Cyber security analyst jobs in Worcester, MA

Senior Security Engineer (US) New York & Boston candidates: Office-based Other listed states: Remote employees considered Contract: Full-time, Hybrid / Flexible | 35-hour week Salary: $175,000 base + 15% bonus Overview We are seeking a hands-on, senior security engineer to proactively strengthen our security posture across cloud-native and hybrid environments. This highly technical, strategic role will lead security platform integration, governance, threat detection, and mentoring, while influencing security-first practices across the organisation. Key Responsibilities Security Architecture & Engineering Lead integration and optimisation of Zscaler, Wiz (EDR/CSPM/CNAPP), and endpoint protection (EDR/XDR) to maximise prevention, detection, and response. Develop detection rules and manage analytics in Microsoft Sentinel and Wiz. Conduct proactive threat hunting, posture management, and remediation validation. Administer Zscaler Internet Access (ZIA), including policy tuning, SSL inspection, forwarding profiles, and authentication flows. Troubleshoot traffic flows and collaborate with DevOps, IT, and R&D to integrate security into CI/CD pipelines and infrastructure-as-code. Compliance, Audit & Governance Ensure compliance with NIST SP 800-53, NIST SP 800-171, SOC 2, ISO/IEC 27001:2022, and client-specific requirements. Lead audits, penetration testing, and maintain continuous audit readiness. Security Operations & Incident Response Develop, tune, and manage detection rules and playbooks across Wiz, Zscaler, and other platforms aligned with MITRE ATT&CK. Hunt threats, triage alerts, and lead incident investigations. Manage advanced email security with Microsoft Defender for Office 365. Drive automation and orchestration initiatives to improve operational efficiency. Stakeholder Engagement & Leadership Act as a technical advisor on Zero Trust, cloud security, and operations. Mentor junior staff and foster a security-first culture. Communicate complex security concepts clearly to technical and non-technical stakeholders, including senior leadership. Mandatory Platform Expertise GitGuardian CyberHaven Wiz Advanced & Defend Zscaler Email Security (various platforms) Education & Preferred Certifications Master's degree in Information Security, Computer Science, or related field. GIAC certifications: GCIA, GCED, GCIH, GDAT, GDSA, GMON Microsoft Cloud Security certifications: AZ-500, AZ-305, SC-300

Immediate need for a talented Cloud Security Engineer. This is a 12 months contract opportunity with long-term potential and is located in Westlake, TX/ Merrimack, NH(Onsite). Please review the job description below and contact me ASAP if you are interested. Job Diva ID: 25-95092 Pay Range: $70 - $75 /hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Designing, scaling, and deploying various cloud security controls and services Building processes and workflows along with a consolidated and collaborative integration of IaaS, SaaS, and PaaS cloud services Ensuring seamless user experience with advanced security and compliance of our cloud infrastructure Maintaining and containing business risk as it pertains to the Azure cloud infrastructure Working across teams and Business Units to define requirements and deliver solutions Building comprehensive security controls to enforce policy Supporting business unit technologists deploying to the public cloud Key Requirements and Technology Experience: Key skills; Azure Policy Exp Azure Security Services - Security Center, Key Vault, Log Analytics Identity and Access Management Exp Prior Software Engineering background, any language is fine but someone coming from a Sys Admin/Devops background won't be the right fit here. 6-9 years of experience in IT infrastructure, security, compliance A strong understanding of Azure services and security capabilities Solid hands-on experience with at least two of the following: Engineering/operational support of cloud account configuration in AWS or Azure Software Development, Linux Systems Administration, Data Networking Hands-on configuration of CI/CD pipelines for cloud-native deployments Very strong with scripting languages, including integration with CSP APIs; python preferred Azure Networking Identity and Access Management - RBAC Azure Policies Azure Security Services - Security Center, Key Vault, Log Analytics Azure ARM/PowerShell Ability to work with application and security teams to promote a secure posture in the cloud You can mentor and train other team members to work effectively in the cloud You are a self-starter who can independently by reading technical documentation Advanced Azure Certifications Our client is a leading financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. By applying to our jobs, you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Senior Cyber Security Analyst is an experienced cyber security individual who maintains the security of an organization's technical environment. They study existing security hardware and software, evaluate new security options and makes recommendations for improvement. Senior Cyber Security Analyst also identifies weak spots in a cyber security system that may be breached and creates procedures to manage threats. Senior Cyber Security Analyst monitors networks for suspicious activity and potential cyber threats. They keep up on threat intelligence, install and maintain security software and encryption. They are responsible for aiding in the planning of security systems, implementing policy and identifying business processes that may violate intended and acceptable use policies. They monitor and remediate vulnerabilities. Senior Cyber Security Analyst works on advanced, complex technical projects or business issues requiring state of the art technical or industry knowledge. Duties and Responsibilities Responsibilities include, but are not limited to the following: * Assist in developing, operating, and evolving Cloud Access Security solutions and capabilities * Performs system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines * Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems * Performs threat and vulnerability assessments, followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities Research, recommend, and implement streamlined automation processes * Develops and maintains documentation for security systems and procedures * Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems * Provide support to one or more projects simultaneously. Delivers projects on schedule * Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization * Assists and trains junior team members in the use of security tools, the preparation of security reports and the resolution of security issues * Applies patches where appropriate and, removes or otherwise mitigates known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity * Using threat intelligence information research emerging threats and vulnerabilities to aid in the identification of incidents * Job Knowledge - Remains up-to-date in assigned area of responsibility: possesses skills and knowledge to perform job effectively; efficiently and safely; acquires, understands, and applies technical and professional information and skills; understands and adheres to policies and procedures * Supports the creation of security incident response, business continuity/disaster recovery plans, including conducting tests, publishing test results and making changes necessary to address deficiencies * Analyzes problems and alternative solutions and takes appropriate timely action to achieve desired business results. Seeks unique and novel solutions to problems and considers impact of final resolution * Perform security standards testing against computers before implementation to ensure security * Provide Key Performance Metrics to our Risk Management team to help coordinate risk tracking. * Educate internal teams on information security best practices. * Assist in technical audits of IT Systems and controls. * Other duties as assigned. * Corporate Compliance Responsibility - As an essential function, responsible for complying with Neighborhood's Corporate Compliance Program, Standards of Business Conduct, applicable contracts, laws, rules and regulations, policies and procedures as it applies to individual job duties, the department, and the Company. This position must exercise due diligence to prevent, detect and report unlawful and/or unethical conduct by fellow co-workers, professional affiliates and/or agents

