Information security analyst jobs in Glen Allen, VA

Our government client is looking for an experienced IT Security Analyst on a hybrid 6+ months renewable contract role in Richmond, VA. - IT Security Analyst | HYBRID W2 RATE - $65/hr - $70/hr Job description: Individual is able to work without assistance; provides leadership for others; able to manage highly complex work efforts; may have advanced education; has extensive industry experience. The IT Security Analyst monitors and advises on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinates and executes IT security related projects for the agency. Coordinates response to information security incidents. Develops and publishes Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with Commonwealth IT Security policies, standards, and guidelines. Conducts campus-wide data classification assessment and security audits and manages remediation plans. Collaborates with IT management, Internal Audit, and VITA to manage security vulnerabilities. Creates, manages and maintains user security awareness. Conducts security research and keeps abreast of latest security issues. Prepares IT security documentation, including department policies and procedures, agency notifications, Web content, and alerts. Required/Desired Experience: 12 Years of Individual must have experience working without assistance; providing leadership for others; managing highly complex work efforts. Required 7 Years of Individual must have experience in the IT Security or related field. Required About Vector: Vector Consulting, Inc., (Headquartered in Atlanta) is an IT Talent Acquisition Solutions firm committed to delivering results. Since our founding in 1990, we have been partnering with our customers, understanding their business, and developing solutions with a commitment to quality, reliability and value. Our continuing growth has been and continues to be built around successful relationships that are based on our organization's operating philosophy and commitment to ** People, Partnerships, Purpose and Performance - THE VECTOR WAY ************************ “Celebrating 30 years of service.”

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Centurion is seeking a skilled Information Security Analyst to support security and privacy efforts across all programs, projects, IT systems, and applications. This role will work closely with the Information Security Office (ISO), providing expertise in governance, risk, and compliance, while ensuring appropriate security controls are implemented and maintained. The ideal candidate is detail-oriented, collaborative, and experienced in applying security frameworks to real-world business and technology environments. Key Responsibilities Support Information Security and Privacy initiatives across business areas and vendor engagements. Manage and update information security documentation within a Governance, Risk, and Compliance (GRC) system. Develop and maintain System Security Plans (SSPs) in collaboration with business stakeholders. Represent the Information Security Office in PMO-led projects, ensuring proper ISO engagement. Partner with teams to analyze challenges, propose compliant solutions, and deliver clear communications. Assist in the creation and maintenance of information security standards, policies, and procedures. Document security controls, including system diagrams, risk assessments, and control narratives. Review contracts and vendor documentation to ensure adequate information security protections. Conduct research on emerging information security and privacy practices to strengthen internal processes. Required Qualifications Minimum of 3 years' experience in information security concepts related to governance, risk, and compliance. Strong knowledge of information security principles, methods, and IT infrastructure management. Experience with security frameworks (e.g., NIST, ISO 27001, COBIT). Proven ability to organize work, prioritize tasks, and meet deadlines independently. Experience drafting policies, standards, and procedures related to Information Security and Privacy. Ability to interpret technical documentation, flow diagrams, and process maps. Strong communication skills with the ability to write clearly for varied audiences. Proficiency in creating diagrams, flowcharts, and spreadsheets. Understanding of general contract terms and conditions related to information security. Preferred Qualifications Bachelor's degree in Computer Science, Information Systems, or related field. Professional certifications such as CISA, CISSP, or equivalent. Prior experience in the financial services industry. Knowledge of cloud and application security controls. Familiarity with information security regulations such as GLBA, GDPR, PCI, and privacy regulations including GDPR, CCPA, VCDPA. Why Join Us? Play a vital role in protecting sensitive information and strengthening enterprise-wide security posture. Collaborate across teams and gain exposure to a broad range of security and compliance initiatives.

