Information security analyst jobs in Morrisville, NC - 112 jobs

Surescripts serves the nation through simpler, trusted health intelligence sharing, in order to increase patient safety, lower costs and ensure quality care. We deliver insights at critical points of care for better decisions - from streamlining prior authorizations to delivering comprehensive medication histories to facilitating messages between providers. Job Summary: The Director Business Information Security Officer (BISO) reports to the VP, Chief Information Security Officer (CISO) and acts as the primary liaison between Surescripts business units and the Information Security team. The BISO is responsible for understanding the unique business needs and risks of the organization and aligning them with security strategies and initiatives. The BISO plays a critical role in ensuring new products are launched with information security requirements embedded that align with company and information security policies and standards. The BISO will aid in the development, implementation and awareness of information security policies, manage risk, and ensure compliance with regulatory requirements. The BISO plays a crucial role in fostering a culture of security awareness and ensures that security measures are integrated into business processes. The BISO will be responsible for day-to-day operations to support and augment the CISO's overall responsibilities. The BISO plays a key leadership role in supporting the business and external customers. The BISO ensures business decisions are not obstructed by cybersecurity but instead are made using sound security principles and supporting corporate security policies and plans. Responsibilities: * Serve as a trusted advisor to the business on information security matters. * Work closely with Information Security leadership overseeing Identity and Access Management, Fraud and Crisis Management, merger and acquisition activities and any new business initiatives. * Keep abreast of current activity within the IAM and Fraud and Crisis teams and partner with team members for success. * Foster strong, collaborative relationships with internal business partners and external entities to maintain a strong network. * Enforce and influence strong security culture set forth by the CISO, ensuring uniformity across business units and employees. * Advise organization on enterprise-wide process and technology security recommendations. * Proactively gather and share pertinent information to effectively lead/engage in daily information security operations. * Lead the development and execution of crisis management plans and procedures. * Collaborate with external health care technology vendors, pharmacy partners, law enforcement, governmental entities and / and IT teams to ensure secure e-prescribing processes are being followed. * Assist with creating the Information Security department budget, monitoring expenditures, and ensuring alignment with the overall department budget. * Review customer contracts for appropriate information security language and requirements in partnership with Commercial Legal and Procurement. * Hold security leadership and teams accountable to consistently learn and share advanced knowledge and practices that promote excellence with the information security teams. * Maintain an up-to-date level of knowledge relating to security threats, vulnerabilities, and mitigations set forth to reduce the corporate attack surface. * Lead security projects and ensure they are delivered on time and within budget. * Proactively identify and remove complexity and obstacles that hinder efficient security controls enterprise wide. * Stay abreast of new laws, regulations, and standards, and assess their impact to the business. * Perform security due diligence for mergers, acquisitions, divestitures, and any new business initiatives. * Serve as the CISO representative when the CISO is not available, including making decisions usually made by the CISO. Qualifications: Basic Requirements: * Bachelor's degree in business administration, information assurance, or related technical field * 10+ years of related, progressive experience in cybersecurity management with at least 8+ years in an operationally focused security practitioner role. * 5+ years' experience working with business leadership and with fiscal responsibilities. * 3+ years' experience working with product and/or data teams to ensure that security is woven into each product based on company policies and standards. * 3+ years of experience handling tough conversations with customers. * 3+ years of people management/leadership experience. * Strong written and verbal communication skills across all levels of the organization. * Driven to build a strong, cohesive team and positive enterprise-wide security culture. * Proven high integrity, trustworthiness and confidence, and ability to represent the company and security leadership with the highest level of professionalism. * Ability to effectively manage stress in a constantly changing environment. * Strategic vision and ability to successfully collaborate with and influence others. * Strong project management and organizational skills. * Proven experience with National Institute of Technology (NIST) standards or California Consumer Privacy Act (CCPA) or Health Information Portability and Accountability Act (HIPAA) or HITRUST or SOC2 * Demonstrated understanding and comprehension of a wide range of cybersecurity solutions. Preferred Qualifications: * Master's or other advanced degree (MBA, information assurance, computer science, etc.) * 8+ years of related security systems administration. * Relevant certification/s such as CISSP, CISM, CRISC, CISA, or similar. * Experience with agile methodology and ability to negotiate to get work prioritized. * Experience using AI for business improvements. * Experience in a similar role with large, complex organization/s. * Experience in the healthcare industry. Travel: Within the U.S. as needed for meetings etc. #LI-REMOTE Surescripts embraces flexibility through its Flexible Hybrid Work model for most positions. This model allows employees to work virtually while still utilizing our offices as collaboration centers. With alignment and agreement from your leadership, you can come and go from the office as needed. To be considered for employment, applicants must have a valid U.S. work authorization allowing work without restrictions with Surecripts in the U.S. At this time, we are unable to provide support or provide sponsorship for immigration benefits such as work visas. Additionally, we do not participate in academic training programs or work-study programs through an academic institution that require employer endorsement of F-1/CPT or F-1/STEM. What You're Like You're technical. Analytical. Imaginative. Maybe you're building your own crypto-mining rig-or not. Either way, your mind works to anticipate vulnerabilities and protect the company and its information against those vulnerabilities. You do the right thing because it's the right thing without seeking to point fingers or brag. And of course, you're always willing to keep learning. What We're Like We're a team of friendly folks who do serious work. Our best work is done by rising to the occasion under stress, but we keep each other cool under pressure. We're a tight team but we also look for ways to partner across the business. Our style is casual and laid back, but we shoulder our responsibility to protect patient data from sophisticated adversaries, which sometimes means delivering a difficult truth. What the Work is Like Our challenge is to protect our customers' data and our company. This requires anomaly analysis, risk reviews, pen testing of our controls, red-teaming and tabletops, policy and procedure work, documentation, and audits. We also engineer and maintain our security products and tools. It's not always a typical 9-to-5 gig, of course, but then again, you work in information security, so you already know that. Why Wait? Apply Now We're a midsize company. This means you're not just another employee ID number. Here, you can build real relationships and feel supported by truly awesome people with diverse backgrounds and talents in an innovative and collaborative work culture. We strive to create an environment where you can be yourself, share your ideas and work your way. We offer opportunities for employee development, as well as competitive compensation packages and extensive benefits. At Surescripts, base pay is one part of our Total Rewards Package (which may also include bonus, benefits etc.) and is determined within a range. The base pay range for this position is $199,900 - $244,300 per year. Your base pay may vary within or outside of this range depending on a number of factors, including (but not limited to) your qualifications, skills, experience, and location. Benefits include, but are not limited to, comprehensive healthcare (including infertility coverage), generous paid time off including paid childbirth and parental leave and mental health days, pet insurance, and 401(k) with company match and immediate vesting. To learn more, review the Keep You and Yours Healthy, Balancing Work and Life, and Where Talent Takes Shape links under the Better Benefits. Better Work. Better Life section of our careers site. Physical and Mental Requirements While performing duties of this job, an employee may be required to perform any, or all of the following: attend meetings in and out of the office, travel, communicate effectively (both orally and in writing), and be able to effectively use computers and other electronic and standard office equipment with, or without, a reasonable accommodation. Additionally, this job requires certain mental demands, including the ability to use judgement, withstand moderate amounts of stress and maintain attention to detail with, or without, a reasonable accommodation. Surescripts is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate on the basis of race, color, religion, age, national origin, ancestry, disability, medical condition, marital status, pregnancy, genetic information, gender, sexual orientation, parental status, gender identity, gender expression, veteran status, or any other status protected under federal, state, or local law.

Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada. With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company. Procom's areas of staffing expertise include: • Application Development • Project Management • Quality Assurance • Business/Systems Analysis • Datawarehouse & Business Intelligence • Infrastructure & Network Services • Risk Management & Compliance • Business Continuity & Disaster Recovery • Security & Privacy Specialties• Contract Staffing (Staff Augmentation) • Permanent Placement (Staff Augmentation) • ICAP (Contractor Payroll) • Flextrack (Vendor Management System) Job Description Sr. Security Analyst On behalf of our client, Procom Services is searching for a Sr. Security Analyst for a contract opportunity in Durham, NC. Sr. Security Analyst Job Details Responsible for user account administration in a multi-platform environment and ensure that administration procedures are aligned with overall Information Security policies and standards. Assist in the development of access controls to safeguard customer systems against accidental or unauthorized modification, destruction or disclosure. Maintain user access to securable customer system resources (UNIX, OS390 Mainframe, iSeries, Windows / Active Directory, Outlook Exchange) performing tasks such as: creation / configuration of user logon Ids and updating access control lists, access provisioning and access removals and access terminations. Perform detailed analysis of access requests/processes and provide recommendations for improvement to senior team members and Information Security management. Educate information / resource owners in the implementation of necessary information security controls. Perform standard and non-standard processing of security authorization requests. Work with resource owners to determine appropriate security policies for securable customer resources. Provide on-call support for after-hours system access issues and troubleshoot system access problems and failures. Report suspected information security misuse to manager or director. Assist resource owners and IT staff in understanding and responding to security access exceptions. Sr. Security Analyst Mandatory Skills - Bachelor's degree in Computer Science. - 2 years of security administration experience, or related technical system administration experience. - In lieu of degree 5 years of security administration experience. - Familiarity with audit and risk-related methodologies; such as COBIT and HIPAA. - Systems administration experience within other aspects of IT - Demonstrated security administration experience on two or more platforms (UNIX, OS390 Mainframe, iSeries, Windows / Active Directory, Outlook Exchange) - Demonstrated experience working with a managed services organization. - Demonstrated experience working with a request ticketing system, such as Triole. - Strong analytical and problem-solving skills. - Ability to present and discuss technical information to users with varying technical expertise. - Proven ability to work under stress in emergencies. Flexibility to handle pressure from many directions simultaneously. - Must be detail-oriented with a high level of accuracy. - Excellent written and verbal communication skills. - Demonstrated ability to develop and maintain collaborative working relationships across multiple teams. - Strong customer focus and the ability to manage customer expectations. - Must have strong team-oriented interpersonal skills and the ability to effectively interface with a wide variety of people. - Demonstrated commitment to continuous process improvement. - CISSP, CISA, or other security / audit / field related certifications a plus Sr. Security Analyst Start Date ASAP Sr. Security Analyst Assignment Length 7+ months Additional Information All your information will be kept confidential according to EEO guidelines. Please send your resume in Word format only.

Challenge Yourself and Impact the Future! Element Solutions Inc (NYSE:ESI) is a leading specialty chemicals company whose operating businesses formulate a broad range of solutions that enhance the performance of products people use every day. Developed in multi-step technological processes, our innovative solutions enable our customer manufacturing processes in several key segments, including electronic circuitry, communication infrastructure, automotive systems, industrial surface finishing, and offshore energy. Customers of our businesses use our innovation as a competitive advantage, relying on us to help them navigate in fast-paced, high-growth markets. For example, in-care technology, from infotainment to driver assistance, is accelerating the paste of new product development and automotive markets, and with a deep market expertise in electronics, we sit at the intersection of the fast-growing market, changing the competitive playing field for automotive manufacturers, with a long-standing presence. We strive to embody the five 'Elements of our Culture'- our '5C's'; Challenge, Commit, Collaborate, Choose, and Care. These core values are the foundation of our organization which our employees embrace in their interactions with customers, colleagues and other stakeholders, to drive financial performance and create a rewarding work environment. Who are we looking for? The Senior Information Security Engineer is a critical member of the security operations team, responsible for protecting the organization's infrastructure through advanced security engineering practices. This role focuses on vulnerability management, network security, endpoint protection, and secure access technologies, ensuring a proactive and resilient security posture across all environments. What will you be doing? * Lead the enterprise vulnerability management program, including but not limited to: * Scanning, analysis, prioritization, and remediation tracking. * Perform regular vulnerability assessments using tools such as Tenable, Qualys, or Rapid7, and collaborate with stakeholders to address findings. * Stay informed on emerging threats, vulnerabilities, and technologies relevant to network, endpoint, and access security. * Develop and maintain security metrics and dashboards to track vulnerability trends, network health, and endpoint protection status. * Network Security * Design, implement, and manage network security controls including firewalls, VPNs, IDS/IPS, and segmentation strategies. * Deploy and manage secure access technologies such as Zscaler or Cato Networks to enforce zero trust principles and protect remote connectivity. * Monitor and analyze network traffic for signs of malicious activity or policy violations. * Endpoint Security * Engineer and maintain endpoint security solutions, with hands-on experience in EDR platforms such as CrowdStrike, SentinelOne, or Microsoft Defender for Endpoint. * Collaboration * Collaborate with infrastructure and application teams to ensure secure network and endpoint configurations. * Assist in incident response activities related to network, endpoint, or access-related threats. * Contribute to the development and enforcement of security policies, standards, and procedures. * Mentor junior engineers and contribute to continuous improvement of security operations and architecture. Who are You? * Bachelor's degree in Cybersecurity, Computer Science, or related field. * 5+ years of experience in information security engineering, with strong expertise in vulnerability management, network security, and endpoint protection. * Hands-on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7). * Familiarity with CVSS scoring, patch management processes, and remediation workflows. * Deep understanding of network protocols, architectures, and security technologies (e.g., firewalls, IDS/IPS, VPNs). Preferred but not required: * Experience working in a global organization * Chemical and/or manufacturing industry experience * Industry certifications such as CISSP, CEH, OSCP, GIAC, or CCSP are highly desirable. * Proven experience with EDR platforms such as CrowdStrike, SentinelOne, or similar. * Experience with secure access technologies such as Zscaler or Cato Networks. * Experience with cloud platforms (AWS, Azure, GCP) and hybrid environments. We understand that not all candidates may meet the requirements listed above. If you believe you have the knowledge and experience necessary to excel in this role, we encourage you to apply. What competencies will you need? * Strong analytical and problem-solving skills. * Ability to communicate technical concepts clearly to both technical and non-technical audiences. * Proactive and detail-oriented with a strong sense of ownership. * Excellent organizational and project management abilities. * Ability to work independently and collaboratively in a dynamic environment. We are Offering... As part of our team here, as well as receiving a competitive base salary, you will also participate in a generous performance related bonus plan. In addition, you will also receive a 401k plan with company matching, Life Insurance, and Medical Insurance as well as 9 holidays. The typical base salary range for this position is anticipated to be between $124,587 and $186,881. Innovative - At ESI, we are committed to solving the complex and evolving needs of our customers through innovation and high-quality standards. We are focused on bringing cutting edge and environmentally sustainable solutions to the market. Our people are the critical resource required to make that happen. We support your success by creating a strong, inclusive culture, competitive total rewards, and an appropriate work-life balance. Socially Responsible - We care about what you care about. We respect the individual differences that make up our unique expanding organization. We prioritize both sustainability and social impact in both our business operations and our local communities through our various ESI Cares initiatives and the ESI Foundation. There are many ways to get involved from employee network groups that support your interests and sense of belonging to paid volunteer days. Equal Opportunity Employer All qualified applications will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category applicable under federal, state and local laws. Nearest Major Market: Raleigh