States: MA, NH, RI, ME, CT, VT, NJ, NY is home office based. Meet the Team You will provide guidance and assist Security Sellers and Account teams within the territory in a pre-sales technical role, showcasing Cisco security product solutions, setting up demonstrations, explaining features and benefits to customers, and designing and configuring products to address specific customer security needs. You will form relationships with our customer's key decision-makers, positioning Cisco security solutions aligned accurately to their requirements. You will be a part of an outstanding technical pre-sales team in our Global Security Sales Organization (GSSO), responsible for driving the success of Cisco's Security Portfolio and focusing on protecting Customer Application Environments no matter where they live (on-prem / any cloud). Our mission is simple: democratize security by making it easy and effective for everyone. We're transforming security from the ground up by solving the world's most pressing geopolitical challenge - safe, secure information access. We engineer our business to enable our customers to easily address their ever-evolving security challenges. We believe that impactful work is rewarding work and that our team is at its best when everyone feels empowered to bring their whole self to work. We learn together by hiring for cultural contribution, not cultural fit, and recognize that diversity in background and thought are essential to building high-impact teams. We invest in growth and learning opportunities and encourage our people to never stop learning. We foster collaboration and believe in being recognized (and rewarded!) for hard work. We champion a healthy work-life balance. We're kinder than necessary. Together we build for the future by designing simple solutions for complex problems. And that's why we're the most loved and trusted name in security. Your Impact As an advisor to the customer, you'll be working with technology experts to craft architectures and configure products to meet customer-specific needs, are prepared to lead all technical aspects of pre-sales activities, and position security solutions effectively against competing offerings. You are an aggressive starter, self-starter with the ability to build executive relationships, develop and execute sales strategies and tactics that improve Cisco's opportunity with a customer environment, position and promote the partner and customer value proposition for Cisco security architecture, articulate Cisco's product and business strategies, and create the demand that makes deals happen! You will: - Serve as the subject matter expert in Cisco security solutions - Provide guidance and assist account teams within the territory in building solutions to address specific customer security needs - Understand business requirements for a customer base and be able to translate them into technical requirements - Understand and articulate Cisco's architecture and services within security technologies - Create, present, and document technical solutions - Perform in-depth and high-level technical presentations for customers partners and prospects - Drive identified major account opportunities (i.e. technical consulting, upper-level management presentations, and Cisco technology solutions) while allowing local account teams to maintain long-term ownership Who You Are You are passionate about the customer experience and excited about new technology. You are a true teammate and love to learn. Being a self-starter, our SEs act as an industry domain authority, and strive to help Cisco make customers for life. Minimum Qualifications -Minimum of 4 years of pre-sales experience -Hands on experience with one or more of these Cisco Security Products (or their competitive equivalent): ******************************************************************** - Experience with whiteboard discussions that transform customer requirements into security solutions Preferred Qualifications - History of successful quota achievement. - Ability to demo / POV any of these Cisco Security products (the more the better): ******************************************************************** - Knowledge of public clouds AWS, Azure, GCP, and OCI. - Experience with incident response a plus - Experience with administering security for a company (e.g. purchased and deployed Cisco security products as a customer) is a plus. - Solid presentation and interpersonal skills. - Highly motivated self-starter who does not need day-to-day management - Experience with APIs and scripting languages **Why Cisco?** At Cisco, we're revolutionizing how data and infrastructure connect and protect organizations in the AI era - and beyond. We've been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you'll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. We are Cisco, and our power starts with you. **Message to applicants applying to work in the U.S. and/or Canada:** The starting salary range posted for this position is $217,200.00 to $274,100.00 and reflects the projected salary range for new hires in this position in U.S. and/or Canada locations, not including incentive compensation*, equity, or benefits. Individual pay is determined by the candidate's hiring location, market conditions, job-related skillset, experience, qualifications, education, certifications, and/or training. The full salary range for certain locations is listed below. For locations not listed below, the recruiter can share more details about compensation for the role in your location during the hiring process. U.S. employees are offered benefits, subject to Cisco's plan eligibility rules, which include medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, paid parental leave, short and long-term disability coverage, and basic life insurance. Please see the Cisco careers site to discover more benefits and perks. Employees may be eligible to receive grants of Cisco restricted stock units, which vest following continued employment with Cisco for defined periods of time. U.S. employees are eligible for paid time away as described below, subject to Cisco's policies: + 10 paid holidays per full calendar year, plus 1 floating holiday for non-exempt employees + 1 paid day off for employee's birthday, paid year-end holiday shutdown, and 4 paid days off for personal wellness determined by Cisco + Non-exempt employees** receive 16 days of paid vacation time per full calendar year, accrued at rate of 4.92 hours per pay period for full-time employees + Exempt employees participate in Cisco's flexible vacation time off program, which has no defined limit on how much vacation time eligible employees may use (subject to availability and some business limitations) + 80 hours of sick time off provided on hire date and each January 1st thereafter, and up to 80 hours of unused sick time carried forward from one calendar year to the next + Additional paid time away may be requested to deal with critical or emergency issues for family members + Optional 10 paid days per full calendar year to volunteer For non-sales roles, employees are also eligible to earn annual bonuses subject to Cisco's policies. Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components, subject to the applicable Cisco plan. For quota-based incentive pay, Cisco typically pays as follows: + .75% of incentive target for each 1% of revenue attainment up to 50% of quota; + 1.5% of incentive target for each 1% of attainment between 50% and 75%; + 1% of incentive target for each 1% of attainment between 75% and 100%; and + Once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay 0% up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid. The applicable full salary ranges for this position, by specific state, are listed below: New York City Metro Area: $223,000.00 - $330,300.00 Non-Metro New York state & Washington state: $217,200.00 - $315,300.00 * For quota-based sales roles on Cisco's sales plan, the ranges provided in this posting include base pay and sales target incentive compensation combined. ** Employees in Illinois, whether exempt or non-exempt, will participate in a unique time off program to meet local requirements. Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Job Title: Security Engineer Department: Technology Reports To: VP of Technology Pay Range: $150,000 - $175,000 per year, depending on experience FLSA Status: Exempt WHO WE ARE: Bay State Milling Company is a family-owned leader in grain-based food ingredients, proudly serving the industry since 1899. For over 125 years, we've been on a mission to promote the growth of nutritious, sustainable, and accessible food choices. Our portfolio spans flours, grains, seeds, and innovative plant-based ingredients, all crafted to meet evolving consumer demands for healthfulness, great taste, and affordability. Rooted in five generations of ownership, we combine deep milling expertise with forward-thinking innovation. From our flagship mill in Winona, Minnesota to facilities across North America, we partner with growers and customers to deliver quality and trust at every step. Guided by our core values-Integrity, Creativity, Collaboration, Caring, and Quality-we relentlessly pursue better for the food system and the communities we serve. JOB SUMMARY: The Security Engineer plays a critical role in safeguarding Bay State Milling's digital assets, infrastructure, and data. This position is responsible for designing, implementing, and maintaining security solutions that protect against cyber threats and ensure compliance with industry standards and regulatory requirements. The Security Engineer collaborates closely with all areas of the technology team and business stakeholders to assess risks, respond to incidents, and continuously improve the company's security posture. ROLE & RESPONSIBILITIES: Design and implement secure network, system, and application architectures. Evaluate and deploy security tools, technologies, and frameworks. Monitor systems for security breaches and investigate incidents. Lead response efforts for security events, including containment, remediation, and reporting. Conduct regular vulnerability assessments and penetration testing. Coordinate remediation efforts with infrastructure and application teams. Ensure compliance with internal policies, industry standards (e.g., NIST, ISO 27001), and regulatory requirements. Support audits and risk assessments and maintain documentation of security controls. Develop and deliver security awareness programs for employees. Provide guidance and training to technical teams on secure coding and system hardening. Manage and enforce identity and access controls across systems and applications. Implement role-based access and least privilege principles. Integrate security into cloud environments and CI/CD pipelines. Collaborate with Development teams to embed security into development workflows. Stay current with emerging threats, technologies, and best practices. Recommend and implement improvements to security policies, procedures, and tools. MINIMUM EDUCATION & WORK REQUIREMENTS: Bachelor's degree in computer science, Information Security, Cybersecurity, or a related field. Minimum of 5 years of firsthand experience in cybersecurity engineering, security operations, or related technical roles. Preferred certifications can include CISSP, CISM, or Cybersecurity Architect Proven experience with security technologies such as firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security platforms. Experience working in hybrid & cloud-native environments (e.g., AWS, Azure, GCP). Familiarity with secure software development practices and DevSecOps integration. KNOWLEDGE, SKILLS, AND ABILITIES: Strong understanding of network protocols, operating systems (Windows, Linux), and cloud infrastructure. Deep knowledge of cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Experience with SIEM platforms (e.g., Splunk, Sentinel), EDR solutions, and threat intelligence tools. Ability to assess and mitigate risks in complex enterprise environments. Strong analytical and problem-solving skills with attention to detail. Excellent communication skills, with the ability to translate technical risks into business impact. Ability to work independently and collaboratively in cross-functional teams. Familiarity with regulatory requirements such as GDPR, or CCPA. Experience with container security (e.g., Kubernetes, Docker) and infrastructure-as-code (e.g., Terraform, CloudFormation).

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. WHOOP is seeking a Senior Information Security Engineer to serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users' biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies. RESPONSIBILITIES: Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness. Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role. Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements. Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling. Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance. Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance. Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows. Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization. Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies. Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes. QUALIFICATIONS: Bachelor's degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.). 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity. Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG). Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools. Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems. Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices. Demonstrated leadership in security incident response, investigations, and root cause analysis. Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences. Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment. Experience mentoring engineers and setting operational standards. Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws) is a plus. Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success. The U.S. base salary range for this full-time position is $150,000 - $190,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements. Learn more about WHOOP.