It's fun to work in a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. Day Shift - 7.5 Hours (United States of America) We are seeking a detail-oriented and motivated Cyber Security Analyst (Level 1) to support our healthcare organization's mission of protecting patient data and ensuring compliance with HIPAA and other healthcare regulations. This entry-level role is ideal for individuals passionate about cybersecurity and eager to grow within a healthcare environment. Key Responsibilities: Monitor and analyze security alerts from healthcare systems, EHR platforms, and network infrastructure. Assist in the investigation and documentation of security incidents, including potential HIPAA violations. Support vulnerability scanning and patch management across clinical and administrative systems. Help maintain and enforce security policies, procedures, and incident response plans. Assist in documentation and presentation of findings from notable security investigations, including action items and lessons learned to drive ongoing security improvements. Act as first point of contact for security tickets and questions Participate in audits and risk assessments to ensure compliance with healthcare regulations (e.g., HIPAA, HITECH). Contribute to security awareness training for clinical and non-clinical staff. Stay informed on emerging threats, especially those targeting healthcare organizations. Required Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Health Informatics, or a related field (or equivalent experience). Basic understanding of healthcare IT systems and regulatory requirements (HIPAA, HITECH). Familiarity with security tools such as SIEM, antivirus, firewalls, and endpoint protection. Strong analytical and problem-solving skills. Excellent communication skills and ability to work in a team-oriented environment. Preferred Qualifications: Internship or experience in a healthcare IT or cybersecurity role. Certifications such as CompTIA Security+, HCISPP, or equivalent. Knowledge of EHR systems (e.g., Epic, Cerner) and medical device security is a plus. Work Environment: May involve hybrid or on-site work depending on facility needs. Participation in on-call rotation or after-hours incident response may be required Participation in on-call rotation or after-hours incident response may be required Salary Range: $65,000 - $80,000 Employment Non-Discrimination: Richmond University Medical Center is committed to equality of opportunity in all aspects of employment and provides full and equal employment opportunities to all employees and potential employees without regard to race, color, national origin, religion, gender identity, sex, sexual orientation, pregnancy, childbirth and related medical conditions and needs including lactation accommodations, physical or mental disability, age, immigration or citizenship status, veteran or active military status, genetic information, or any other legally protected status. If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Job Description Role : IT Purchasing Analyst Interview Mode: In Person Only The Virginia State Police (VSP), Criminal Justice Information Services (CJIS) Division, is looking for an information technology (IT) purchasing analyst to support of IT projects. The incumbent will perform procurement tasks such as working with suppliers to obtain quotes, enter requisitions in the state procurement system (eVA), track requisition processing to ensure timely completion, propose and process contract amendments, assist with enforcement of vendor contract terms, review and recommend approval/denial of invoices, and evaluate VITA expenses to identify and record expenses related to IT projects. In addition, updates project budgets and grants, and coordinates activities with the VSP Procurement Office, VSP IT Division and VSP grant managers. Provides VSP management with reports that describe current procurement activities, invoices and bills processed, and budget and grant balances. Full-time onsite at VSP headquarters, North Chesterfield, Virginia. Candidates must have 2+years of IT procurement experience, able to learn Commonwealth of Virginia, VITA and VSP procurement policies and systems (e.g. eVA). In addition, candidates: * Must have very good skills in operating computers and using MS Office (Word, Excel, PowerPoint); * Be able to plan, organize and manage multiple tasks simultaneously; * Have strong communication skills (orally and in writing, in English). Candidates should highlight experience procuring high value procurements with an emphasis on information technology (IT) procurements. Candidates should highlight procurement experience and certifications. For example, experience with public procurement, contracting laws and state regulations; experience with technology related procurements, service contracts, business writing, and fiscal procedures; certification as a Virginia Contracting Officer (VCO); certification as a Certified Public Purchasing Officer (CPPO), and/or Certified Professional Public Buyer (CPPB); experience in the procurement of wide variety of goods and services within state government Powered by JazzHR J3bBwWqEBi

Ask ITC Inc. which is backed by a $500 million Microtek group company, provides an industry leading blend of technology, business consulting, and outsourcing services. Ask IT is a minority-owed enterprise; it has been founded on providing the highest quality possible and on the devotion to customer satisfaction. Job Description Daily responsibility for supporting the Procurement / Finance team To support IT division by overseeing an Outlook Mailbox routing for purchasing IT Goods and Services as well as Sharepoint. Daily accounting, and accounts payable activities. Performs adminstrative duties to support the division. Process invoices, procurement and reconciles vendor inquiries, request quotes for purchases of consumables for VDOT. Interprets and applies policies and interprets and develops procedures and processes in this area. Oversees a wide range of administrative and technical functions necessary for effective office management. Independently performs all administrative and fiscal tasks with accuracy. Tasks include accounts payable and receivable, and procurement. Routinely responds to a variety of requests from agency management, external organizations, consultants and the general public. Identify the technology business needs and technology products, services or solution that will best fulfill those needs while determining cost containment. IT procurement liaison who works with VITA and NG, understanding technology in order to discuss contracts, licenses agreements, maintenance agreements and contracts. Qualifications Skilled functionality with SharePoint. Skilled in the functionality of financial systems, Microsoft Office Suites, and other automated equipment and tools. Skilled in English grammar with the ability to communicate effectively. Considerable experience records management, governmental accounting, and financial management. Additional Information All your information will be kept confidential according to EEO guidelines.

