifications. A federally recognized information security certification must be obtained within six months of hire. • Proven ability to work with diverse audiences and translate technical information into non-technical information. • Ability to resolve issues in a variety of complex situations which require complex judgments and solutions based on sophisticated analytical thought. • Demonstrated ability to work independently, as part of a team of peers, and also to support and contribute to a multidiscipline team environment. • Demonstrated ability to solve complex problems, convey both oral and written instruction, and handle multiple task interruptions. • Ability to research and recommend solutions to enhance incident response and digital forensics capabilities. Must Have: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC Security Essentials (GSEC), or other federal recognized information security certification.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************