Information security analyst jobs in Missoula, MT

Develops and executes programs and processes to reduce information security risk and strengthen Oracle's security posture. **Responsibilities** Supports the strengthening of Oracle's security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas. Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs. Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance. Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required. Incident Management and response: Brings advanced level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents. Digital Forensics: Brings advanced level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required. Other areas of focus may include duties providing advanced level skills and knowledge to manage Information Security Education, Training and Awareness programs. In a Corporate Security role, may manage the creation, review and approval of corporate information security policies. Mentors and trains other team members. Compiles information and reports for management. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $104,200 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

This job provides Information Security and Risk Management services for the Organization. Works with peers within security, HM Health Solutions customers and application teams to ensure alignment with current and future security needs. Manages activities of various Information Security personnel. Makes decisions on personnel actions (promotions, hiring, terminations, etc.). Develops talent, addresses resource management, cultivates capabilities of staff, planning and coordination of work, and managing performance. Conducts the oversight of security technology products for network, systems, and data. Controls expenses within the operating unit and is responsible for meeting budget goals. Actively contributes to the Information Security ans Risk Management (ISRM) strategic planning process by working with the Directors to develop and implement department strategic plans and action steps that support the corporate strategic objectives. Actively involved in the coordination, implementation, problem solving, communication, and training of new technologies and processes, as they are developed and moved into the environment. Develops and presents Information Security awareness and training programs. **ESSENTIAL RESPONSIBILITIES** + Perform management responsibilities including, but not limited to: involved in hiring and termination decisions; coaching and development; rewards and recognition; performance management and staff productivity. + Plan, organize, staff, direct and control the day-to-day operations of the department; develop and implement policies and programs as necessary; may have budgetary responsibility and authority. + Provide oversight of all aspects of project management to ensure continuous improvement of processes: negotiate and collaborate with leadership and staff to develop security solutions and options; develop and adhere to internal standards and strategies; ensure adherence to approved methodologies; coordinate resources, time, contingency plans and risk management. + Provide leadership to the department: lead and champion organizational change; encourage participation in activities that support relationship development; champion information security innovation; encourage and enforce proper training in regards to security issues. + Ensure compliance to Corporate and Information Security policies, standards and procedures. + Communicate effectively with all levels of the organization: facilitate meetings; plan, design and provide presentations; represent HM Health Solutions with outside entities; prepare divisional procedures, policies, reports and correspondence; spread awareness of new and existing security threats; provide oversight regarding metrics, funding, budgets and resources. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Information Security, Information Systems, Information Assurance, Computer Science or related field **Substitutions** + 6 years of relevant experience substitution for a Bachelor's Degree **Preferred** + Master's Degree in Computer Science, Information Security or related field **EXPERIENCE** **Required** + 7 - 10 years in Information Security and/or Information Risk Management and/or Information Technology + 7 - 10 years in developing, communicating and presenting Information Security and Risk Management concepts to varying audiences + 1 - 3 years in mentoring others in a leadership role + 1 - 3 years in Staff Management + 1 - 3 years in developing and executing strategic plans to realize business objectives **Preferred** + 10 - 15 years in Information Security and/or Information Risk Management and/or Information Technology + Experience managing an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework + Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits + Experience establishing budgets and meeting fiduciary goals + Security industry organization participation/leadership (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.) **LICENSES AND CERTIFICATIONS** **Required** + None **Preferred** + Certified Information Systems Security Professional (CISSP) **OR** + Certified Information Security Manager (CISM) **OR** + Certified in Risk and Information Systems Controls (CRISC) **OR** + Information Technology Infrastructure Library (ITIL) **SKILLS** + Knowledge of regulatory requirements such as Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry Data Security Standards (PCI DSS), and FIPS-140 + Strong teamwork and interpersonal skills + Experience in leading process improvement initiatives + Ability to motivate high performance, multi-discipline teams + Demonstrated competency in project execution + Demonstrated abilities in relationship management **Languages (Other than English)** None **Travel Requirement** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-Based Teaches/Trains others regularly Frequently Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Does Not Apply Physical Work Site Required Yes Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ **Pay Range Minimum:** $108,000.00 **Pay Range Maximum:** $201,800.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J269753