Interview Mode: Web Cam Interview Only Need resume by July 25 The client is seeking a team member to function as a Governance Analyst. The IT Governance practice at VDOT is focused on process improvement, standardization, reporting and risk minimization. It's responsible for ensuring compliance. The Analyst will review processes & develop documentation to support Governance initiatives. The Analyst will also assist in issue resolution, operationalizing Governance practices, creating and socializing IT Governance artifacts (such as IT audit responses, control processes etc.) This position will also assist in extending the scope of ITD Governance, Security Architecture and Process Improvement. Responsibilities: The IT Governance Analyst is responsible for providing support to IT services, and will align IT investments with enterprise business goals, as well as Bureau and Agency guidance. Develop, update and maintain IT governance documents including IIMS, policies and guidelines. Translate complex technical and compliance concept into clear, understandable documentation Support technical writing and review for the division's flagship governance documents and policies. Oversee the IT audit inquiry process by coordinating with internal auditors and customers to relay evidence of compliance to agency standards. Oversee the IT audit remediation process by coordinating with developers, engineers, and IT Leadership to rectify points of non-compliance to agency standards. Coordinate requirements submission and execution requirements for the Audit Kanban, ensuring an accurate level of detail and defined scope. Provide input into the augmentation of a governance model for ITD's critical processes. Qualifications: Demonstrated knowledge or experience in process modeling with Microsoft Visio. Experience with drafting policy, technical briefings, business or executive-centered presentations, and reports Knowledge an Agile Project Management environment preferred. Knowledge of general IT Audit and Compliance response processes Understanding of IT Governance best practices, tools, with willingness to learn Commonwealth or Agency Implementation Ability to work independently, creatively, and analytically in a fast-paced, team environment. Attention to detail, strong listening skills, and good verbal and written communications are required. Skill Required / Desired Amount Experience Knowledge and application of IT Governance and Compliance standards Required 7 Years Experience in Technical Writing, editing skills and policy documentation Required 7 Years Experience in Process Modeling Required 7 Years Power BI Experience Required 3 Years Experience in business writing and presenting Required 7 Years Microsoft Visio, Planner and SharePoint Online experience Required 7 Years

ON SITE: 3 days a week required Responsibilities: Conduct detailed financial analysis and forecasting for security products and services within the agency. Develop and maintain budgeting models to support product and service funding requests, execution, and cost management. Collaborate with cross-functional teams including IT security, procurement, and compliance to align financial strategies with agency goals Monitor and report on financial performance against approved budgets, identifying risks and opportunities. Support procurement and contract negotiations with vendors from a financial perspective. Analyze life cycle costs and support cost-benefit evaluations for new security initiatives and technology acquisitions. Assist in evaluating the financial viability of new security products or enhancements Provide clear, concise financial reports and briefings for senior leadership and oversight bodies. Support continuous improvement of financial processes and systems related to security program funding and expenditure tracking. Job Type: Contract Experience: BS/MS degree in Computer Science, Engineering or a related: 4 years (Preferred) financial modeling, budgeting, cost analysis,forecasting.: 2 years (Preferred) analytical, organizational, and communication skills.: 2 years (Preferred) Ability to manage multiple priorities and deliver results: 2 years (Preferred) Familiarity with State Government budgeting process.: 2 years (Preferred) Understand technologies as it relates to product and cost: 2 years (Preferred) financial management systems and tools (Microsoft Office): 2 years (Preferred)

Number of positions: 1 Length: 12Months + Work Address: Richmond, VA Immediate Interviews In Person Interview IT Security Analyst 4 Hybrid (ONSITE Required: 2-3 days/week) Document and address organization\'s information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle. 3 days - on site -2 days - remote Notes from the manager: For this position we are really looking for someone who is strong in Security Operations (Vulnerability Management, Penetration Testing, Incident Response, Identity Access Management, etc.). A few of the candidates were strong in Risk Management (Risk Assessment, Data Classification, Audits, etc.) but we already have those skills on our team. The remaining candidates mostly struggled to answer basic technical questions relating to security and seemed to mostly come from more IT Operations backgrounds. We are looking for an experienced person as this is not an entry level opening. General things to consider when screening: 1. Experience with vulnerability management is key for this position. 2. Experience with application penetration is key for this position. 3. Experience with Dev SecOps/Secure Software Development Lifecycle (Secure SDLC/SSDLC)/Secure by Design is key for this position. 4. Scripting and automation experience is highly desired for this position. 5. Interpersonal skills and being able to talk with and manage stakeholders are key for this position. Analyze the security impact of application, configuration, and infrastructure changes to ensure compliance with the security standard as part of the change management lifecycle. Assess the configurations of applications, servers, and network devices for compliance with the security standard. Analyze and document how the implementation of new system or new interfaces between systems impacts the security posture of the current environment. Assess and document the security impact and risks of newly discovered vulnerabilities in the environment. Coordinate resolution of application and infrastructure security vulnerabilities with System Owners, IT, and vendors. Track resolution of vulnerabilities and provide regular updates to management. Coordinate resolution of endpoint security vulnerabilities with users and provide regular updates to management. Respond to, and investigate, security incidents and provide thorough post-event analyses. Perform internal application penetration testing, document findings, and recommend improvements to improve the organizations security posture. Complete annual password security audits and coordinate completion of agency wide user access audits in compliance with the security standard. Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately. Create and maintain desk procedures and process documentation for all responsibilities. Required/Desired Skills Candidates must have ALL the Required skills in order to be considered for the position. Desired or Highly Desired skills are a PLUS but may NOT be required. Skill Matrix (Please fill the last two columns of this matrix) Experience with Business workflow processes Required / Desired Amount of Experience Years of Experience Last Used NIST 800-53 rev 5 and/or Criminal Justice Information System (CJIS) specifications for an information security management system. Required 5 Years Software development lifecycle, vulnerability management processes, role-based authentication methodologies, etc. Required 5 Years Familiarity with programming languages such as Python, Java, JavaScript, C++, C#, SQL, HTML, CSS, and/or COBOL. Required 5 Years Expertise in using automated vulnerability scanners like Nessus, Qualys, Retina, and/or Tenable. Required 5 Years Familiarity with web application security testing tools like Burp Suite, Fortify, and/or AppScan. Required 5 Years Basic scripting skills (e.g. WDL, VBScript, JavaScript, PowerShell, Python) for automation Required 5 Years IT security or risk assessment certifications are advantageous (CISM, CCSP, CISSP, CEH, CompTIA Pentest+ and/or CompTIA Security+) Required 5 Years