**Country:** United States of America ** Onsite **U.S. Citizen, U.S. Person, or Immigration Status Requirements:** The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance **Security Clearance:** DoD Clearance: Secret At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. We have an on-site opportunity for a Senior Cybersecurity Engineer within our Application and Tactical Software Department in Tewksbury Massachusetts. The Department's mission is to provide world class software for air defense systems. As part of this team, you will support definition of security architecture, requirements, design, and implementation as well as Cyber resiliency and threat awareness. This position is a fulltime onsite role in Tewksbury MA. **What You Will Do:** + Define security requirements and design solutions, providing guidance and direction related to security technologies. + Reverse-engineering Windows/Linux executables (Ghidra/IDA, x64dbg/WinDbg/LLDB, radare2, Frida). + Code review across at least two families (preferably, C/C++ and Python) to find logic flaws. + Turn vuln data (Nmap/Nessus/ACAS/SAST) into scoped host and network pentest plans with clear objectives, hypotheses, and success criteria. + Write actionable reports: risk, reproduction, PoCs, prioritized remediation mapped to CWE/CVSS/ATT&CK. + Perform analysis on security collected data and test results. + Identify and implement security design and prepare and maintain engineering and security related documentation. + Define and develop cybersecurity requirements, design, and architecture artifacts, strategy, plans, and policies. + Perform and/or provide guidance and oversight on vulnerability assessments, defining, negotiating, and executing Assessment and Authorization (A&A) events. + Collaborate with program and engineering disciplines and ensure cybersecurity solution alternatives. + Conduct cybersecurity audits to ensure appropriate implementation and compliance of the security posture developing SSP's and POA&M's. + Define security development and test efforts implementation of security controls of networking devices, databases, operating systems, and hardware and software components. + Conduct technical and nontechnical trade studies, analysis, reviews identify. **Qualifications You Must Have:** + Typically requires a Bachelor's in Science, Technology, Engineering, or Mathematics and a minimum of 5 years of experience. + Experience in cybersecurity, compliance, and risk management framework. **Qualifications We Prefer:** + Experience with security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA (STIGs) and USCYBERCOM. + 2-4 years of hands-on experience in offensive security, reverse engineering, or exploit development. + Experience with network and system security administration, including operating system security configuration and account management best practices for MS Windows, Red Hat Enterprise Linux, and Cisco Systems. + DoDI 8570.01-M IAT Level-III Compliant Certification (CISSP, CCNP Security, CISA, etc.) + Familiar with Ghidra/IDA, x64dbg/WinDbg, Burp Pro; Nmap; Python/C/C#/PowerShell/Bash; Wireshark/Zeek + Security related Network (e.g. Cisco) and Operating System certification or training. + Ability to support periodic travel. **What We Offer** + Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Safety, Trust, Respect, Accountability, Collaboration, and Innovation. **Learn More & Apply Now!** + Please consider the following role type definition as you apply for this role. + Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. + This position requires security clearance. **DCSA Consolidated Adjudication Services (DCSA CAS)** , an agency of the Department of Defense, handles and adjudicates the security clearance process. More information about Security Clearances can be found on the US Department of State government website here: ************************************************ + We Are RTX **_As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote._** The salary range for this role is 82,000 USD - 164,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills. Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement. Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance. This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply. RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. _RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act._ **Privacy Policy and Terms:** Click on this link (******************************************************** to read the Policy and Terms Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you're a close but not exact match with the description, we hope you'll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny. As a Senior Security Engineer, you'll be a vital part of the Infrastructure Security Team, focusing on strengthening the security posture across Klaviyo's entire technology environment. Unlike roles with a narrowly defined specialty, this position offers the opportunity to demonstrate your unique expertise-whether that's in cloud security, identity and access management, data protection, secure systems design, or other security domains. Your work will involve evaluating and hardening our infrastructure, collaborating with cross-functional teams, and leveraging AI to build scalable solutions to address emerging threats. We are looking for someone who is excited to bring their specialized skills to the team, shaping Klaviyo's security practices and helping us continue to raise the bar. How You Will Make a Difference Secure Klaviyo's infrastructure by designing, implementing, and maintaining scalable security controls across cloud, on-prem, and hybrid environments Evaluate and improve security configurations and policies across a range of technologies, using your domain expertise to reduce risk and enable secure-by-default architectures Collaborate with engineering and IT teams to embed security practices across the development and deployment lifecycle Lead threat modeling, risk assessments, and architecture reviews in areas aligned with your specialty Develop automated solutions and infrastructure-as-code to drive consistent and reproducible security outcomes Stay ahead of the latest threats and advocate for innovative security solutions aligned with business needs Help define security standards and best practices at Klaviyo, championing their adoption across teams Who You Are Have 3+ years of experience in infrastructure or security engineering roles, with deep knowledge in one or more security focus areas (e.g., cloud security, IAM, endpoint security, data protection, detection engineering, compliance) Comfortable navigating ambiguity and defining priorities in a broad-scoped role Experienced working in modern cloud environments such as AWS, GCP, or Azure Familiar with infrastructure-as-code tools such as Terraform, CloudFormation, or Pulumi Proficient in secure systems design, threat modeling, and vulnerability management AI Agentic development and prompt engineering, MCP (AWS