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Job Description . Director, Chief Information Security Officer (CISO) The Staff Pad is seeking a Chief Information Security Officer (CISO) on behalf of a leading healthcare organization in Helena, Montana. This executive leader will establish and maintain the enterprise security vision, strategy, and program to safeguard all information assets-including PHI and sensitive clinical, administrative, and operational data. The CISO will oversee risk management, regulatory compliance, security operations, incident response, and the development of a strong security culture across the organization. This role requires both strategic leadership and deep technical expertise within the healthcare sector. Position Overview The CISO leads the enterprise cybersecurity program, ensuring the protection of systems, data, and clinical technologies while supporting patient safety and operational continuity. This leader will oversee governance, risk, compliance, and security operations, working closely with executive leadership to guide security strategy and response. Key Responsibilities Strategic Leadership & Governance Develop and execute a long-term information security strategy aligned with organizational goals. Build and maintain an enterprise security framework (NIST CSF, 405D, ISO 27001, HITRUST, etc.). Advise executive leadership and the Board on security posture, threats, and mitigation plans. Manage the information security budget and security technology investments. Risk Management & Compliance Lead enterprise risk assessments and prioritize mitigation initiatives. Ensure compliance with HIPAA/HITECH, GDPR, and other relevant data privacy regulations. Oversee creation and enforcement of security policies, procedures, and standards. Direct internal and external audit readiness and remediation (HITRUST, SOC 2, etc.). Manage a robust vendor and third-party risk management program. Security Operations & Incident Response Lead security operations, including threat/vulnerability management, IAM, SIEM, and endpoint protection. Oversee development and testing of Incident Response, Disaster Recovery, and Business Continuity plans. Serve as executive incident manager during security events, breaches, and investigations. Ensure security of EHR systems, medical devices, and clinical technologies. Team Leadership & Security Culture Build and lead a strong GRC and SecOps team. Drive organization-wide security awareness and training initiatives. Partner with IT, Clinical Operations, Legal, HR, and other departments to embed security into systems and workflows. Required Knowledge & Experience Minimum 7 years of progressive experience in Information Security; senior leadership or CISO-level experience preferred. Strong healthcare industry background, including understanding of EHR systems and PHI protection. Proven expertise in enterprise cybersecurity architecture, IAM, cloud security, and threat detection tools. Demonstrated experience conducting and managing enterprise risk assessments. Education

This position requires that you must be a US Citizen for consideration and meet all Federal Contractor employee requirements. Nomad GCS does not support the H1B Visa for this position. Position: Information Systems Security Manager Columbia Falls or Huntsville Division: Technology Department: Systems Administration Status: Full-Time Overview: Nomad Global Communications Solutions is a leading provider of communication and response products serving a wide variety of customers. Our purpose is to be the solution when every minute matters. We seek a skilled Information Systems Security Manager to join our dynamic IT Team! The Information Systems Security Manager will be responsible for developing and deploying information security strategies for enterprise systems, ensuring alignment with organizational requirements, policies, standards, and procedures. This role involves close collaboration with IT teams to identify vulnerabilities, conduct security control assessments, perform risk analyses, and implement mitigation strategies. The successful candidate will have experience interpreting and applying requirements from government contracts and will contribute to identifying root causes of security issues, prioritizing threats, and recommending corrective actions. They will also stay informed about the evolving cyber threat landscape and current best practices in cybersecurity. In addition, the role includes supporting the creation of enterprise-wide security policies and procedures, conducting vulnerability testing and security assessments, and strengthening the organizations cyber defense posture through gap analysis and validated prevention, detection, and response measures. ESSENTIAL FUNCTIONS / RESPONSIBILITY: Develop and deploy program information security for enterprise systems in alignment with organizational requirements, policies, standards, guidelines, and procedures. Collaborate with IT teams to: Identify system vulnerabilities. Conduct security control assessments. Perform risk analyses and assessments. Develop mitigation strategies for identified security issues. Review and disseminate requirements derived from government contracts. Investigate root causes of security issues and prioritize threats. Recommend and implement corrective actions. Stay current with evolving cyber threats and industry best practices. Support the creation and maintenance of enterprise-wide information security policies, standards, guidelines, and procedures across multiple stakeholder organizations. Conduct vulnerability testing, risk analyses, and security assessments. Enhance organizational cyber defense resilience by identifying gaps and validating prevention, detection, and response strategies. Maintain accurate records of IT-related activities, inventory, and documentation. Stay up-to-date on the latest technologies and security threats. May be involved in planning and implementing new IT projects. Perform other duties as assigned. BASIC KNOWLEDGE DESIRED: Demonstrate understanding and application of Nomad Core Values. Experience implementing NIST 800-171 to meet CMMC standards Understanding of contractual cyber requirements both FAR and DFARs Knowledge of DFARs ************, 7021, and other CMMC related DFARs Experience developing RMF documentation in achieving an Authority to Operate (ATO) Thorough knowledge of: NIST 800 series special publications, FIPS, and other significant federal regulations PHYSICAL DEMANDS: Regular use of hands and arms to manipulate, handle, feel, reach, or operate objects, tools, or controls. Ability to stand and sit for extended periods as required by task assignment. Frequent standing, walking, and sitting throughout the day. Occasionally required to climb, balance, stoop, kneel, crouch, or crawl. Ability to lift and/or move up to 25 pounds frequently and up to 50 pounds occasionally. Assistance required for anything heavier than 50 pounds. Specific vision abilities include close vision, distance vision, peripheral vision, depth perception, and the ability to adjust focus and distinguish colors, necessary for both office tasks and production work. Must have the physical stamina to adapt to varying workload demands and stand or sit for prolonged periods depending on the specific tasks of the day. WORKING ENVIRONMENT: Work is split between a partially environmentally controlled indoor manufacturing area and a professional office setting. Temperatures in the manufacturing area can fluctuate between 60F and 100F, typically maintained around 70F in the office. Exposure to varying noise levels from moderate in the office to loud on the production floor; safety hearing devices provided as needed. Possible exposure to household and commercial chemicals with adherence to safety protocols outlined in Safety Data Sheets (SDS) required. Safety glasses and closed-toed shoes are mandatory when on the production floor. Regular interaction with team members, guests, and clients in a professional setting. Everyday workwear must be business casual/smart casual and appropriate for the office environment. Use of additional personal protective equipment (PPE) such as respirators or protective coveralls may be necessary for specific tasks on the production floor. QUALIFICATIONS & EXPERIENCE: Bachelor's degree or better from an accredited university in the field of Cybersecurity, Computer Science, Information Technology, or a related field. Alternatively, substantial experience in this field may also be considered. 