What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! Looking for a role that will have a meaningful impact on Security Engineering? We are looking for an individual to reduce enterprise risk through the secure design, implementation and administration of cybersecurity tools and helping to enhance department strategies to protect our customers, data, and associates. What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! The opportunity: We are seeking a Security Engineer to join our dynamic team, where you'll play a pivotal role in fortifying our company's internal network against unauthorized access and cyber threats. As a Security Engineer, you'll be at the forefront of our cybersecurity efforts, designing and implementing cutting-edge security strategies. You will have the chance to collaborate with a team of skilled security specialists to devise and execute robust architecture solutions that protect our digital assets. Your expertise will not only help mitigate potential damages during current attacks but also proactively identify and resolve hardware or software vulnerabilities before they become threats. In this role, you'll leverage your deep understanding of various hardware and software technologies, along with the Enterprise Security Framework, to drive innovative design solutions and provide strategic recommendations. Your insights and contributions will be crucial in shaping the security posture of our organization, ensuring that we stay ahead of evolving cyber risks. What you'll be doing: * Architect & Implement: Design and deploy cloud security architectures meeting business, security, and compliance needs. * Configuration Management: Secure cloud-based tools and mobile technology, ensuring safe access solutions. * Security Environments: Create and maintain testing environments for security solutions. * Risk Mitigation: Innovate security measures across on-premise and cloud environments. * Network Security Oversight: Manage cloud network security, including firewall approvals. * Automation & Scripting: Develop automation scripts for security needs. * Incident Response: Lead and strategize responses to cyber threats. * Secure Access Solutions: Implement secure authentication, authorization, and encryption strategies. * Cyber Threat Awareness: Stay updated on security trends and threats. * Change Management: Oversee security aspects of cloud changes and software deployments. * Policy Documentation: Document and enforce security policies and procedures. * Skill Development: Update and share technical knowledge on data protection. * Metrics & Reporting: Generate Cloud Security status metrics. * Mentorship & Leadership: Guide and mentor junior team members. * Operational Support: Maintain security tools and systems. * Compliance: Ensure compliance with regulations (NY State, PCI, GDPR, NIST). * Project Support: Evaluate and implement new security technologies. * Technical Resource: Serve as an expert for other departments. * Communication: Convey security issues and solutions clearly. * Additional Duties: Participate in incident response, change management, and system maintenance. Our must-haves: * 3+ years related work experience & industry certification in cyber security. * Bachelor's degree in Computer Science or Engineering with a focus on Cyber Security, Digital Forensics or related work experience/certification. * Security+ or similar industry approved certifications. Other certifications that are a plus: * ITIL, preferred * Certified Cloud Security Professional - ISC2 .org (CCSP) * Certified Information Systems Security Professional (CISSP) * Certificate of Cloud Security Knowledge - CSA (CCSK) * Information Systems Security Engineering Professional (ISSEP) * Microsoft Certified: Azure Fundamentals (MCAF) * Microsoft Certified Azure Administrator Associate (MCAAA) * Microsoft Certified: Azure Security Engineer Associate (MCASEA) #LI-Hybrid #DEIB US Work Authorization US Work Authorization required. Markel does not provide visa sponsorship for this position, now or in the future. Pay information: Who we are: Markel Group (NYSE - MKL) a fortune 500 company with over 60 offices in 20+ countries, is a holding company for insurance, reinsurance, specialist advisory and investment operations around the world. We're all about people | We win together | We strive for better We enjoy the everyday | We think further What's in it for you: In keeping with the values of the Markel Style, we strive to support our employees in living their lives to the fullest at home and at work. * We offer competitive benefit programs that help meet our diverse and changing environment as well as support our employees' needs at all stages of life. * All full-time employees have the option to select from multiple health, dental and vision insurance plan options and optional life, disability, and AD&D insurance. * We also offer a 401(k) with employer match contributions, an Employee Stock Purchase Plan, PTO, corporate holidays and floating holidays, parental leave. Are you ready to play your part? Choose 'Apply Now' to fill out our short application, so that we can find out more about you. Caution: Employment scams Markel is aware of employment-related scams where scammers will impersonate recruiters by sending fake job offers to those actively seeking employment in order to steal personal information. Frequently, the scammer will reach out to individuals who have posted their resume online. These "job offers" include convincing offer letters and frequently ask for confidential personal information. Therefore, for your safety, please note that: * All legitimate job postings with Markel will be posted on Markel Careers. No other URL should be trusted for job postings. * All legitimate communications with Markel recruiters will come from Markel.com email addresses. We would also ask that you please report any job employment scams related to Markel to ***********************. Markel is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of any protected characteristic. This includes race; color; sex; religion; creed; national origin or place of birth; ancestry; age; disability; affectional or sexual orientation; gender expression or identity; genetic information, sickle cell trait, or atypical hereditary cellular or blood trait; refusal to submit to genetic tests or make genetic test results available; medical condition; citizenship status; pregnancy, childbirth, or related medical conditions; marital status, civil union status, domestic partnership status, familial status, or family responsibilities; military or veteran status, including unfavorable discharge from military service; personal appearance, height, or weight; matriculation or political affiliation; expunged juvenile records; arrest and court records where prohibited by applicable law; status as a victim of domestic or sexual violence; public assistance status; order of protection status; status as a smoker or nonsmoker; membership or activity in local commissions; the use or nonuse of lawful products off employer premises during non-work hours; declining to attend meetings or participate in communications about religious or political matters; or any other classification protected by applicable law. Should you require any accommodation through the application process, please send an e-mail to the ***********************. No agencies please.