Bedrock, OpenAI, Anthropic) Able to clearly articulate complex security topics to technical and non-technical stakeholders Passionate about security, eager to learn from others and share your expertise Nice to have - certifications (e.g., CISSP, CKS, GCP/AWS Security certs) or equivalent practical experience We use Covey as part of our hiring and / or promotional process. For jobs or candidates in NYC, certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on April 3, 2025. Please see the independent bias audit report covering our use of Covey here Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Our salary range reflects the cost of labor across various U.S. geographic markets. The range displayed below reflects the minimum and maximum target salaries for the position across all our US locations. The base salary offered for this position is determined by several factors, including the applicant's job-related skills, relevant experience, education or training, and work location. In addition to base salary, our total compensation package may include participation in the company's annual cash bonus plan, variable compensation (OTE) for sales and customer success roles, equity, sign-on payments, and a comprehensive range of health, welfare, and wellbeing benefits based on eligibility. Your recruiter can provide more details about the specific salary/OTE range for your preferred location during the hiring process. Base Pay Range For US Locations:$152,000-$228,000 USD Get to Know Klaviyo We're Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we're developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators-ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you're ready to do the best work of your career, where you'll be welcomed as your whole self from day one and supported with generous benefits, we hope you'll join us. AI fluency at Klaviyo includes responsible use of AI (including privacy, security, bias awareness, and human-in-the-loop). We provide accommodations as needed. By participating in Klaviyo's interview process, you acknowledge that you have read, understood, and will adhere to our Guidelines for using AI in the Klaviyo interview Process. For more information about how we process your personal data, see our Job Applicant Privacy Notice. Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law. IMPORTANT NOTICE: Our company takes the security and privacy of job applicants very seriously. We will never ask for payment, bank details, or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com), instant messaging platforms, or unsolicited calls. By clicking "Submit Application" you consent to Klaviyo processing your Personal Data in accordance with our Job Applicant Privacy Notice. If you do not wish for Klaviyo to process your Personal Data, please do not submit an application. You can find our Job Applicant Privacy Notice here and here (FR).

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: DoD Clearance: SecretAt Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Our cybersecurity team is seeking a Senior Information Systems Security Officer (ISSO) to support our team 100% onsite at our facility in Marlborough, Massachusetts. The successful candidate will interface with the Information Systems Security Manager (ISSM) to ensure adherence with NIST Special Publications, customer directives, and company policies as applicable all NISPOM Chapter 8, DAAPM, JSIG policies. What You Will Do Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness. Investigating information system security violations and help prepare reports specifying corrective and preventative actions. Reviewing and approving (within authority) configuration management requests. Conducting technical and administrative assessments. Integrating new cybersecurity processes, procedures, and tools. Support the creation, review and update of cybersecurity documentation and other technical writing. Qualifications You Must Have Typically requires a University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years' experience. Current IAM Level I certification (Security+ or other). Relevant Experience Considered in any combination: Cybersecurity, systems security or hardening Information Technology Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics) Physical security/security, policework/criminal justice, investigations, or Border Patrol Project or program management, office management, senior administration, or account management Qualifications We Prefer Experience working in DoD classified operating and/or laboratory environments. Experience with various information system security tools that address vulnerability analysis and mitigation. These may include Splunk, Forcepoint, Ivanti, Tenable, ACAS, HBSS, etc. Familiarity with implementation of Government directives and policies derived from NIST, CNSSI, DoD, or other Government Regulatory compliance standards within a professional industry. Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF). Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT). Familiarity with large multi-facility networks including various complex components, including Windows and Linux environments. Experience interpreting, implementing, and assessing DISA STIGs. Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication. What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation. Relocation Non-Eligible - Relocation assistance not available Please consider the following role type definition as you apply for this role: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. We are RTX #LI-Onsite As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 82,000 USD - 164,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: Cisco Certified Network Associate (CCNA) Security - Cisco - Cisco, GSEC: GIAC Security Essentials Certification - Global Information Assurance Certification (GIAC) - Global Information Assurance Certification (GIAC) Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) III is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: Assist the ISSM in meeting their duties and responsibilities. Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure all IS security-related documentation is current and accessible to properly authorized individuals. Ensure audit records are collected, reviewed, and documented (to include any anomalies) Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. Prepare reports on the status of security safeguards applied to computer systems. Perform ISSO duties in support of in-house and external customers. Conduct continuous monitoring activities for authorization boundaries under your preview. Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: 5+ years related experience, especially in developing RMF packages or bodies of evidence. 2+ years SAP experience required. Prior performance in roles such as System, Network Administrator or ISSO. Education: Bachelor's degree in a related area or equivalent experience (4 years) Certifications: IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II. Clearance Required to Start: TS/SCI required. Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities #ISSO III The likely salary range for this position is $98,345 - $133,055. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA MA Bedford Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