3+ years of cybersecurity experience within a manufacturing or engineering environment. Key industry certification in Cybersecurity, such as CISSP, CISM, GIAC, CRISC, and CISA. Strong proficiency in understanding and implementing NIST standards for CMMC and RMF. IAT Level II certification, required. Knowledge of DevSecOps principles, best practices, and working with software developers, preferred. Experience using software scanning tools like Fortify or Checkmarx during the SDLC and providing guidance to mitigate identified concerns, preferred. Ability to understand not only emerging industry trends as far as cyber security is concerned but also the landscape of emerging threats, making appropriate adjustments within the cybersecurity program. Experience in cybersecurity best practices and risk management. Proficient with MS Office Suite including Excel, Word, and Outlook. Must be able to obtain Secret Clearance, if needed. Nomad GCS is an equal opportunity employer, (EOE,) and voluntarily follows affirmative action guidelines. As an equal opportunity employer, Nomad GCS does not discriminate in its employment decisions on the basis of race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable state and local laws.

Job Details Great Falls Office - Great Falls, MT HybridDescription The role of the Security Architect at MDT is to ensure that security requirements necessary to protect MDT's mission, vision and business processes are adequately addressed. The Security Architect is responsible for designing and implementing comprehensive security solutions and strategies. This role serves as a key security and technical advisor and strategist, partnering with technology, development, and business teams to ensure secure-by-design solutions across the organization's technology landscape. DUTIES & RESPONSIBILITIES Design and implement security controls for cloud, on-premises, and hybrid environments (e.g., AWS, Azure, GCP). Monitor and review cloud service provider security policies to help ensure compliance with organizational requirements. Partner with Enterprise Architects and Development teams to ensure security best practices and principles are embedded in their workflows. Conduct security assessments and risk analysis to identify vulnerabilities and propose mitigation strategies within the Zero Trust framework. Design and implement Zero Trust principles and frameworks to enhance the security posture of our systems and networks. Design and maintain robust CI/CD pipelines with integrated security checks to "shift security left," ensuring vulnerabilities are identified early in the development process. Collaborate with cross-functional teams to define access policies, user authentication mechanisms, and secure connectivity across various environments. Design and collaborate with cross-functional teams to deploy secure SSO solutions with identity providers (IdPs), directory services, and third-party applications for seamless and centralized authentication and authorization across multiple applications and systems. Collaborate with stakeholders to understand business requirements and translate them into effective security controls and solutions. Make recommendations to reduce risks. Supports administration of the enterprise security infrastructure including, but not limited to, the systems supporting: network security monitoring, two-factor authentication, web application firewalls, vulnerability management, endpoint detection and response, data loss prevention, and enterprise logging. Supports incident response processes. Compiles metrics for leadership. Assists in installing, implementing, and maintaining security software. Maintains the availability, patching, and operational functionality of assigned security systems. Evaluates new security tools, products, and solutions for applicability to security needs. Makes recommendations regarding purchase of security products. Ensures MDT's reputation is maintained internally and externally. Ensures appropriate levels of security and confidentiality are always maintained. Acts as a representative of MDT with business and professional organizations and external IT contacts. Keeps management informed of area activities and any significant concerns. Attends and participates in meetings as required. Completes accurate tickets, reports, records, and other documentation as necessary. Stay up to date with industry trends, emerging technologies, and security best practices to proactively identify potential threats and vulnerabilities. Responsible for working with the security team and other departments to ensure work is flowing effectively and timely throughout the organization. Assists in setting department and company standard practices and procedures. Responsible for working with company vendors to ensure the delivery of products or services is successful. Acts as a subject matter expert for co-workers and fosters a culture of continuous learning and cross-training. Assigned to the on-call rotation to support security operations. Stays informed of trends and changes in the information security field. Completes special projects and research studies as required. Keeps work area clean, secure, and well maintained EDUCATION & EXPERIENCE REQUIREMENTS Bachelor's degree in Computer Science or a related field, or an equivalent combination of training and experience in Computer Science. Professional certifications such as CISSP, CISM, CCSK, or CCSP are highly desirable. Ten years of experience as a Security Architect or similar role, with a focus on cloud security and Zero Trust architecture. REQUIRED KNOWLEDGE Strong knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and associated security controls. Experience designing and implementing Zero Trust architectures, including network segmentation, secure access controls, and strong authentication mechanisms. Experience with designing and implementing Secure Access Service Edge (SASE) and Software-Defined Wide Area Network (SD-WAN). Experience with the design and integration of security into the SDLC by implementing secure coding standards, automated security testing (SAST, DAST), and vulnerability scanning. In-depth understanding of SSO protocols and standards (e.g., SAML, OAuth, OpenID Connect) and their implementation. Technical understanding of threat actor attack techniques. Familiarity