Job Description Argo Cyber Systems is seeking a Systems Security Engineer to support enterprise and mission-critical Department of Defense (DoD) and U.S. Navy programs. The selected engineer will apply deep knowledge of vulnerability management, system accreditation, and risk analysis to ensure the confidentiality, integrity, and availability of government systems and data. This position integrates cybersecurity engineering principles into the full system lifecycle-from architecture design and implementation to continuous monitoring and audit support-helping our clients maintain compliance with DoD cybersecurity frameworks. This position is contingent on contract award. Key Responsibilities Conduct vulnerability assessments and perform in-depth risk analyses of DoD and Navy information systems. Execute malware and virus scanning, remediation, and system hygiene verification using approved DoD tools and baselines. Support the development, review, and maintenance of System Security Plans (SSPs), POA&Ms, and related RMF artifacts. Participate in the accreditation and assessment of systems to ensure compliance with DoD and NIST 800-series standards. Analyze vulnerability and compliance data from SCAP, ACAS/Nessus, and DISA STIGs to identify and mitigate security gaps. Collaborate with system administrators and network engineers to integrate security controls into system architectures. Support internal and external cybersecurity audits, developing evidence packages and implementing corrective actions. Provide security input throughout the system development lifecycle (SDLC), including change management and configuration control reviews. Maintain awareness of evolving DoD cybersecurity directives, policies, and vulnerability management tools. Ensure all activities align with DoD 8570.01-M IAT Level II standards and applicable Navy cybersecurity regulations. Required Qualifications Education: Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent military/industry experience). Experience: Minimum of 4 years of professional experience in IT security supporting the DoD or U.S. Navy. Certifications: Must meet DoD 8570.01-M IAT Level II requirements (e.g., Security+ CE, CCNA Security, or CySA+). Clearance: Active Secret (T3 Investigation) or ability to obtain. Proficiency in: Vulnerability scanning and analysis (ACAS/Nessus, SCC, STIG Viewer). Risk management and assessment aligned to NIST SP 800-53 and RMF. System accreditation and security documentation. Malware and virus detection tools and mitigation techniques. Preferred Qualifications Experience supporting Navy Authorizing Officials (NAO) or RMF Package Submissions. Working knowledge of eMASS, Xacta, or equivalent compliance automation tools. Familiarity with continuous monitoring and configuration management processes. Additional certifications such as CISSP, CISM, or CEH. Understanding of Zero Trust Architecture (ZTA) principles within DoD environments. About Argo Cyber Systems Argo Cyber Systems, LLC is a Service-Disabled Veteran-Owned Small Business (SDVOSB) delivering advanced cybersecurity engineering, compliance, and systems integration support to the U.S. Government. Our professionals secure mission networks, strengthen resilience, and enable Zero Trust modernization for DoD and Federal clients nationwide. Argo Cyber Systems, LLC is an equal opportunity employer! Background & Drug Screening Disclaimer © Argo Cyber Systems, LLC - All Rights Reserved Argo Cyber Systems, LLC is committed to maintaining a safe, secure, and trusted workplace for all employees and our federal clients. Employment with Argo Cyber Systems is contingent upon successful completion of all required background investigations and pre-employment screenings, which may include, but are not limited to: Criminal background checks (federal, state, and local) Employment and education verification Reference checks Drug screening (in compliance with federal and state law) Security clearance verification (as applicable for classified positions) Candidates selected for employment in positions requiring access to sensitive or classified information may also be subject to additional U.S. Government background investigations and security adjudication processes, including DHS Entry on Duty (EOD) suitability or equivalent federal clearance requirements. Argo Cyber Systems reserves the right to disqualify or rescind an offer of employment based on the results of any background or screening process that, in the company's judgment, may impact an individual's ability to perform essential job functions or meet contractual obligations. All background investigations and screenings are conducted in accordance with applicable federal, state, and local laws, including the Fair Credit Reporting Act (FCRA). Candidates will be notified of their rights and provided an opportunity to review and dispute any adverse findings before final employment determinations are made. Job Posted by ApplicantPro

As part of Meta Security, our Insider Trust team is dedicated to identifying and responding to insider threats that target our data. Our mission is to detect, investigate, and mitigate damage caused by insider threats. We handle a wide range of abuse cases, including misuse of user data, intellectual property theft, and leaks of sensitive information.We are seeking an experienced Security Engineer to join the team. This role involves investigating, hunting, and automating internal signals to detect malicious activities related to insider threats. **Required Skills:** Security Engineer Investigator, Insider Trust Responsibilities: 1. Perform analysis, and threat hunting from a variety of log sources (e.g., individual host logs, network traffic logs) to identify potential insider threats 2. Create workflows and automations to streamline signal detection, threat hunts, and investigative processes 3. Collaborate with software and production engineering teams to build scalable and adaptable solutions for insider threat investigations 4. Identify gaps in our infrastructure and work with cross-functional partners to improve visibility through logging and automation 5. Build operational workflows and actions to auto-resolve false positives and provide context, scaling investigation capabilities 6. Prioritize efforts to maximize impact by enhancing visibility, automating processes, and scaling investigative capabilities 7. Coach, mentor, and support team members to foster long-term career growth, job satisfaction, and success **Minimum Qualifications:** Minimum Qualifications: 8. Bachelor's degree in Computer Science, Engineering, or equivalent experience 9. 