* Bot Attacks Analytics. Akamai hands on experience. * Experience on security tools like OWASP ZAP, Burp Suite, Nessus, or others. Roles & Responsibilities: * Analyze Bot Attacks: Independently analyze and respond to bot attacks in real-time, ensuring minimal disruption to our services. * Pattern Analysis: Identify and analyze attack patterns using Akamai, security logs, and other tools. Query data across various systems to gain comprehensive insights into attack vectors. * Technical Expertise: Utilize your deep understanding of e-commerce applications to contribute to the design and implementation of security features on our platform. * SRE Practices: Apply Site Reliability Engineering (SRE) principles to enhance the reliability, scalability, and security of our infrastructure. * Technology Proficiency: Work with technologies such as Java, Python, SQL. work with monitoring tools like Dataset (centralized logging) and New Relic (observability) * Continuous Learning: Stay updated with the latest security trends, SRE practices, and technologies. Be willing to learn and implement new tools and techniques. * Analytical Skills: Employ strong analytical skills to dissect complex security issues and develop effective mitigation strategies. Create detailed reports and alerts based on system logs and data analysis. * Security Assessment: Conduct thorough security assessments to identify potential vulnerabilities in our features and infrastructure. Propose and drive conversations on necessary feature changes to enhance security. * Vendor Collaboration: Lead discussions with vendors like Akamai and Riskified, ensuring that we leverage their solutions effectively to bolster our security posture. TCS Employee Benefits Summary: * Discretionary Annual Incentive. * Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. * Family Support: Maternal & Parental Leaves. * Insurance Options: Auto & Home Insurance, Identity Theft Protection. * Convenience & Professional Growth: Commute r Benefits & Certification & Training Reimbursement. * Time Off: Vacation, Time Off, Sick Leave & Holidays. * Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. # LI-RJ2 Salary Range - $100,000-$120,000 a year

At Publicis Sapient we enable our clients to Thrive in Next and to create business value through expert strategies, customer-centric experience design, and world class product engineering. The future of business is disruptive; transformative; and becoming digital to the core. Overview Seeking an experienced Google Cloud Security Engineer to design, implement, and manage enterprise-grade security solutions within Google Cloud Platform (GCP). The ideal candidate holds a GCP Professional Certification with deep expertise in GCP security services, enterprise security architecture, and hands-on Terraform experience. This role requires building integrated cloud security solutions that align with organizational policies and compliance frameworks. Responsibilities Key Responsibilities: * Deploy comprehensive security solutions leveraging GCP's native security offerings, including IAM, Cloud Armor, Security Command Center, Chronicle, Key Management, and VPC Service Controls. * · Lead the design and implementation of secure enterprise landing zones ensuring multi-project, multi-environment cloud deployments meet stringent security requirements. * · Collaborate with cloud engineers, DevOps, and security teams to embed security into automated CI/CD pipelines and infrastructure as code using Terraform. * Experience with GCP foundation services, Resource hierarchy, IAM, KMS, Asset inventory, security, networking, observability etc. * · Develop and enforce cloud security policies, guardrails, and identity/access controls to safeguard cloud workloads and data. * · Design and integrate threat detection, incident response, and compliance monitoring solutions tailored to cloud-native environments. * · Conduct security assessments, risk analysis, and provide actionable remediation plans to mitigate vulnerabilities in cloud infrastructure. * · Provide subject matter expertise on cloud security best practices, regulatory requirements, and emerging threats across hybrid and multi-cloud architectures. * · Mentor teams on secure cloud architecture principles and promote security-first thinking across projects. * · Stay current with GCP security advancements and incorporate innovations to continuously strengthen the security posture. * Required Qualifications: * · Google Cloud Professional Cloud Architect or Cloud Security Engineer certification. * · In-depth knowledge of GCP security services and solutions including IAM, Cloud Armor, Security Command Center, Chronicle, KMS, DLP, and VPC Service Controls. * · Proven experience designing and implementing enterprise security solutions integrated into Google Cloud environments and landing zones. * · Hands-on expertise managing cloud infrastructure automation using Terraform or equivalent IaC tools. * · Strong understanding of network security, identity and access management, encryption,threat detection, and compliance frameworks (e.g., GDPR, HIPAA, NIST). * · Experience working with hybrid connectivity, private service connect, and secure multi-project architectures. * · Excellent communication skills with ability to translate complex security concepts to technicaland non-technical stakeholders. * Knowledge of GCP logging, observability, SRE * Experience using Docker within container orchestration platforms such as EKS/GKE. Preferred Qualifications: * · Experience with DevSecOps practices, CI/CD security integration, and container security on GCP (GKE). * · Familiarity with other cloud environments (AWS, Azure) and multi-cloud security design. * · Knowledge of security frameworks such as CIS, ISO 27001, and Cloud Security Alliance guidance. * · Experience conducting security incident response and vulnerability management for cloud systems. * Hands on knowledge of Helm charts * Hands-on experience deploying and managing Kubernetes infrastructure with Terraform Enterprise. * Hands-on Python and Unix shell scripting is required. * Certified Kubernetes Administrator (CKA) and/or Certified Kubernetes Application Developer (CKAD) is a plus Additional information Pay Range: $93,000-$193,000 Benefits Of Working Here * Flexible vacation policy; time is not limited, allocated, or accrued * 16 paid holidays throughout the year * Generous parental leave and new parent transition program * Tuition reimbursement * Corporate gift matching program As part of our dedication to an inclusive and diverse workforce, Publicis Sapient is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at ************************** or you may call us at ***************.