with security frameworks and standards (e.g., NIST Cybersecurity Framework, ISO 27001, CIS Controls). Excellent analytical and problem-solving skills, with the ability to assess complex security requirements and recommend appropriate solutions. Effective communication and interpersonal skills to collaborate with cross-functional teams and communicate security concepts to non-technical stakeholders. Self-motivated and ability to meet deadlines with minimal supervision. Well organized and attentive to detail. Strong leadership abilities. Project management skills. Ability to maintain confidentiality. WORKING CONDITIONS Special No hazardous or significantly unpleasant conditions (such as in a typical office). Additional hours, including on-call with Saturday/Sunday support, as required. Long duration of computer workstation usage. INTENT AND FUNCTION OF S s assist organizations in ensuring that the hiring process is fairly administered and that qualified employees are selected. They are also essential to an effective appraisal system and related promotion, transfer, layoff, and termination decisions. Well-constructed job descriptions are an integral part of any effective compensation system. All descriptions have been reviewed to ensure that only essential functions and basic duties have been included. Peripheral tasks, only incidentally related to each position, have been excluded. Requirements, skills, and abilities included have been determined to be the minimal standards required to successfully perform the positions. In no instance, however, should the duties, responsibilities, and requirements delineated be interpreted as all inclusive. Additional functions and requirements may be assigned by supervisors as deemed appropriate. In accordance with the Americans with Disabilities Act, it is possible that requirements may be modified to reasonably accommodate disabled individuals. However, no accommodations will be made which may pose serious health or safety risks to the employee or others or which impose undue hardships on the organization.

About the Role Beograd Belgrade * Country: PORTUGAL Remote vs. Office Office/Site only Company Siemens Energy d.o.o. Beograd Organization EVP Global Functions Business Unit Digital Core Full / Part time Full-time Experience Level Experienced Professional A Snapshot of Your Day The SE Data Leakage Prevention Specialist is responsible for safeguarding Siemens Energy's sensitive data from unauthorized access, use, disclosure, disruption, modification, or destruction. This role involves implementing and managing data leakage prevention (DLP) solutions, monitoring data activities, and ensuring compliance with data protection policies. The specialist will work closely with various departments to protect data across all endpoints and networks. How You'll Make an Impact * Deploy and manage DLP solutions across Siemens Energy's IT infrastructure, including endpoint clients, servers, and cloud environments * Monitor and analyze data activities to detect and prevent unauthorized data transfers and leaks * Define and manage the Data Leakage Prevention process, drive process improvements * Develop and enforce data protection policies and procedures to ensure compliance with regulatory requirements and internal standards * Implement global and specific policies to monitor data sharing outside the Siemens Energy ecosystem, including printing, USB transfers, emails, and web uploads * Respond to and investigate data leakage incidents, providing detailed reports and recommendations for remediation * Utilize metadata logged by DLP solutions to support incident management and forensic investigations * Work with IT, legal, and compliance teams to ensure data protection measures are aligned with business objectives and regulatory requirements * Collaborate with external providers and collaborators to address and resolve data leakage issues * Promote awareness of data protection practices and the importance of safeguarding sensitive information What You Bring Passion for renewable energy and a sense for the importance to lead the change. We are also looking for… * Bachelor's degree in Cybersecurity, Information Technology, or a related field. * Proven experience in data protection and DLP solutions. * Familiarity with DLP tools and technologies, such as Microsoft Purview. * In-depth knowledge of data protection regulations and standard methodologies. * Excellent communication and collaboration skills. * Knowledge of industry standards and best practices for data protection. * Certifications such as CISSP, CISM, or CEH are a plus. * Fluent in English (C1). Who is Siemens Energy? At Siemens Energy, we are more than just an energy technology company. With ~100,000 dedicated employees in more than 90 countries, we develop the energy systems of the future, ensuring that the growing energy demand of the global community is met reliably and sustainably. The technologies created in our research departments and factories drive the energy transition and provide the base for one sixth of the world's electricity generation. Our global team is committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible. We uphold a 150-year legacy of innovation that encourages our search for people who will support our focus on decarbonization, new technologies, and energy transformation. Find out how you can make a difference at Siemens Energy: ******************************************** Our Commitment to Diversity Lucky for us, we are not all the same. Through diversity we generate power. We run on inclusion and our combined creative energy is fueled by over 130 nationalities. Siemens Energy celebrates character - no matter what ethnic background, gender, age, religion, identity, or disability. We energize society, all of society, and we do not discriminate based on our differences. ************************************

**_Job Title:_** Lead Adversarial Security Engineer **About** **Trellix:** **Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.** Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at ************************ . **_Role Overview:_** Trellix is seeking an Adversarial Security Engineer to lead the evolution of its cybersecurity posture. This is a senior, hands-on, remote-first role for a red/blue/purple expert who possesses a valuable blend of offensive tradecraft and defensive-engineering skills. **Role Overview:** As a lead member of the security operations team, and reporting to the Deputy CISO the mission of this role is to bridge the gap between "what if" and "what is" to continuously test the organization's defenses, find gaps, and personally lead the engineering effort to close them. By collaborating with the Security Operations Center (SOC), Threat Intelligence, and infrastructure teams, this expert will act as a force multiplier, mentoring junior security operations staff and providing the technical leadership to measurably improve the ability to detect and respond to advanced threats. **About the role:** + Plan and execute sophisticated, end-to-end red team engagements against our on-premise and cloud infrastructure. + Develop and validate new detection logic, transforming the results of your own attacks into high-fidelity alerts. + Lead continuous purple team exercises, acting as the primary bridge between the SOC, Threat Intelligence, and Detection Engineering teams. + Leverage Attack Surface Management (ASM) data to find "Shadow IT" and prioritize your offensive operations based on the most likely and impactful attack vectors. + Act as a senior technical leader, mentoring SOC analysts and junior engineers on advanced attack chains, detection theory, and defensive best practices. + Communicate complex findings and remediation strategies to a wide range of stakeholders, from highly technical engineers to executive leadership. **About you:** + You have a blended career path of 7+ years, demonstrating experience in both offensive security (like Red Teaming) and defensive operations (like Detection Engineering or Threat Hunting). + You possess exceptional communication skills, with an ability to create reports and presentations for both highly technical and executive audiences. + You are a U.S. citizen. + Your technical expertise is built on a deep, practical understanding of frameworks like MITRE ATT&CK and the Diamond Model. + You have proficiency in modern offensive tools and C2 frameworks (e.g., Cobalt Strike, Metasploit) and/or experience developing custom attack methods to evade EDR and network controls. + You are proficient in writing, tuning, and validating detection logic in SIEM and EDR platforms. + Your knowledge of automation is clear from your proficiency in any scripting languages such as Python or PowerShell. + You have practical experience assessing and defending modern cloud environments. + You may hold advanced offensive (e.g., OSCP, OSEP, GXPN) or defensive (e.g., GCIH, GDAT) certifications. + You may contribute to the community through public-facing research, conference talks, or open-source tools. **_Company Benefits and Perks:_** We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. + Retirement Plans + Medical, Dental and Vision Coverage + Paid Time Off + Paid Parental Leave + Support for Community Involvement We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

We are looking for an Application Security Engineer to join our security team and help us safeguard millions of players and the services they rely on. In this role, you will be responsible for identifying and mitigating security risks across web applications, infrastructure, and internal tools. You will work closely with developers, operations, and other security professionals to integrate security practices into the software development lifecycle and strengthen the company's overall security posture. This position combines hands-on security testing, automation, and tool development, offering the opportunity to directly influence how security is built into our products. You will also have the chance to contribute to security research, penetration testing, and the implementation of cutting-edge solutions to stay ahead of emerging threats. If you are passionate about application security and eager to take on complex challenges in a dynamic environment, this role is for you. Reports to The Application Security Engineer will report to Application Security Team Lead What will you do? * Conduct security audits of internally developed web applications. * Perform internal penetration tests. * Carry out static and dynamic code analysis (SAST/DAST). * Implement, refine, and maintain tools for automatic testing of web applications. * Develop custom tools and solutions to improve the company's overall security. * Contribute to internal research and participate in improving security processes. What are we looking for? * Strong technical knowledge in computer and network security. * Solid understanding of modern operating systems and network protocols (starting from Layer 2). * Hands-on experience with Windows and Unix/Linux systems at the system administrator level. * Knowledge of web application attack vectors and protection methods (OWASP Top 10, common vulnerabilities, exploitation techniques). * Experience with security scanners and an understanding of how they work (e.g., Nmap, Nessus, Burp Suite, nuclei). * Programming skills in Python, .NET (ability to read, analyze, and make corrections). * Willingness to learn additional programming languages used within the company (for developing custom tools). * Knowledge of vulnerability assessment and exploitation techniques. * English at Intermediate level or above (working proficiency). What additional skills will help you stand out? * Russian language skills * Programming skills in Go, Rust, Java in addition to Python/.NET. * Experience with SAST/DAST tools and code security analysis. * Practical experience with cloud security and containerized environments (AWS, GCP, Azure, Docker, Kubernetes). * Understanding of Active Directory security, including common attack techniques and defense mechanisms. * Higher technical education (Computer Science, Information Security, or related). * Security certifications such as OSCP, OSCE, OSWE, CEH, or similar. * Experience in penetration testing of real-world systems. * Participation in Bug Bounty programs. * Published security research, CVEs, or whitepapers. * Experience in CTF competitions. Work mode * Hybrid (2-3 days of work from the office). Benefits Benefits and perks are tailored to the local market and culture. Our benefits in Belgrade include: * Additional vacation days based on years of service at Wargaming: up to 5 days on top of the statutory minimum * Additional paid time off (5 Personal Days, Birthday Leave, Marriage Leave, Compassionate Leave) * Sick Leave Compensation, Maternity Leave Benefits * Premium Private Health Insurance * Career development and education opportunities within the company * English clubs and platform for learning languages * Mental well-being program (iFeel) * Commuting allowance * Company events * FitPass membership * Discounts for employees * Personal Gaming Account * Coffee, fruits, and snacks in the office * On-site canteen with subsidized prices for food and drinks * Seniority Awards * Referral program - you can recommend the best talents to the Company and receive a reward Please submit your CV in English to ensure smooth processing and review. About Wargaming Wargaming is an award-winning online game developer and publisher headquartered in Nicosia, Cyprus. Operating since 1998, Wargaming has become one of the leaders in the gaming industry with 15 offices worldwide, including studios in Chicago, Prague, Shanghai, Tokyo, and Vilnius. Our diverse and multicultural team works together to deliver a top-class experience to millions of players who enjoy Wargaming's titles across all major gaming platforms. Our flagship products include free-to-play hits World of Tanks, World of Warships and World of Tanks Blitz. Please see Wargaming Candidate Privacy Policy for details on how Wargaming uses your personal data.