5+ years of experience in Detection & Response Engineering, Insider Threat, or a similar Security Engineering role 10. Technical and procedural expertise in conducting security investigations, including response, forensics, and large-scale log analysis 11. Experience with attacker tactics, techniques, and procedures 12. Proficiency in coding or scripting in one or more general-purpose programming languages **Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Job DescriptionRole : IT Security Analyst 3 Interview Mode: Web Cam Interview Only The Virginia Department of Transportation is seeking to fill the Information Technology (IT) Security Analyst position. This position reports to the Deputy Information Security Officer in the Office of Information Security located in Richmond, Virginia. The IT Security Analyst supports the VDOT Information Security mission by implementing results-oriented strategic approaches, plans, programs, and procedures. This position helps to ensure that Commonwealth of Virginia Information Security Policies and Standards are followed by the Agency. The broad areas of responsibility for this position include; identity and access management, IT risk management, business continuity and IT disaster recovery planning, security awareness education and training, security vulnerability management, Artifical Intelligence compliance and security incident management. Responsibilities: Documents processes and script narratives/executive summaries. Create Business focused documentation for circulation among readers with various technical understanding. Share insight of Security Architecture and IT Governance approaches and implementation methodologies Research and provide written guidance on alignment with security policies/standards. Perform tasks related to Security Compliance and Control Evaluation, Risk analysis, and exception documentation. Collaborate with Business areas and cross- functional Enterprise Architects to fully understand business needs and provide strategic consultation on data security and risk-averse implementation. Partner with architects, other technical team members and to develop roadmaps and strategies to support agency KPIs Design/Implement Enterprise Security/technology Patterns Consult with teams as needed on initiatives and provide tactical direction as well as provide architecture considerations on legacy solutions Research and share finding of architecture governance, controls, and peer review processed with regards to platform technology, security, and cloud. Qualifications: Comprehensive knowledge of Information Security principles; including information security trends, emerging technologies, best-practices, controls, models, architecture, etc. Practical experience with identity and access management, IT risk management, business continuity and IT disaster recovery planning, security awareness education and training, security vulnerability management, and security incident management. Familiarity with the Commonwealth of Virginia's Information Security Standards and/or the National Institute of Standards and Technology Publication 800-53. Able to communicate effectively in writing and orally, exercise judgment, interpret laws and policies, and maintain effective working relationships with a wide variety of individuals in both the public and private sectors Experience in monitoring IT environments for compliance with information security architecture policies and standards. Substantial technical experience in 2 or more: Cloud-based technologies, Artificial Intelligence, Machine Learning, Identity & Access Management, Vulnerability Management, firewalls, computer forensic techniques, databases, collaboration tools, web & mail services. Ability to provide input and security direction for future designs, information security capabilities, and strategic technology alternatives. Excellent written and oral communication and presentation skills (possessing the ability to breakdown complex technical terms into everyday language). Demonstrated ability to work with broad cross-section of personal including all levels of management and external entities such as VITA consultants and service providers to explain and security measures and collaborate and disseminate security related information in partnership with the Office of Information Security. Work experience in a fast-paced environment and acquire new skills/knowledge to meet customer needs. Thorough understanding of customers priorities and the business criticality of platforms, applications and services. Powered by JazzHR gh J6cBtwVo

Number of positions: 1 Length: 12Months + Work Address: Richmond, VA 23219 Immediate interviews Web Cam Interview Elect - Cybersecurity Engineer Is Remote. Seeking an Azure Senior Security Engineer (Cybersecurity Engineer 3) with minimum 5 years experience to work with an existing software development team. You will be working with our more established contractors and staff to focus on several web and Windows applications used both by internal staff and constituents of the Commonwealth of Virginia. The candidate will need expertise in all aspects of IT security and cloud security and experience working in an Agile/Scrum development environment interacting with technical and non-technical stakeholders. Candidate will need to have extensive knowledge of cybersecurity practices, industry security standards, and regulatory standards. A bachelors degree and/or applicable recognized industry certifications are strongly desired and will help you stand out in this position. using mobile and responsive design practices, so a familiarity with these methodologies would be a plus. Required/Desired Skills Candidates must have ALL the Required skills in order to be considered for the position. Desired or Highly Desired skills are a PLUS but may NOT be required. Skill Matrix (Please fill the last two columns of this matrix) Experience with Business workflow processes Required / Desired Amount of Experience Years of Experience Last Used 5+ years in IT security or cloud security roles required. Required 5 Years 3+ years of hands-on experience securing Azure environments Required 3 Years Bachelors degree in Computer Science, Cybersecurity, or related field or equivalent work experience required. Required 5 Years Relevant certifications (MS Certified Cybersecurity Architect Expert, Azure Security Engineer Associate (SC-300), CompTIA Security+, CISSP, CISM Highly desired 5 Years Experience with Azure Security Services (Azure Defender, MS Sentinel, Azure Key Vault, Azure Policy and Blueprints, Azure Security Center) required. Required 5 Years Experience with Azure Active Directory (AAD), including conditional access, MFA, and identity protection required. Required 5 Years Extensive knowledge of PIM and RBAC required Required 5 Years Experience with NSGs, ASGs, VPN, ExpressRoute, and hybrid connectivity security required Required 5 Years Ability to implement and moitor compliance with regulatory standards such as NIST, ISO 27001, GDPR, etc. is required Required 5 Years Extensive knowledge of threat modeling and vulnerability management, SIEM/SOAR tuning and response workflows, and security alert triage and forensics Required 5 Years Ability to perform scripting and automation using PowerShell, Bicep, ARM templates, or Terraform Required 5 Years Ability to perform perform integration with CI/CD pipelines for secure deployments (GitHub Actions, Azure DevOps) Required 5 Years Ability to create and deliver security architecture reports and documentation Required 5 Years Experience in risk assessment and mitigation strategies Required 5 Years