Piper Companies is seeking an Information Security Manager who will be responsible for developing, implementing, and maintaining the organization's information security program. This role ensures the confidentiality, integrity, and availability of data and systems by managing security policies, risk assessments, compliance initiatives, and incident response processes. The candidate will sit 3 days a week on-site in Raleigh, NC. Responsibilities for the Information Security Manager: * Develop and enforce security policies, standards, and procedures aligned with industry best practices * Lead risk assessments and vulnerability management programs * Manage security tools such as firewalls, SIEM, endpoint protection, and DLP solutions * Monitor and respond to security incidents, coordinating investigations and remediation * Lead and mentor a team of security analysts and engineers * Collaborate with IT, DevOps, and business units to integrate security into processes and Qualifications for the Information Security Manager include: * Bachelor's degree in computer science, Information Technology, Cybersecurity, or related field * 7+ years in information security roles, with at least 1-2 years in a leadership position * Certifications such as CISSP, CISM, or equivalent preferred * Strong knowledge of security frameworks (NIST, ISO 27001) * Expertise in network security, cloud security, and IAM Compensation of the Information Security Manager: * $120,000-$165,000 * Comprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave as required by law, and Holidays This job opens for applications on 1/5/2026. Applications for this job will be accepted for at least 30 days from the posting date. Information Security Manager, Risk Assessment, CISSP, CISM, NIST, network security, IAM, cloud security, leadership, firewall, DLP, Compliance, Hybrid #LI-HL1 #LI-HYBRID

Ask IT Consulting Inc. visualizes itself as a leader in IT services and staffing in coming years. With strong dedication and commitment of our employees, we would surpass all our competitors establishing the wider channel of media marketing building a better connection with clients. Job Description Hi, This is Sumit with Ask ITC Inc. which is backed by a $500 million Microtek group company, provides an industry leading blend of technology, business consulting, and outsourcing services. Ask IT is a minority-owed enterprise; it has been founded on providing the highest quality possible and on the devotion to customer satisfaction. Position : Information Security (Guardium) Location : Raleigh NC Duration 12 + Months Short Description: The NCDOT IT Information Security Office (ISO) requires a senior information security professional, specializing in database vulnerability and threat management (VTM) utilizing and administrating IBM Guardium. Complete Description :* The NCDOT IT Information Security Office (ISO) requires a senior information security professional, specializing in database vulnerability and threat management (VTM) and monitoring for all NCDOT IT database systems. A majority of this resource's responsibilities will be vulnerability tool administration, setup and scheduling, vulnerability assessment and risk ranking for critical IT database systems. This resource should possess senior technical skillsets as well as senior soft skills as this resource will lead database VTM efforts and strategy for the agency. This resource should possess senior skillsets in preparing reports and presentations to senior management on the status, rate of improvement and overall efficacy of database VTM and monitoring efforts across an enterprise. This resource must have experience administrating, utilizing and designing implementations of IBM Guardium on mainframe DB2 and distributed systems. Thanks and Regards, Sumit Gupta Technical Recruiter | ASK IT Consulting Inc. Women Owned Minority Certified Enterprise Address: # 33 Peachtree Court Holtsville, NY 11742 Phone: *************** Ext- 4401 Fax: *************** E: sumit.guptaaskitc.com|W: **************

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Description Junior Security Analyst- 3rd Shift The Company: Varonis (Nasdaq: VRNS) is a leader in data security, fighting a different battle than conventional cybersecurity companies. Our cloud-native Data Security Platform continuously discovers and classifies critical data, removes exposures, and detects advanced threats with AI-powered automation. Thousands of organizations worldwide trust Varonis to defend their data wherever it lives - across SaaS, IaaS, and hybrid cloud environments. Customers use Varonis to automate a wide range of security outcomes, including data security posture management (DSPM), data classification, data access governance (DAG), data detection and response (DDR), data loss prevention (DLP), and insider risk management. Varonis protects data first, not last. Learn more at **************** The Role: We are seeking a driven MDDR Security Analyst to join the forefront of our data security mission- working 24x7 to monitor, triage, investigate, and escalate incidents where data is at risk and to ensure we meet operational SLAs. Data is the #1 target of attackers, and Varonis' Managed Data Detection and Response (MDDR) customers entrust our team with the security of their data. They will develop a deep understanding of the Varonis platform and related technologies. This role demands knowledge of security ecosystems (ex. SIEM, SOAR, ITSM, EDR, IPS/IDS, Active Directory, DNS, IAM/PAM, etc.) and enterprise security operations. The Location: We are considering candidates who are located within physical proximity to Raleigh, North Carolina. The Requirements: 1-3 years of experience in cybersecurity Degree or certification(s) in cybersecurity and/or proven ability to execute across cyber security operations disciplines, including monitoring, detection, investigation, and incident response. Proven success in contributing to a team-oriented environment. Strong analytical and creative problem-solving skills. Excellent communication skills (written and oral) and interpersonal skills (colleagues and customers). Attention to detail and the capability to deliver outcomes autonomously. Knowledge of common security technologies and tools including network-based (firewall and IDS), host-based (EDR and AV), data-based (DLP and DSPM), and identity-based (PAM and IAM), gained through experience or study. Knowledge of operational information security disciplines including alert monitoring, threat detection, incident response, security infrastructure management, and system and architecture hardening, gained through experience or study. Demonstrated ability to learn new skills and technologies swiftly. Proficiency in critical thinking and problem-solving for complex issues. The Responsibilities: Monitor and respond to detections within the Varonis platform. Conduct thorough triage of Varonis detections through critical analysis and investigative methodologies. Validate findings and coordinate investigative and response efforts with customers and internal teams. Document and communicate investigative findings effectively, including tracking in CRM and related systems. Assist in the development, documentation, analysis, testing, and modification of Varonis' threat detection systems, playbooks, and runbooks. Logistics: Shifted Schedule: Sunday to Wednesday, or Wednesday to Saturday. 12-hour shifts with one 1-hour break and two 30-minute breaks. Night shift (9pm to 9am EST). 6 weeks of dedicated new hire training. MDDR Security Analysts are expected to complete Sec+ and CySA+ training within their first year. Work visa sponsorship is not available. We invite you to check out our Instagram Page to gain further insight into the Varonis culture! @VaronisLife Varonis is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics

EmTacq specializes in EMployer Talent ACQuisitions, matching the most qualified candidates with the most competitive positions available. We pride ourselves on not just putting bodies in seats, rather matching professionals to their careers. We are headquartered in the Raleigh / Durham, NC area. However, as a recruiting agency we service companies and candidates across the United States. We are your best source for professional, value driven low cost recruitment services. Job Description The Lead Information Security Engineer will be responsible for designing and implementing a process to analyze the design of technology solutions for threats, attacks, and vulnerabilities that could affect the control environment. Must be a subject matter expert (SME) with strong collaboration skills to work with cross functional teams to ensure the design of technology solutions complies with information security policies, and regulatory obligations. The Lead Information Security Engineer must have the ability to identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from a defender's perspective. In this role you must be a positive professional, adaptable, pragmatic, and who is comfortable in delivering clear and concise information at both a technical and managerial level. Responsibilities: Design and implement a process to analyze the design of technology solutions for threats, attacks, and vulnerabilities that could affect the client's control environment. Review and approve security configuration checklists (e.g., hardening or lockdown guides) for technology platforms and solutions (e.g., operating systems, databases, firewalls, etc.) Provide security consulting services internally to the engineering organization by giving guidance and functioning as an information security SME. Must have the ability to identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from a defender's perspective. Qualifications Required Experience *5+ years of experience in one or more of the following information security domains: access management, cryptography, data loss prevention (DLP), emerging technologies (i.e., cloud, mobile, etc.), endpoint security, incident response, malware analysis and protection, network and perimeter security, or web and mobile application security. *5+ years of experience analyzing the design of technology solutions using common industry frameworks such as DREAD, SSE-CMM (ISO/IEC 21827), STRIDE, or other risk assessment models. *5+ years of working knowledge of various industry security standards and frameworks including: ISO 27001, ISF Standard of Good Practice (SoGP), NIST Special Publications, etc. *5+ years of working knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses. *Teamwork and communication skills, both written and verbal. Preferred Experience *Bachelor's degree in Computer Science, Information Systems, or related field. 8+ years of equivalent work experience required in lieu of degree is acceptable. *Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, CEH, or other relevant industry certification strongly preferred. Additional Information Equal Employment Opportunity Our client is proud to be an equal opportunity/affirmative action employer. We are committed to attracting, retaining and maximizing the performance of a diverse and inclusive workforce. It is their policy to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, creed, religion, national origin, alienage or citizenship status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information or any other basis protected by law.

Who We Are: Bandwidth, a prior “Best of EC” award winner, is a global software company that helps enterprises deliver exceptional experiences through voice, messaging, and emergency services. Reaching 65+ countries and over 90 percent of the global economy, we're the only provider offering an owned communications cloud that delivers advanced automation, AI integrations, global reach, and premium human support. Bandwidth is trusted for mission-critical communications by the Global 2000, hyperscalers, and SaaS builders! At Bandwidth, your music matters when you are part of the BAND. We celebrate differences and encourage BANDmates to be their authentic selves. #jointheband What We Are Looking For: The mission of the Security Operations team is to build, deploy, and operate information security systems, infrastructure, and tools. The Senior Security Engineer will act as a leader in monitoring, administration, ticketing and support. In addition, mentoring other security team members in operations functions, as well as assisting management in growing and maturing security detection, monitoring and response. As a Senior Security Engineer, you will work closely with not only other Information Security teams but also partner with the IT, development and architecture organizations. You will be part of a talented team of security professionals who demonstrate superb technical competency, delivering mission critical infrastructure and ensuring the highest levels of availability, performance and security across the enterprise. What You'll Do: Provide technical and operational leadership for aspects of security operations, security architecture and security tools administration. Serve as an escalation point in incident response scenarios; acting as the incident lead and conducting investigations and forensics as needed. Actively engages in the performance of Incident Response activities, including but not limited to, triage, escalation, conducting post-mortem and lessons learned, as well as remediation tracking. Displays a strong knowledge and understanding of the utilization of various security tools include SIEM, SOAR, vulnerability scanners, CSPM, and EDR Advanced understanding of securing both cloud-based (AWS, GCP) and on-prem workloads including traditional architecture design and containerized environments. Identify gaps in current monitoring or operational processes and workflows, and recommend changes or enhancements to improve efficiency through security best practices.. Provide security consulting on medium to large scale projects for internal clients to ensure conformity with corporate information, security policy and standards Drive vulnerability management and remediation efforts - prioritizing issues, implementing mitigations, and designing strategic preventative and compensating controls Drives process improvement and control implementation projects in coordination with the other Enterprise teams Engages with neighboring Bandwidth technology teams to drive awareness and compliance to security policies and standards Participate in security on-call rotation, supporting off-hours general security incidents and production systems. Maintain working relationships with business partners to understand business processes, and the impact of implementing security controls in their ability to do business Train and mentor team members for security operations, support, and/or administration tasks What You Need: Education: Degree in an IT or Information Security discipline or other equivalent combination of education and/or experience that is focused on IT Security and Technology Operations. One or more of the following certifications: GIAC Information Security Professional (GISP) Certified Information Systems Security Professional (CISSP) AWS Certified Security Specialty Experience: 5 or more years of specific Security Operations experience required. 5 or more years SIEM, SOAR and vulnerability management experience, including integrating endpoints 3 or more years of incident response experience across a variety of environments and resource types: on-prem, cloud, endpoints, servers, containers, etc. Knowledge: Familiarity with cutting-edge security technologies such as Zero-Trust Network Access, SSO, Endpoint Detection and Response (EDR), and Security Incident and Event Management required (SIEM). Experience working in multi-cloud organizations utilizing cloud security posture management (CSPM) and cloud-native security tools with a “shift-left” DevSecOps mentality Experience working with a third-party Managed Security Service Provider (MSSP) Skills: Proficient in Windows and Linux operating systems. Ability to analyze a complex technical environment and quickly build a conceptual understanding of how the pieces all fit together Proficient in automation and scripting languages (Python, Bash, etc) Ability to analyze and correlate information from multiple sources to determine and articulate potential risk to the business in non-technical terms. Team player with strong communication skills, ability to collaborate with highly technical colleagues and non-technical end-users at a level they can understand. Bonus Points: Experience: Hands-on experience with Wiz and CrowdStrike - cloud security and container security . Hands-on experience with AWS / cloud security tools (Guard Duty, Amazon Inspector, AWS Shield,Wiz, Lacework, etc.) Strong knowledge of SIEM tools and logging (Splunk, Sumo Logic, Data Dog, Qualys) Understanding of maintaining and administering endpoint detection response tools (CrowdStrike, FireEye, etc) Foundational knowledge of Ai - LLMs (language learning models), MCP (model context protocol) and the impacts of these on securing organizational resources. Knowledge: Understanding of authentication and authorization mechanisms. Familiar with data classification, data protection, and secure data handling practices. Understanding of regulatory requirements (SOX, GDPR, HIPAA … ) The Whole Person Promise: At Bandwidth, we're pretty proud of our corporate culture, which is rooted in our “Whole Person Promise.” We promise all employees that they can have meaningful work AND a full life, and we provide a work environment geared toward enriching your body, mind, and spirit. How do we do that? Well… 100% company-paid Medical, Vision, & Dental coverage for you and your family with low deductibles and low out-of-pocket expenses. All new hires receive four weeks of PTO. PTO Embargo. When you take time off (of any kind!) you're embargoed from working. Bandmates and managers are not allowed to interrupt your PTO - not even with email. Additional PTO can be earned throughout the year through volunteer hours and Bandwidth challenges. “Mahalo moments” program grants additional time off for life's most important moments like graduations, buying a first home, getting married, wedding anniversaries (every five years), and the birth of a grandchild. 90-Minute Workout Lunches and unlimited meetings with our very own nutritionist. Are you excited about the position and its responsibilities, but not sure if you're 100% qualified? Do you feel you can work to help us crush the mission? If you answered ‘yes' to both of these questions, we encourage you to apply! You won't want to miss the opportunity to be a part of the BAND. Applicant Privacy Notice