We are seeking a detail-oriented and highly skilled Security Analyst to join our team in Boston and shape the future of Cybersecurity. As a Security Analyst at 7AI, you will leverage your expertise of the security landscape to review and analyze AI Agent investigations, ensuring accuracy and completeness, ultimately helping to build our multi-agent platform. You will be integral in building and maintaining the reliability of our AI Agents, working in tandem with Engineering and Product to inform our roadmap as we build. If you want to build the next generation of Cybersecurity and put AI in the hands of defenders, please apply below. Key Responsibilities: Review and validate alerts and investigations completed by the AI Agents for accuracy and completeness. Collaborate with the Engineering and Product teams to provide feedback and assist in optimizing the AI platform. Develop internal playbooks, standard operating procedures and tools that will guide the AI Agents to perform quality investigations. Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks. Investigate flagged security incidents, analyzing potential threats and confirming the findings generated by AI. Recommend mitigation strategies and remediation steps to train the AI to reduce the threat surface. Correlate findings from multiple sources, including network logs, endpoint data, and threat intelligence, to validate AI-generated reports. Assist with ongoing threat monitoring, triage, and prioritization of security incidents. Required Qualifications: 4+ years of experience in a Security Analyst or similar role within the cybersecurity field. Hands-on experience with incident response for Cloud and Identity alerts, and at least two of Email, EDR, Threat Intel and Networking alerts. Strong understanding of security monitoring tools and techniques (SIEM, IDS/IPS, IDP, etc.). Experience analyzing and investigating security alerts from multiple sources, including intrusion detection systems, network monitoring tools, and endpoint protection platforms. Familiarity with the latest cybersecurity threats, attack vectors, and vulnerabilities. Strong analytical and problem-solving skills, with the ability to verify AI-driven analysis and make independent security decisions. Scripting experience with languages such as Python Data querying experience with SIEM technologies (SPL, KQL, FQL, SQL, etc).

Our world is transforming, and PTC is leading the way. Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business. Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow - all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible. Principal Security Engineer-SaaS JR110938 Onshape is a next-generation, global Software-as-a-Service (SaaS) product development platform that helps businesses of all sizes modernize and accelerate their design and manufacturing processes. The cloud-native platform is the only all-in-one system that combines robust computer-aided design (CAD) with powerful data management and collaboration tools. Onshape helps extended design teams work together faster from any location and helps executives make better decisions with real-time business analytics and unprecedented visibility into their company's operations. We are seeking a Principal Security Engineer-SaaS to lead the design, implementation, and continuous improvement of security for our cloud-native SaaS platform. This role is deeply technical and hands-on, focused on threat detection, vulnerability management, secure architecture, and SecOps integration. Compliance knowledge (e.g., FedRAMP, NIST) is a plus but secondary to strong security engineering expertise. Key Responsibilities Secure Architecture & Design Architect and implement security controls for multi-tenant SaaS environments for both commercial and US federal customers Harden cloud infrastructure (AWS preferred) and enforce least-privilege IAM policies. Integrate encryption and key management solutions for data at rest and in transit. Threat Detection & Incident Response Configure and monitor security tools like Wiz and Crowdstrike. Guide remediation efforts. Develop and maintain SIEM rules and dashboards for real-time threat monitoring. Lead incident response efforts, including root cause analysis and remediation. Vulnerability Management Own vulnerability scanning, prioritization, and remediation across services. Tune automated scanning in CI/CD pipelines using tools like Black Duck, or Checkmarx. DevSecOps & Automation Build scripts and automation for security posture validation and drift detection. Collaboration & Leadership Partner with engineering teams to integrate security best practices early in development. Mentor junior engineers and advocate for secure coding principles. Required Qualifications 8+ years in security engineering, with at least 3 years in SaaS or cloud-native environments (DevSecOps). Deep expertise in AWS security services (IAM, KMS, Security Hub, GuardDuty). Strong background in vulnerability management, SIEM tools (Splunk, Opensearch), and automation scripting (Terraform, Ansible, Python). Experience with container security and orchestration (Docker, Kubernetes). Experience securing Linux deployments. Nice-to-Have Working knowledge of FedRAMP, NIST SP 800-53, or similar compliance processes. Relevant certifications: CISSP, CCSP, AWS Security Specialty. Why Join Us? Work on cutting-edge SaaS security challenges. Influence architecture and security strategy at scale. Collaborate with a team passionate about building secure, resilient systems. Work Environment: The candidate may be required to participate in an on-call rotation to respond to security incidents. The SecOps Engineer position will be a member of the Onshape Technical Operations team. This is a primarily US-based operations, site reliability, compliance, and security team. The team is part of Onshape Engineering and works very closely with other teams in engineering to deliver a reliable, secure service to our customers. PTC carefully considers a wide range of factors when determining compensation. The anticipated annual salary range for this position is between $118,000 - 165,000. The anticipated annual salary range encompasses both the base salary and the on-target incentive compensation that may be attained in this role. The salary range reflects a good-faith estimate of compensation at the time of posting. Actual compensation may vary based on a candidate's skills, qualifications, experience, and location. Eligible employees also have the opportunity to become a PTC shareholder through our employee share purchase program (ESPP) which allows for the purchase of discounted PTC stock. Certain roles may also be eligible for participation in our equity programs. Employees may be eligible for medical, dental and vision insurance, paid time off and sick leave, tuition reimbursement, 401(k) contributions and employer match, flexible spending accounts, life insurance, disability coverage and if you are an office-assigned employee, a generous commuter subsidy. All total rewards and benefits programs are subject to plan eligibility and other terms and conditions. For more information about PTC's comprehensive benefits, please visit our Careers Page. Applications will be accepted on an on-going basis. At PTC, we believe in the power of diverse ideas and perspectives. As a global company that values and respects all identities, cultures, and perspectives, we strive to create an inclusive PTC for ALL through an environment where everyone feels like they belong and are empowered to bring their true, authentic selves to work. Proud to be an Equal Opportunity Employer, we welcome applicants from all backgrounds and hire without regard to race, national origin, religion, age, color, ethnicity, ancestry, marital status, sex (including pregnancy), sexual orientation, gender identity, gender expression, genetic information, disability, veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.PTC endeavors to make ptc.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact PTC's Talent Acquisition team at *************************. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. Life at PTC is about more than working with today's most cutting-edge technologies to transform the physical world. It's about showing up as you are and working alongside some of today's most talented industry leaders to transform the world around you. If you share our passion for problem-solving through innovation, you'll likely become just as passionate about the PTC experience as we are. Are you ready to explore your next career move with us? We respect the privacy rights of individuals and are committed to handling Personal Information responsibly and in accordance with all applicable privacy and data protection laws. Review our Privacy Policy here."