What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! Looking for a role that will have a meaningful impact on Security Engineering? We are looking for an individual to reduce enterprise risk through the secure design, implementation and administration of cybersecurity tools and helping to enhance department strategies to protect our customers, data, and associates. What part will you play? If you're looking for a place where you can make a meaningful difference, you've found it. The work we do at Markel gives people the confidence to move forward and seize opportunities, and you'll find your fit amongst our global community of optimists and problem-solvers. We're always pushing each other to go further because we believe that when we realize our potential, we can help others reach theirs. Join us and play your part in something special! The opportunity: We are seeking a Security Engineer to join our dynamic team, where you'll play a pivotal role in fortifying our company's internal network against unauthorized access and cyber threats. As a Security Engineer, you'll be at the forefront of our cybersecurity efforts, designing and implementing cutting-edge security strategies. You will have the chance to collaborate with a team of skilled security specialists to devise and execute robust architecture solutions that protect our digital assets. Your expertise will not only help mitigate potential damages during current attacks but also proactively identify and resolve hardware or software vulnerabilities before they become threats. In this role, you'll leverage your deep understanding of various hardware and software technologies, along with the Enterprise Security Framework, to drive innovative design solutions and provide strategic recommendations. Your insights and contributions will be crucial in shaping the security posture of our organization, ensuring that we stay ahead of evolving cyber risks. What you'll be doing: Architect & Implement: Design and deploy cloud security architectures meeting business, security, and compliance needs. Configuration Management: Secure cloud-based tools and mobile technology, ensuring safe access solutions. Security Environments: Create and maintain testing environments for security solutions. Risk Mitigation: Innovate security measures across on-premise and cloud environments. Network Security Oversight: Manage cloud network security, including firewall approvals. Automation & Scripting: Develop automation scripts for security needs. Incident Response: Lead and strategize responses to cyber threats. Secure Access Solutions: Implement secure authentication, authorization, and encryption strategies. Cyber Threat Awareness: Stay updated on security trends and threats. Change Management: Oversee security aspects of cloud changes and software deployments. Policy Documentation: Document and enforce security policies and procedures. Skill Development: Update and share technical knowledge on data protection. Metrics & Reporting: Generate Cloud Security status metrics. Mentorship & Leadership: Guide and mentor junior team members. Operational Support: Maintain security tools and systems. Compliance: Ensure compliance with regulations (NY State, PCI, GDPR, NIST). Project Support: Evaluate and implement new security technologies. Technical Resource: Serve as an expert for other departments. Communication: Convey security issues and solutions clearly. Additional Duties: Participate in incident response, change management, and system maintenance. Our must-haves: 3+ years related work experience & industry certification in cyber security. Bachelor's degree in Computer Science or Engineering with a focus on Cyber Security, Digital Forensics or related work experience/certification. Security+ or similar industry approved certifications. Other certifications that are a plus: ITIL, preferred Certified Cloud Security Professional - ISC2 .org (CCSP) Certified Information Systems Security Professional (CISSP) Certificate of Cloud Security Knowledge - CSA (CCSK) Information Systems Security Engineering Professional (ISSEP) Microsoft Certified: Azure Fundamentals (MCAF) Microsoft Certified Azure Administrator Associate (MCAAA) Microsoft Certified: Azure Security Engineer Associate (MCASEA) #LI-Hybrid #DEIB US Work Authorization US Work Authorization required. Markel does not provide visa sponsorship for this position, now or in the future. Pay information: Who we are: Markel Group (NYSE - MKL) a fortune 500 company with over 60 offices in 20+ countries, is a holding company for insurance, reinsurance, specialist advisory and investment operations around the world. We're all about people | We win together | We strive for better We enjoy the everyday | We think further What's in it for you: In keeping with the values of the Markel Style, we strive to support our employees in living their lives to the fullest at home and at work. We offer competitive benefit programs that help meet our diverse and changing environment as well as support our employees' needs at all stages of life. All full-time employees have the option to select from multiple health, dental and vision insurance plan options and optional life, disability, and AD&D insurance. We also offer a 401(k) with employer match contributions, an Employee Stock Purchase Plan, PTO, corporate holidays and floating holidays, parental leave. Are you ready to play your part? Choose ‘Apply Now' to fill out our short application, so that we can find out more about you. Caution: Employment scams Markel is aware of employment-related scams where scammers will impersonate recruiters by sending fake job offers to those actively seeking employment in order to steal personal information. Frequently, the scammer will reach out to individuals who have posted their resume online. These "job offers" include convincing offer letters and frequently ask for confidential personal information. Therefore, for your safety, please note that: All legitimate job postings with Markel will be posted on Markel Careers. No other URL should be trusted for job postings. All legitimate communications with Markel recruiters will come from Markel.com email addresses. We would also ask that you please report any job employment scams related to Markel to ***********************. Markel is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of any protected characteristic. This includes race; color; sex; religion; creed; national origin or place of birth; ancestry; age; disability; affectional or sexual orientation; gender expression or identity; genetic information, sickle cell trait, or atypical hereditary cellular or blood trait; refusal to submit to genetic tests or make genetic test results available; medical condition; citizenship status; pregnancy, childbirth, or related medical conditions; marital status, civil union status, domestic partnership status, familial status, or family responsibilities; military or veteran status, including unfavorable discharge from military service; personal appearance, height, or weight; matriculation or political affiliation; expunged juvenile records; arrest and court records where prohibited by applicable law; status as a victim of domestic or sexual violence; public assistance status; order of protection status; status as a smoker or nonsmoker; membership or activity in local commissions; the use or nonuse of lawful products off employer premises during non-work hours; declining to attend meetings or participate in communications about religious or political matters; or any other classification protected by applicable law. Should you require any accommodation through the application process, please send an e-mail to the ***********************. No agencies please.