Job DescriptionComputer World Services Corp (CWS) is seeking an experienced Security Analyst/Data Security Specialist to support the planning, coordination, and implementation of the organization's information security programs. This role involves maintaining and enhancing the security infrastructure, including firewalls, IDS/IPS, log aggregation, and file integrity monitoring systems, while addressing potential threats and vulnerabilities. The ideal candidate will possess a strong understanding of security practices, tools, and protocols and work closely with teams to investigate and resolve data security issues.Key Tasks & Responsibilities Security Infrastructure Management: Administer and manage firewall systems, intrusion detection and prevention systems (IDS/IPS), log aggregation systems, web traffic filtering appliances, and file integrity monitoring applications. Design, implement, and monitor security measures for LAN/WAN environments to safeguard information systems. Threat Monitoring and Incident Response: Investigate alerts from Data Loss Prevention (DLP) agents and support the resolution of DLP rule problems. Monitor systems for potential threats and respond promptly to security incidents. Security Program Support: Facilitate the identification of current security infrastructure and define requirements for future programs. Collaborate with teams to implement encryption techniques and deploy security tools effectively. Technical Expertise: Evaluate and recommend commercial products and technologies for security solutions. Maintain a working knowledge of hardware/software firewalls, communication protocols, and security tools. Documentation and Compliance: Document security incidents, system configurations, and process changes. Ensure compliance with organizational and industry security standards and best practices. Education & Experience Education: Bachelor's degree in Computer Science, Information Technology Management, or Engineering. Alternatively, four years of related experience may substitute for the educational requirement. Experience: 5-7 years of experience in information security, network security, or related fields. Technical Skills: Proficient in administering firewall systems, IDS/IPS, and DLP solutions. Strong understanding of communication protocols, encryption techniques, and security tools. Familiarity with log aggregation systems, web traffic filtering appliances, and file integrity monitoring applications. Soft Skills: Strong analytical and problem-solving skills. Excellent verbal and written communication abilities. Ability to work collaboratively in a team and adapt to rapidly changing security landscapes. Preferred Qualifications: Relevant certifications such as CISSP, CISM, CompTIA Security+, or CEH. Hands-on experience with SIEM platforms and advanced threat detection tools. Knowledge of security frameworks such as NIST, ISO 27001, or CIS Controls. Certifications Relevant certifications such as CISSP, CISM, CompTIA Security+, or CEH. ITIL certification v4 preferred. Security Clearance Applicants must be eligible to obtain Public Trust clearance. Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.) Potential hybrid work available for this position. Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at ***********.

INENT Inc. focuses on understanding, addressing and resolving Talent Acquisition, Engagement and Management needs. The core team has over many years of experience in a variety of industries and management disciplines. We serve our clients with the highest level of service standards, never compromising our integrity and commitment to excellence. The products and services are targeted at niche markets in information technology, health care, Financial Services, government, education and other industries. INENT Services Includes: • Software Development The services offered cover Custom Software Development, Application Development, Web Application Development, Software Outsourcing, Website Design and Software Maintenance. Our goal is to deliver premium quality software development services and products while giving unmatched value to enterprises worldwide at an affordable cost. • Staffing Solutions: INENT, Inc. provides full implementation, upgrade, support and staff augmentation services Job Description Role: Oracle Apps Techno-Functional IT Analyst Location: RTP, NC Duration: 6 months+ Pay Rate: CtC JD: • Candidate must have work as an IT Analyst. • Strong Systems/Solution Analyst with R12 Service Agreement and Install base experience. • Strong experience in SA/IB Integrations (Out of the Box) and should be able to map with Cisco custom processes. • Good in Impact Analysis and work with Cross functional, IT and Business teams. • Good understanding of Oracle CRM Architecture and data flow • Cisco Experience is preferred Qualifications Role: Oracle Apps Techno-Functional IT Analyst Location: RTP, NC Duration: 6 months+ Pay Rate: CtC JD: • Candidate must have work as an IT Analyst. • Strong Systems/Solution Analyst with R12 Service Agreement and Install base experience. • Strong experience in SA/IB Integrations (Out of the Box) and should be able to map with Cisco custom processes. • Good in Impact Analysis and work with Cross functional, IT and Business teams. • Good understanding of Oracle CRM Architecture and data flow • Cisco Experience is preferred Additional Information Thank you Bhanu Inent Inc (Innovative Enabling Technologies Inc ) Tel: ************ * 127 Fax No: ************ email: ************************ ****************

IT Security Analyst needs 3+ years experience IT Security Analyst requires: IT security Cyber security Banking industry Finance industry Supports Information Security and Cyber Threat management programs within the Bank at an advanced level of ability. Analyzes vulnerability and threat data to provide actionable intelligence for cyber defense efforts. Evaluates the Banks networks and systems to identify technical security gaps or deficiencies. Recommends process improvements and technical solutions to address the identified gaps or deficiencies. Facilitates the defense of the organizations information security and technological architecture through ongoing reporting and escalation of emerging threats. Provide guidance for less experienced associates in the work group or assist special projects.