Your Future. Secured. ISC2 is a force for good. As the world's leading nonprofit member organization for cybersecurity professionals, our core values - Integrity, Advocacy, Commitment, Inclusion, and Excellence - drive everything we do in support of our vision of a safe and secure cyber world. Our globally recognized, award-winning portfolio of certifications provide an independent and globally recognized endorsement of cybersecurity knowledge, skills and experience for all career levels. Our charitable arm, the Center for Cyber Safety and Education, enables ISC2 and our members to serve the public by educating the most vulnerable about cyber risks and empowering access to enter and thrive in the cyber profession. Learn more at ISC2 online and connect with us on Twitter, Facebook and LinkedIn. When you join ISC2, you'll demonstrate your commitment to an inclusive and equitable environment. Your support of the unique perspectives and experiences shared by our global cybersecurity workforce and profession will be recognized. We invite you to take an active role in helping us create a true sense of belonging across our organization - an environment of authenticity, trust, empowerment and connectedness that empowers all of our successes. Learn more. **Position Summary** The Application Security Engineer will be an integral part of the security team and will work cross-functionally with several lines of business to ensure the secure delivery of products and applications. The Application Security Engineer will be expected to attend stand-ups and strategy sessions to identify areas of risk and offer consulting on best practices. The Application Security Engineer will act as a champion and will formalize the integration of application security into our current processes and tools. **Responsibilities** The Application Security Engineer will be expected to facilitate technical design reviews, perform code analysis, offer remediation recommendations, perform manual and dynamic security testing, and document and present all findings. The Application Security Engineer will work closely with the Development, Release, and QA teams to identify and coordinate security testing, validate, test, and vet both internally and externally developed applications. As an Application Security Engineer, you will act as a DevSecOps Engineer that will be responsible for secure application delivery as well as the underlying infrastructure. The Application Security Engineer must be comfortable with securing cloud-based products in environments such as AWS, Azure and Salesforce. Additionally, this position will provide security risk assessments, create threat models and assist the team with vulnerability testing. Additionally, this position manages the ISC2 responsible reporting program that supports the organization's secure application delivery objectives. In addition to the daily duties described, the individual will assist the security engineering team in the management of security technologies administered by the group (e.g., WAF, Firewall, IDS, and SEIM). This would be an "as needed" function, which is primarily to provide coverage for those duties when individuals on the security engineering team are out of the office for training or vacation. Additionally, the Application Security Engineer will be expected to participate in the Incident Response team and act as a Subject Matter Expert when dealing with the continuity of our operations and when responding with cyber incidents. + Conduct security assessments: Perform comprehensive security assessments of applications, including static code analysis, dynamic application testing, and penetration testing. Identify vulnerabilities, weaknesses, and potential attack vectors. + Secure code review: Review application source code to identify security flaws, such as insecure authentication mechanisms, input validation vulnerabilities, and potential injection attacks. Provide recommendations for remediation and best practices for secure coding. + Threat modeling: Collaborate with development teams to identify and assess potential threats and risks associated with the application. Use threat modeling techniques to prioritize security controls and countermeasures. + Develop and implement security controls: Design, develop, and implement security controls and countermeasures to protect applications against common security threats, such as cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection. Implement secure coding practices and security guidelines. + Vulnerability management: Establish and maintain a vulnerability management program for applications. Track and prioritize vulnerabilities based on their severity and impact. Coordinate with development teams to ensure timely remediation of identified vulnerabilities. + Security testing automation: Develop and maintain automated security testing tools and scripts to streamline the application security testing process. Integrate security testing into the continuous integration and deployment (CI/CD) pipeline. + Security training and awareness: Conduct security training and awareness programs and determine skills training needs for development teams, promoting secure coding practices andawareness of common security vulnerabilities. Stay updated with the latest security trends, attack techniques, and best practices. + Incident response: Provide support during security incidents or breaches related to applications. Participate in incident response activities, including containment, investigation, and remediation. + Compliance and regulatory requirements: Ensure that applications adhere to relevant security compliance standards, industry regulations, and data privacy requirements (e.g., GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability)). Collaborate with compliance teams to address any compliance-related concerns. + Security documentation and reporting: Prepare and maintain security documentation, including security policies, procedures, and guidelines. Generate periodic reports on the security posture of applications and present findings to relevant stakeholders. Other responsibilities include: + Maintain and manage all pipelines from a security perspective. + Onboard new pipelines for security tooling. + Keep pipeline diagrams up to date with current security details. + Serve as the primary SME for the DAST scanner.This includes configuration, testing, vulnerability management, and remediation