Job Description Argo Cyber Systems is seeking a Senior Cybersecurity Engineer with specialized experience supporting U.S. Department of Defense (DoD) and U.S. Navy cybersecurity programs. The ideal candidate will possess hands-on expertise in vulnerability analysis, STIG implementation, risk assessments, and system accreditation, as well as the ability to conduct and lead TEMPEST testing in accordance with national standards. This position plays a critical role in ensuring mission assurance, data protection, and compliance across classified and unclassified information systems. This position contingent on contract award. Key Responsibilities Perform comprehensive vulnerability and risk analyses for DoD/Navy information systems, identifying exploitable weaknesses and developing mitigation plans. Execute SCAP scans, interpret results, and implement remediation actions in line with DISA STIG requirements. Develop and apply system hardening baselines for operating systems, network devices, and applications. Conduct virus, malware, and malicious code scanning, ensuring system and network hygiene. Lead or support system accreditations, ATO/ATC processes, and cybersecurity audits in accordance with DoD RMF guidance (NIST SP 800-53 / 800-37). Conduct and lead TEMPEST testing using approved test plans, production test procedures, and the current National TEMPEST Standard, documenting findings and recommendations. Prepare detailed reports, risk assessments, and compliance documentation for government review. Collaborate with system owners, ISSMs, and network engineers to ensure secure design, configuration, and operation of all systems. Maintain situational awareness of evolving DoD/Navy cybersecurity directives, policies, and tools. Required Qualifications Education: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field (or equivalent military training/experience). Experience: Minimum of 6 years of professional experience supporting DoD or U.S. Navy IT security operations. Certifications: Must meet DoD 8570.01-M IAT Level III requirements (e.g., CASP+, CISSP, CISA, or GCED). Clearance: Active Top Secret (T5 Investigation) or eligibility to obtain. Proficiency with: DISA STIGs, SCAP Compliance Checker (SCC), and ACAS/Nessus vulnerability scanners TEMPEST testing methodologies and National TEMPEST Standards DoD RMF and system accreditation processes (eMASS, Xacta, or equivalent) Preferred Qualifications Experience with Navy networks and enclave systems (e.g., FLANK SPEED, CANES, NMCI). Familiarity with DoD ATO packages, POA&Ms, and continuous monitoring. Prior work supporting NAVWAR, SPAWAR, or C5ISR environments. Additional certifications such as CISSP-ISSEP, CISM, CEH, or Security+ CE. About Argo Cyber Systems Argo Cyber Systems, LLC is a Service-Disabled Veteran-Owned Small Business (SDVOSB) delivering mission-critical cybersecurity, compliance, and systems engineering support to the U.S. Government. Our team supports complex cyber operations across DHS, DoD, and Intelligence Community customers-helping secure national defense infrastructure and advance Zero Trust modernization. Argo Cyber Systems, LLC is an equal opportunity employer! Background & Drug Screening Disclaimer © Argo Cyber Systems, LLC - All Rights Reserved Argo Cyber Systems, LLC is committed to maintaining a safe, secure, and trusted workplace for all employees and our federal clients. Employment with Argo Cyber Systems is contingent upon successful completion of all required background investigations and pre-employment screenings, which may include, but are not limited to: Criminal background checks (federal, state, and local) Employment and education verification Reference checks Drug screening (in compliance with federal and state law) Security clearance verification (as applicable for classified positions) Candidates selected for employment in positions requiring access to sensitive or classified information may also be subject to additional U.S. Government background investigations and security adjudication processes, including DHS Entry on Duty (EOD) suitability or equivalent federal clearance requirements. Argo Cyber Systems reserves the right to disqualify or rescind an offer of employment based on the results of any background or screening process that, in the company's judgment, may impact an individual's ability to perform essential job functions or meet contractual obligations. All background investigations and screenings are conducted in accordance with applicable federal, state, and local laws, including the Fair Credit Reporting Act (FCRA). Candidates will be notified of their rights and provided an opportunity to review and dispute any adverse findings before final employment determinations are made. Job Posted by ApplicantPro

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************