Genius Talent has partnered with a Global MedTech company that is looking for an Information Security Analyst (ISA) who manages network security tools/methods and performs research and analysis to mitigate and eliminate data and information security threats. This person will act as contact for the initial intake of information security events; triages potential incidents, determines the nature and scope of the event/incident, classifies the severity and priority of the incident, and escalates to the Information Security Manager (ISM) as necessary. You will also analyze all security systems log files, reviews and logs triggered events, research current and future information security threats, reconciles correlated information security events, develops, and modifies new and current information security controls. Responsibilities Investigates computer and information security incidents to determine extent of compromise to company information and automated information systems. Validates and tests security products/systems to detect computer and information security weaknesses. Maintain cloud email security solutions to monitor and track phishing campaigns and other email-related threats. Primary point of contact for security violations and incidents. Maintain the security checklist comprising of daily/weekly/monthly/quarterly/Semi-Annual/Annual tasks, Maintain change log and security incident report and present data to ISM on monthly basis. Complete weekly security hygiene report and quarterly board report to illustrate security efforts/vulnerabilities/incidents/etc. Involved in the periodic conduct of a review of each system's audits and monitors corrective actions until all actions are closed. Reviews processes and security protocols and makes recommendations for increased information security protection. Training staff on information security procedures and policies. Perform real-time monitoring, assessment and triage of IDS alarms and the Security Information and Event Management (SIEM) console. Identifies operational improvements and efficiencies and suggests improvements to improve the security posture of the Conduct research pertaining to the latest viruses, worms, etc. and the latest technological advances in combating unauthorized access to information tools, techniques, countermeasures, and trends in computer network vulnerabilities Responsible for administering and monitoring intrusion detection/prevention, antivirus/antimalware, data loss prevention, forensics, content filter, and event monitoring systems. Coordinate the performance of internal and external network and systems vulnerability assessments and penetration tests. Advise on mitigating vulnerabilities. Maintain up to date SSL certificates and associated protocols/suites. Qualifications Associate degree or equivalent experience in an IT-related discipline Minimum of 4 years' experience in a combination of information security and Information Technology positions demonstrating a progressive growth in responsibility Proven experience with current IT security technologies Demonstrated experience with information security frameworks such as NIST CSF Demonstrated understanding of technological trends and developments in the areas of information security, risk management, web architectures, and cloud computing Demonstrated ability to frame security and risk-related concepts to both technical and nontechnical audiences Knowledge, Skills, and Abilities Professional information security certifications such as CompTIA Security+, SSCP, CISSP, CISM, CCNA Security, CCNP Security, CEH, GIAC, or CISA is a plus, but not required Knowledge of IT technologies including: Access Control, Firewalls, SSO, Microsoft Technologies (MS365, Active Directory, IIS, ISA, DNS), Anti-virus software and malware scanning tools Knowledge and direct experience with vulnerability management, SIEM and Log Management, DLP, IPS/IDS, VPN, MFA Strong analytic and problem-solving skills Excellent written, verbal communication and presentation skills.

We are a fast-paced business with ambitious growth plans; so if you are dedicated, enthusiastic and always seeking ways to improve, you'll enjoy a career with us! Ontic is a leading global aerospace OEM trusted by the world's aviation leaders. Ontic's Creedmoor, NC, site is home to a number of specialist companies within the Ontic Group, including Firstmark, Twin Commander, and Metro Merlin. With over 1,300 employees across four time zones and seven sites, we have more than doubled in size since 2019 and are continuing to grow at pace. Our team is looking for an IT Governance Analyst to join them. You will report to the IT Security & Governance Manager and will have an onsite work structure in Creedmoor, NC. To be considered for the IT Governance Analyst opening, here's what you'll need to bring with you: * Strong understanding of governance frameworks and their implementation * Experience in risk management and compliance * In-depth experience with Microsoft 365 suite of tools * Strong understanding of cybersecurity principles, general knowledge of cybersecurity technologies, and industry-recognised certifications * Good understanding of ITAR rules and regulations * Ability to make recommendations to remediate complex security threats * General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved * Ability to be comfortable working on multiple, complex issues and projects within defined timelines * Demonstrated understanding of compliance regulations and Information Security control frameworks and standards (i.e., NIST, UK GDPR, FedRAMP, CMMC, ISO 27001, PCI, SOX, HIPPA) * Knowledge of physical cabling for network communications and control system Input/Output * Ability to introduce and explain highly technical topics to non-technical audiences As an IT Governance Analyst, you will: * Assist in the development and implementation of several IT and Cybersecurity frameworks across the enterprise * Ensure compliance with all relevant security regulations and standards * Monitor and report on adherence to governmental standards and security frameworks * Identify risks from non-compliance and recommend mitigation strategies to manage those risks * Implement mitigation strategies as directed * Work closely with stakeholders to ensure a unified approach to standard adherence * Assist and support in any audits of the company's adherence to various security standards; Specifically, ISO27001, Cybersecurity Maturity Model Certification (CMMC), NIST SP 800-171, NIST SP 800-171A, NIST SP 800-172, Sarbanes Oxley (SOX), and others. Knowledge of EASA would also be useful. * Influence the development of policies and procedures to ensure they contribute to the maintenance of various regulatory standards * Liaise with the Compliance department to ensure success across company boundaries * Stay current and up to date with frameworks including ISO27001, CMMC, NIST, SOX, and others * Successfully communicate identified risks to various stakeholders in a manner that they can most easily understand * Support the daily maintenance activities and response where necessary Our Benefits: * Comprehensive medical insurance * Competitive PTO, holiday pay, and sick leave * Company 401K plan with up to 4% matched contribution * Annual bonus program (varies by level and discretionary based on company and individual performance) * Flexible working arrangements * Paid volunteering opportunities * Access to mental health champions across our sites * Commitment to development * Employee referral program Salary Range: $105,000- $115,000/year, based on experience #LI-Onsite EOE/Minority/Female/Sexual Orientation/Gender Identity/Disability/Veteran Compensation Pay Range $105,000- $115,000/year, based on experience Please click here to review Ontic's California Consumer Privacy Act policy. Ontic Engineering and Manufacturing Inc. is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law. This position must meet export control compliance requirements. To meet export control compliance requirements, a "U.S. Person " as defined by 22. C.F.R. §120.15 is required. "U.S. Person" includes U.S. Citizen, lawful permanent resident, asylee, or refugee.