As a leading provider of insurance and reinsurance with worldwide operations and employees in Bermuda, U.S., U.K., Continental Europe and Asia, we recognize that our success is derived directly from those who matter the most: our people. At Sompo International, our values of integrity, collaboration, agility, execution and excellence underpin our culture and our commitment to providing an employee experience that attracts and engages the best talent in the industry. As we continue to grow, we strive to find diverse, innovative and driven professionals to join our teams and offer a broad range of career and development opportunities at all levels, in multiple business areas, in each of our locations throughout the world. Our compensation and benefits programs are market driven and competitive, with excellent family friendly policies and flexible working provisions. Job Description Are you looking for your next opportunity? Sompo has a unique opportunity for an Application Security Engineer in our Information Security team. Location: This position will be based out of one of our US locations preferably the NYC / Purchase, NY / Garden City, NY / Morristown, NJ / Boston, MA / Conshohocken, PA or Charlotte, NC office. We strive for collaboration which is why we offer a work environment where our employees thrive and develop long lasting careers. Our business, your impact, our opportunity: What you'll be doing: * Develop and implement application-focused security controls during all phases of Sompo's Secure Software Development Lifecycle and production operations. * Collaborate, as needed, with development teams to enhance their secure coding practices, application design patterns, and technology selection. * Maintain a strong familiarity with: * Sompo's full stack of security technologies and common application architectures regulatory requirements for security and privacy technologies. * The various Sompo teams who are non-technical subject matter experts on those regulations. * Industry-standard approaches for aligning development, operations, and security. * Be responsible for continuously improving our suite of troubleshooting documents, SOPs, and support tools so that the IT support teams can self-resolve/diagnose application-level issues related to security incidents and/or controls. * Application security review (development lifecycle, technology selection) * Application security testing and instrumentation (production operations) * Support of security tooling and automation What you'll bring: * Minimum of 5 years of experience in information security. * Systematic thinking - the ability to take a complex sequence of events and isolate the critical/relevant stages. * Excellent interpersonal skills - the ability to engage with both end users and IT colleagues to understand a problem and determine fact patterns, measurable requirements, and success criteria. * Strong understanding of: * HTTP, HTML, REST, SOAP, JSON, XML, YAML, and other data formats, web authentication patterns, especially SAML and OAuth, TLS/X509, and cookies, DNS, TCP/IP, and related tools (e.g., interpreting packet captures), Encryption at rest and in flight. * Development and direct work experience with: * Languages for automation, especially Python and Powershell, Query tools. * Excel for ad-hoc analysis. Must be comfortable aggregating disparate sets of logs and other data for unified analysis. * Packet captures for low level network troubleshooting * Application development building blocks, Web application security components * Native security controls in the Microsoft stack (OS, Office, Edge) * Ability to write ad hoc queries using one or more of the following: * Splunk, Powershell, Regular expressions, SQL, XPATH * Ability to write practical audience-relevant documentation related to troubleshooting. * B.S. in Computer Science or Software Engineering Salary Range: $115,000 - $165,000 Actual compensation for this role will depend on several factors including the cost of living associated with your work location, your qualifications, skills, competencies, and relevant experience. At Sompo, we recognize that the talent, skills, and commitment of our employees drive our success. This is why we offer competitive, high-quality compensation and benefit programs to eligible employees. Our compensation program is built on a foundation that promotes a pay-for-performance culture, resulting in higher incentive awards, on average, when the Company does well and lower incentive awards when the Company underperforms. The total compensation opportunity for all regular, full-time employees is a combination of base salary and incentives that gets adjusted upfront based on overall Company performance with final awards based on individual performance. We continuously evaluate and update our benefit programs to ensure that our plans remain competitive and meet the needs of our employees and their dependents. Below is a summary of our current comprehensive U.S. benefit programs: * Two medical plans to choose from, including a Traditional PPO & a Consumer Driven Health Plan with a Health Savings account providing a competitive employer contribution * Pharmacy benefits with mail order options * Dental benefits including orthodontia benefits for adults and children * Vision benefits * Health Care & Dependent Care Flexible Spending Accounts * Company-paid Life & AD&D benefits, including the option to purchase Supplemental life coverage for employee, spouse & children * Company-paid Disability benefits with very competitive salary continuation payments * 401(k) Retirement Savings Plan with competitive employer contributions * Competitive paid-time-off programs, including company-paid holidays * Competitive Parental Leave Benefits & Adoption Assistance program * Employee Assistance Program * Tax-Free Commuter Benefit * Tuition Reimbursement & Professional Qualification benefits In today's world, what do we stand for? Ethics and integrity are the foundation of delivering on our commitment to you. We believe that core values drive success, and that when relationships are held in the highest regard, there is nothing that cannot be accomplished. At Sompo, our ring is more than a logo, it is a symbol of our promise. Click here to learn more about life at Sompo. Sompo is an equal opportunity employer and we intentionally value inclusion and diversity. Above all, we want you to work in an environment that respects everyone's unique contributions - we are passionately committed to equal opportunities. We do not discriminate based on race, color, religion, sex orientation, national origin, or age.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