oversight. + Recommend continuous improvements for the SAST scanner. + Security code release approvals + Maintain and manage the WAF, including signatures, configuration, and threat intel feeds. + Serve as the SME and provide recommendations for ongoing improvements. + Establish baseline WAF signatures for XD Prod following the Silverline migration. + Baseline WAF signatures after code releases. + Serve as the primary point of contact for vetting bug reports and managing the informed disclosure process. + Assist with attestation data gathering. + Support and assist with threat modeling. + Act as the formal backup for the threat modeling and attestation processes. + Review and approve Security Assessment Review reports as needed. + Perform other duties as required. **Behavioral Competencies** + Ability to demonstrate and support the ISC2 Core Values: Integrity, Excellence, Inclusion, Advocacy and Commitment + Function as an architect, who can conduct architecture reviews of new systems and solutions. + Serve as a builder who can build and integrate application security in our SDLC. + Act as a collaborator, who likes to engage with the team and the industry. + Serve as a team player, who will jump in and assist in other security functions as needed. + Function as a leader, who will use your knowledge and to train and guide developers and engineers. + Demonstrate a passion for application security, creative and critical thinking, strong analysis skills, the ability to work in a fast-paced environment, and have familiarity with agile, continuous integration, and continuous deployment. + Experience in securing SaaS-delivered offerings in multiple cloud environments deployed with automation & orchestration. **Qualifications** + Ability to write some code, as needed, to conduct security-focused testing. + Application Experience with common testing tools such as Veracode, Fortify, Zap, Burp, and fiddler, among others. + Application Understanding of common vulnerabilities & remediation. + Application Knowledge and understanding of automation and scripting languages. + Design & code review skills. + A solid understanding of Microsoft platforms such as .NET, Windows, C#, Azure. + General Knowledge of cloud security, API (Application Programming Interface) security, and associated best practices. **Education and Work Experience** + Bachelor's degree in computer science, information systems, related engineering field. Will consider a high school diploma and 10+ years of relevant work experience, as well as current additional credentials (CCSP, GDSP, etc..) in lieu of a degree. + A CISSP and CSSLP are required for this position. + 8+ years of experience in Information Security. + 8+ years of experience with static and dynamic analysis for coding and vulnerability identification and remediation. + 5+ years of Secure Development experience. + Application Experience with implementing Secure Development Lifecycle in an agile environment. + First-hand experience with architectural reviews, application reviews, and penetration testing. + Application Experience with Continuous Integration processes, particularly with building security practices into the pipeline. **Physical and Mental Demands** + Ability to travel up to 10% of time. May also include overnight travel. + Work extended hours, when necessary. + Work in an office environment using dual monitor computer screens. + Sitting for extended periods. **Equal Employment Opportunity Statement** All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic as protected by applicable law. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. **Job Locations** _US-Remote_ **Posted Date** _2 weeks ago_ _(11/19/2025 1:29 PM)_ **_Job ID_** _2025-2253_ **_\# of Openings_** _1_ **_Category_** _Information Security_

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures. **Responsibilities** Responsible for advanced planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures. Provides technical advice and direction to support the design and development of secure architectures. May participate in an incident management team, bringing advanced-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander of serious incidents. Develops new methods, and playbooks, as well as sophisticated scripts, applications, and tools, and trains others in their use. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as incident commander of serious incidents. Participates in developing new methods, playbooks throughout Oracle. Evaluates existing and proposed technical architectures for security risk, provides technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling. Brings advanced-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, and where computer programming/scripting knowledge is required. Work with Senior management to develop and implement a multi-year security roadmap Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

As part of Meta Security, our Insider Trust team is dedicated to identifying and responding to insider threats that target our data. Our mission is to detect, investigate, and mitigate damage caused by insider threats. We handle a wide range of abuse cases, including misuse of user data, intellectual property theft, and leaks of sensitive information.We are seeking an experienced Security Engineer to join the team. This role involves investigating, hunting, and automating internal signals to detect malicious activities related to insider threats. **Required Skills:** Security Engineer Investigator, Insider Trust Responsibilities: 1. Perform analysis, and threat hunting from a variety of log sources (e.g., individual host logs, network traffic logs) to identify potential insider threats 2. Create workflows and automations to streamline signal detection, threat hunts, and investigative processes 3. Collaborate with software and production engineering teams to build scalable and adaptable solutions for insider threat investigations 4. Identify gaps in our infrastructure and work with cross-functional partners to improve visibility through logging and automation 5. Build operational workflows and actions to auto-resolve false positives and provide context, scaling investigation capabilities 6. Prioritize efforts to maximize impact by enhancing visibility, automating processes, and scaling investigative capabilities 7. Coach, mentor, and support team members to foster long-term career growth, job satisfaction, and success **Minimum Qualifications:** Minimum Qualifications: 8. Bachelor's degree in Computer Science, Engineering, or equivalent experience 9. 5+ years of experience in Detection & Response Engineering, Insider Threat, or a similar Security Engineering role 10. Technical and procedural expertise in conducting security investigations, including response, forensics, and large-scale log analysis 11. Experience with attacker tactics, techniques, and procedures 12. Proficiency in coding or scripting in one or more general-purpose programming languages **Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