We are a fast-paced business with ambitious growth plans; so if you are dedicated, enthusiastic and always seeking ways to improve, you'll enjoy a career with us! Ontic is a leading global aerospace OEM trusted by the world's aviation leaders. Ontic's Creedmoor, NC, site is home to a number of specialist companies within the Ontic Group, including Firstmark, Twin Commander, and Metro Merlin. With over 1,300 employees across four time zones and seven sites, we have more than doubled in size since 2019 and are continuing to grow at pace. Our team is looking for an IT Governance Analyst to join them. You will report to the IT Security & Governance Manager and will have an onsite work structure in Creedmoor, NC. To be considered for the IT Governance Analyst opening, here's what you'll need to bring with you: Strong understanding of governance frameworks and their implementation Experience in risk management and compliance In-depth experience with Microsoft 365 suite of tools Strong understanding of cybersecurity principles, general knowledge of cybersecurity technologies, and industry-recognised certifications Good understanding of ITAR rules and regulations Ability to make recommendations to remediate complex security threats General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved Ability to be comfortable working on multiple, complex issues and projects within defined timelines Demonstrated understanding of compliance regulations and Information Security control frameworks and standards (i.e., NIST, UK GDPR, FedRAMP, CMMC, ISO 27001, PCI, SOX, HIPPA) Knowledge of physical cabling for network communications and control system Input/Output Ability to introduce and explain highly technical topics to non-technical audiences As an IT Governance Analyst, you will: Assist in the development and implementation of several IT and Cybersecurity frameworks across the enterprise Ensure compliance with all relevant security regulations and standards Monitor and report on adherence to governmental standards and security frameworks Identify risks from non-compliance and recommend mitigation strategies to manage those risks Implement mitigation strategies as directed Work closely with stakeholders to ensure a unified approach to standard adherence Assist and support in any audits of the company's adherence to various security standards; Specifically, ISO27001, Cybersecurity Maturity Model Certification (CMMC), NIST SP 800-171, NIST SP 800-171A, NIST SP 800-172, Sarbanes Oxley (SOX), and others. Knowledge of EASA would also be useful. Influence the development of policies and procedures to ensure they contribute to the maintenance of various regulatory standards Liaise with the Compliance department to ensure success across company boundaries Stay current and up to date with frameworks including ISO27001, CMMC, NIST, SOX, and others Successfully communicate identified risks to various stakeholders in a manner that they can most easily understand Support the daily maintenance activities and response where necessary Our Benefits: Comprehensive medical insurance Competitive PTO, holiday pay, and sick leave Company 401K plan with up to 4% matched contribution Annual bonus program (varies by level and discretionary based on company and individual performance) Flexible working arrangements Paid volunteering opportunities Access to mental health champions across our sites Commitment to development Employee referral program Salary Range: $105,000- $115,000/year, based on experience #LI-Onsite EOE/Minority/Female/Sexual Orientation/Gender Identity/Disability/Veteran Compensation Pay Range $105,000- $115,000/year, based on experience Please click here to review Ontic's California Consumer Privacy Act policy. Ontic Engineering and Manufacturing Inc. is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law. This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person ” as defined by 22. C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, asylee, or refugee.

Established in 1991, Collabera is one of the fastest growing end-to-end information technology services and solutions companies globally. As a half a billion dollar IT company, Collabera's client-centric business model, commitment to service excellence and Global Delivery Model enables its global 2000 and leading mid-market clients to deliver successfully in an increasingly competitive marketplace. With over 8200 IT professionals globally, Collabera provides value-added onsite, offsite and offshore technology services and solutions to premier corporations. Over the past few years, Collabera has been awarded numerous accolades and Industry recognitions including. Collabera awarded Best Staffing Company to work for in 2012 by SIA. (hyperlink here) Collabera listed in GS 100 - recognized for excellence and maturity Collabera named among the Top 500 Diversity Owned Businesses Collabera listed in GS 100 & ranked among top 10 service providers Collabera was ranked: 32 in the Top 100 Large Businesses in the U.S 18 in Top 500 Diversity Owned Businesses in the U.S 3 in the Top 100 Diversity Owned Businesses in New Jersey 3 in the Top 100 Privately-held Businesses in New Jersey 66th on FinTech 100 35th among top private companies in New Jersey *********************************************** Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Work Location: Durham NC 27703 Job Title: Network Security Analyst Duration: 24 Months Roles & Responsibilities: • Primary job responsibility will be to perform Intrusion Detection Sensor Threat Analysis. • Support for any one of McAfee IDS, Sourcefire IDS, Cisco IDS, Tipping Point IDS, Enterasys IDS, Juniper IDP and Fortinet IDS strongly desired. • The Operations team supports 24x7 and an off shift work schedule may be required. Qualifications IDS/IPS "Network analyst jobs" ; "Network security" ; "firewall analyst"; "network security position"; "network engineer"; "security engineer" Additional Information Should you have any questions, please feel free to call: ************ Aditika Sithta

Surescripts serves the nation through simpler, trusted health intelligence sharing, in order to increase patient safety, lower costs and ensure quality care. We deliver insights at critical points of care for better decisions - from streamlining prior authorizations to delivering comprehensive medication histories to facilitating messages between providers. Job Summary: The Director Business Information Security Officer (BISO) reports to the VP, Chief Information Security Officer (CISO) and acts as the primary liaison between Surescripts business units and the Information Security team. The BISO is responsible for understanding the unique business needs and risks of the organization and aligning them with security strategies and initiatives. The BISO plays a critical role in ensuring new products are launched with information security requirements embedded that align with company and information security policies and standards. The BISO will aid in the development, implementation and awareness of information security policies, manage risk, and ensure compliance with regulatory requirements. The BISO plays a crucial role in fostering a culture of security awareness and ensures that security measures are integrated into business processes. The BISO will be responsible for day-to-day operations to support and augment the CISO's overall responsibilities. The BISO plays a key leadership role in supporting the business and external customers. The BISO ensures business decisions are not obstructed by cybersecurity but instead are made using sound security principles and supporting corporate security policies and plans. Responsibilities: • Serve as a trusted advisor to the business on information security matters. • Work closely with Information Security leadership overseeing Identity and Access Management, Fraud and Crisis Management, merger and acquisition activities and any new business initiatives. • Keep abreast of current activity within the IAM and Fraud and Crisis teams and partner with team members for success. • Foster strong, collaborative relationships with internal business partners and external entities to maintain a strong network. • Enforce and influence strong security culture set forth by the CISO, ensuring uniformity across business units and employees. • Advise organization on enterprise-wide process and technology security recommendations. • Proactively gather and share pertinent information to effectively lead/engage in daily information security operations. • Lead the development and execution of crisis management plans and procedures. • Collaborate with external health care technology vendors, pharmacy partners, law enforcement, governmental entities and / and IT teams to ensure secure e-prescribing processes are being followed. • Assist with creating the Information Security department budget, monitoring expenditures, and ensuring alignment with the overall department budget. • Review customer contracts for appropriate information security language and requirements in partnership with Commercial Legal and Procurement. • Hold security leadership and teams accountable to consistently learn and share advanced knowledge and practices that promote excellence with the information security teams. • Maintain an up-to-date level of knowledge relating to security threats, vulnerabilities, and mitigations set forth to reduce the corporate attack surface. • Lead security projects and ensure they are delivered on time and within budget. • Proactively identify and remove complexity and obstacles that hinder efficient security controls enterprise wide. • Stay abreast of new laws, regulations, and standards, and assess their impact to the business. • Perform security due diligence for mergers, acquisitions, divestitures, and any new business initiatives. • Serve as the CISO representative when the CISO is not available, including making decisions usually made by the CISO. Qualifications: Basic Requirements: • Bachelor's degree in business administration, information assurance, or related technical field • 10+ years of related, progressive experience in cybersecurity management with at least 8+ years in an operationally focused security practitioner role. • 5+ years' experience working with business leadership and with fiscal responsibilities. • 3+ years' experience working with product and/or data teams to ensure that security is woven into each product based on company policies and standards. • 3+ years of experience handling tough conversations with customers. • 3+ years of people management/leadership experience. • Strong written and verbal communication skills across all levels of the organization. • Driven to build a strong, cohesive team and positive enterprise-wide security culture. • Proven high integrity, trustworthiness and confidence, and ability to represent the company and security leadership with the highest level of professionalism. • Ability to effectively manage stress in a constantly changing environment. • Strategic vision and ability to successfully collaborate with and influence others. • Strong project management and organizational skills. • Proven experience with National Institute of Technology (NIST) standards or California Consumer Privacy Act (CCPA) or Health Information Portability and Accountability Act (HIPAA) or HITRUST or SOC2 • Demonstrated understanding and comprehension of a wide range of cybersecurity solutions. Preferred Qualifications: • Master's or other advanced degree (MBA, information assurance, computer science, etc.) • 8+ years of related security systems administration. • Relevant certification/s such as CISSP, CISM, CRISC, CISA, or similar. • Experience with agile methodology and ability to negotiate to get work prioritized. • Experience using AI for business improvements. • Experience in a similar role with large, complex organization/s. • Experience in the healthcare industry. Travel: Within the U.S. as needed for meetings etc. #LI-REMOTE Surescripts embraces flexibility through its Flexible Hybrid Work model for most positions. This model allows employees to work virtually while still utilizing our offices as collaboration centers. With alignment and agreement from your leadership, you can come and go from the office as needed. To be considered for employment, applicants must have a valid U.S. work authorization allowing work without restrictions with Surecripts in the U.S. At this time, we are unable to provide support or provide sponsorship for immigration benefits such as work visas. Additionally, we do not participate in academic training programs or work-study programs through an academic institution that require employer endorsement of F-1/CPT or F-1/STEM. What You're Like You're technical. Analytical. Imaginative. Maybe you're building your own crypto-mining rig-or not. Either way, your mind works to anticipate vulnerabilities and protect the company and its information against those vulnerabilities. You do the right thing because it's the right thing without seeking to point fingers or brag. And of course, you're always willing to keep learning. What We're Like We're a team of friendly folks who do serious work. Our best work is done by rising to the occasion under stress, but we keep each other cool under pressure. We're a tight team but we also look for ways to partner across the business. Our style is casual and laid back, but we shoulder our responsibility to protect patient data from sophisticated adversaries, which sometimes means delivering a difficult truth. What the Work is Like Our challenge is to protect our customers' data and our company. This requires anomaly analysis, risk reviews, pen testing of our controls, red-teaming and tabletops, policy and procedure work, documentation, and audits. We also engineer and maintain our security products and tools. It's not always a typical 9-to-5 gig, of course, but then again, you work in information security, so you already know that. Why Wait? Apply Now We're a midsize company. This means you're not just another employee ID number. Here, you can build real relationships and feel supported by truly awesome people with diverse backgrounds and talents in an innovative and collaborative work culture. We strive to create an environment where you can be yourself, share your ideas and work your way. We offer opportunities for employee development, as well as competitive compensation packages and extensive benefits. At Surescripts, base pay is one part of our Total Rewards Package (which may also include bonus, benefits etc.) and is determined within a range. The base pay range for this position is $199,900 - $244,300 per year. Your base pay may vary within or outside of this range depending on a number of factors, including (but not limited to) your qualifications, skills, experience, and location. Benefits include, but are not limited to, comprehensive healthcare (including infertility coverage), generous paid time off including paid childbirth and parental leave and mental health days, pet insurance, and 401(k) with company match and immediate vesting. To learn more, review the Keep You and Yours Healthy, Balancing Work and Life, and Where Talent Takes Shape links under the Better Benefits. Better Work. Better Life section of our careers site. Physical and Mental Requirements While performing duties of this job, an employee may be required to perform any, or all of the following: attend meetings in and out of the office, travel, communicate effectively (both orally and in writing), and be able to effectively use computers and other electronic and standard office equipment with, or without, a reasonable accommodation. Additionally, this job requires certain mental demands, including the ability to use judgement, withstand moderate amounts of stress and maintain attention to detail with, or without, a reasonable accommodation. Surescripts is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate on the basis of race, color, religion, age, national origin, ancestry, disability, medical condition, marital status, pregnancy, genetic information, gender, sexual orientation, parental status, gender identity, gender expression, veteran status, or any other status protected under federal, state, or local law.

Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada. With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company. Procom's areas of staffing expertise include: • Application Development • Project Management • Quality Assurance • Business/Systems Analysis • Datawarehouse & Business Intelligence • Infrastructure & Network Services • Risk Management & Compliance • Business Continuity & Disaster Recovery • Security & Privacy Specialties• Contract Staffing (Staff Augmentation) • Permanent Placement (Staff Augmentation) • ICAP (Contractor Payroll) • Flextrack (Vendor Management System) Job Description Sr. Security Analyst On behalf of our client, Procom Services is searching for a Sr. Security Analyst for a contract opportunity in Durham, NC. Sr. Security Analyst Job Details Responsible for user account administration in a multi-platform environment and ensure that administration procedures are aligned with overall Information Security policies and standards. Assist in the development of access controls to safeguard customer systems against accidental or unauthorized modification, destruction or disclosure. Maintain user access to securable customer system resources (UNIX, OS390 Mainframe, iSeries, Windows / Active Directory, Outlook Exchange) performing tasks such as: creation / configuration of user logon Ids and updating access control lists, access provisioning and access removals and access terminations. Perform detailed analysis of access requests/processes and provide recommendations for improvement to senior team members and Information Security management. Educate information / resource owners in the implementation of necessary information security controls. Perform standard and non-standard processing of security authorization requests. Work with resource owners to determine appropriate security policies for securable customer resources. Provide on-call support for after-hours system access issues and troubleshoot system access problems and failures. Report suspected information security misuse to manager or director. Assist resource owners and IT staff in understanding and responding to security access exceptions. Sr. Security Analyst Mandatory Skills - Bachelor's degree in Computer Science. - 2 years of security administration experience, or related technical system administration experience. - In lieu of degree 5 years of security administration experience. - Familiarity with audit and risk-related methodologies; such as COBIT and HIPAA. - Systems administration experience within other aspects of IT - Demonstrated security administration experience on two or more platforms (UNIX, OS390 Mainframe, iSeries, Windows / Active Directory, Outlook Exchange) - Demonstrated experience working with a managed services organization. - Demonstrated experience working with a request ticketing system, such as Triole. - Strong analytical and problem-solving skills. - Ability to present and discuss technical information to users with varying technical expertise. - Proven ability to work under stress in emergencies. Flexibility to handle pressure from many directions simultaneously. - Must be detail-oriented with a high level of accuracy. - Excellent written and verbal communication skills. - Demonstrated ability to develop and maintain collaborative working relationships across multiple teams. - Strong customer focus and the ability to manage customer expectations. - Must have strong team-oriented interpersonal skills and the ability to effectively interface with a wide variety of people. - Demonstrated commitment to continuous process improvement. - CISSP, CISA, or other security / audit / field related certifications a plus Sr. Security Analyst Start Date ASAP Sr. Security Analyst Assignment Length 7+ months Additional Information All your information will be kept confidential according to EEO guidelines. Please send your resume in Word format only.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************