As a key member of Oracle Cloud Infrastructure's (OCI) Security Organization, you will play a critical role in safeguarding the cloud and broader enterprise from adversaries and insider threats. As our team continues to grow and expand into ambitious new initiatives, we seek a **Consulting Security Engineer** to lead and contribute to critical security engineering imperatives. In this highly visible role within the OCI and Infrastructure Security, you will research, innovate on, and design engineering/ process solutions. You will tackle broad security initiatives across cloud, product, and infrastructure security topics such as AI, Hardware, Network, Cryptography. You will partner closely with Cloud Security leadership and collaborate across OCI and broader Oracle business operations and leadership teams to drive security excellence. Success in this role requires a results-driven, self-starter with a strong sense of ownership, accountability, and the ability to influence and engage with senior security and technology leaders and their engineering teams. The ideal candidate brings deep expertise in security engineering, networking, and cloud computing. Strong executive communication, stakeholder engagement, attention to detail, and problem-solving capabilities are essential to thrive in this role. This is a high-impact, strategic position that offers the opportunity to shape the future of OCI and make a lasting impact across the cloud security ecosystem. **Responsibilities** Key Responsibilities: + **Security Deep Dive** : Investigate the security posture, controls, and risks associated with complex architectures and lifecycle management. + **Security Innovation** : Drive security innovation across legacy and nascent product and cloud services. + **Data-Driven Decision Making** : Analyze and interpret complex datasets using scripts, Python, or other analytics tools to identify trends, generate insights, and provide actionable recommendations to leadership. + **Global Stakeholder Collaboration** : Establish strong relationships with cross-functional partners and senior leadership to align cybersecurity initiatives with business objectives. + **Cross-Functional Communication** : Facilitate clear, concise communication across teams, ensuring alignment on key priorities and enabling effective decision-making at all levels. + **Executive Reporting & Presentations** : Develop high-impact reports, dashboards, and presentations tailored for senior leadership, ensuring clarity, professionalism, and strategic insight. + **Strategic Planning & Execution** : Define project requirements, establish roadmaps, and manage execution for complex cybersecurity programs, balancing long-term strategy with immediate business needs. + **Issue & Risk Management** : Identify, assess, and mitigate program risks and blockers, ensuring continued progress toward cybersecurity and operational goals. + **Security Program Oversight** : Oversee multiple security initiatives, ensuring alignment with organizational security objectives and compliance requirements. + **Problem Solving & Critical Thinking** : Leverage data-driven methodologies to solve complex business and technical challenges, optimizing cybersecurity operations for effectiveness and efficiency. + **AI Enablement** : Help innovate and drive AI capabilities to streamline security operations and create security insights. + **Security Tooling:** Collaborate with cross-functional teams to enhance security tooling, CI/CD pipelines and tools, ensuring alignment with OCI's cloud strategy and compliance requirements. + **Industry Policies:** Partner with stakeholders to define and implement policies that align with industry best practices and compliance standards. + **Security by Default:** Implement closed-loop mechanisms to continuously improve security by default. Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures. + **Emerging Security Trends:** Stay informed about emerging technologies and industry trends, integrating new software solutions to strengthen risk reduction strategies. + **Security Mentoring:** Guide and mentor junior security team members. Additionally: Responsible for expert planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures. Evaluates existing and proposed technical architectures for security risk, provides expert technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling. Provides expert technical advice and direction to support the design and development of secure architectures. Maintain expert proficiency in emerging trends in information security. Determine the best practices for the large-scale Big Data infrastructure used by some Oracle LOBs, including tooling, data architecture, and content. May lead incident management teams and provide expert level incident management expertise. Coordinates incidents with other business units and may act as incident commander of multiple serious incidents. Leads development of new methods, playbooks and provide thought-leadership related to incident management throughout Oracle. May provide leadership in an incident management team, bringing expert-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander on multiple serious incidents. Leads development of new methods, and playbooks, as well as highly sophisticated scripts, applications, and tools. Trains and mentors other staff, and may supervise incident management teams. Brings expert-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, but no computer programming/scripting knowledge is required. Leads development of highly sophisticated scripts, applications, and tools, and trains others in their use. Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $120,100 to $251,600 per annum. May be eligible for bonus, equity, and compensation deferral. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC5 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.