Information security analyst jobs in New Hampshire - 29 jobs

This job provides Information Security and Risk Management services for the Organization. Works with peers within security, HM Health Solutions customers and application teams to ensure alignment with current and future security needs. Manages activities of various Information Security personnel. Makes decisions on personnel actions (promotions, hiring, terminations, etc.). Develops talent, addresses resource management, cultivates capabilities of staff, planning and coordination of work, and managing performance. Conducts the oversight of security technology products for network, systems, and data. Controls expenses within the operating unit and is responsible for meeting budget goals. Actively contributes to the Information Security ans Risk Management (ISRM) strategic planning process by working with the Directors to develop and implement department strategic plans and action steps that support the corporate strategic objectives. Actively involved in the coordination, implementation, problem solving, communication, and training of new technologies and processes, as they are developed and moved into the environment. Develops and presents Information Security awareness and training programs. **ESSENTIAL RESPONSIBILITIES** + Perform management responsibilities including, but not limited to: involved in hiring and termination decisions; coaching and development; rewards and recognition; performance management and staff productivity. + Plan, organize, staff, direct and control the day-to-day operations of the department; develop and implement policies and programs as necessary; may have budgetary responsibility and authority. + Provide oversight of all aspects of project management to ensure continuous improvement of processes: negotiate and collaborate with leadership and staff to develop security solutions and options; develop and adhere to internal standards and strategies; ensure adherence to approved methodologies; coordinate resources, time, contingency plans and risk management. + Provide leadership to the department: lead and champion organizational change; encourage participation in activities that support relationship development; champion information security innovation; encourage and enforce proper training in regards to security issues. + Ensure compliance to Corporate and Information Security policies, standards and procedures. + Communicate effectively with all levels of the organization: facilitate meetings; plan, design and provide presentations; represent HM Health Solutions with outside entities; prepare divisional procedures, policies, reports and correspondence; spread awareness of new and existing security threats; provide oversight regarding metrics, funding, budgets and resources. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Information Security, Information Systems, Information Assurance, Computer Science or related field **Substitutions** + 6 years of relevant experience substitution for a Bachelor's Degree **Preferred** + Master's Degree in Computer Science, Information Security or related field **EXPERIENCE** **Required** + 7 - 10 years in Information Security and/or Information Risk Management and/or Information Technology + 7 - 10 years in developing, communicating and presenting Information Security and Risk Management concepts to varying audiences + 1 - 3 years in mentoring others in a leadership role + 1 - 3 years in Staff Management + 1 - 3 years in developing and executing strategic plans to realize business objectives **Preferred** + 10 - 15 years in Information Security and/or Information Risk Management and/or Information Technology + Experience managing an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework + Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits + Experience establishing budgets and meeting fiduciary goals + Security industry organization participation/leadership (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.) **LICENSES AND CERTIFICATIONS** **Required** + None **Preferred** + Certified Information Systems Security Professional (CISSP) **OR** + Certified Information Security Manager (CISM) **OR** + Certified in Risk and Information Systems Controls (CRISC) **OR** + Information Technology Infrastructure Library (ITIL) **SKILLS** + Knowledge of regulatory requirements such as Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry Data Security Standards (PCI DSS), and FIPS-140 + Strong teamwork and interpersonal skills + Experience in leading process improvement initiatives + Ability to motivate high performance, multi-discipline teams + Demonstrated competency in project execution + Demonstrated abilities in relationship management **Languages (Other than English)** None **Travel Requirement** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-Based Teaches/Trains others regularly Frequently Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Does Not Apply Physical Work Site Required Yes Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ **Pay Range Minimum:** $108,000.00 **Pay Range Maximum:** $201,800.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J269753

As a Product Security architect, you will be performing security reviews and providing hands-on help to development teams to address security issues systematically. We're looking for passionate engineer who is able to consider business impact and risk to Oracle and its customers while dealing with any security issues. You will work a trusted partner with one or more SaaS product development teams, while simultaneously collaborating with your peers in evolving or creating new security patterns or standards to address any security issues/gaps in an efficient way. You will research the product security landscape and help steer product security architecture for solutions that will provide a competitive edge for Oracle SaaS. This position requires strong product security and application security experience. It will be highly valuable to have past experience in working in or with product development teams. **Responsibilities** **Key responsibilities:** + Evaluate existing and proposed SaaS Service architectures and perform security architecture reviews, threat modeling, risk assessment and provide guidance on mitigating the security risks. + Partner and collaborate with development teams for SaaS products and provide security expertise to product design conversations and implementation decisions. + Work with product teams and peers in security operations to analyze and triage security issues in production and deploy any mitigation such as WAF policies + Review and assess security posture and CVEs in third party libraries or products. + May perform source code review for vulnerability fixes by development teams. + Keep up to date on emerging threats and standards and translate into actionable guidance including but not limited to crypto, AI Security, Identity, Web security, multi-tenant deployment + Evolve security processes and integrate security architecture into SDLC leveraging AI and automation, as appropriate. + Engage in technical discussions, as needed and serve as a subject matter expert for security architecture and trusted advisor to executive leadership and key stakeholders. + Define and influence secure-by-design architecture standards, security patterns, and reference implementations for SaaS Services + May train and mentor team members **Qualifications:** + 7+ years of information security experience including product security, application security, security testing/offensive security, security tools and security architecture. + Experience in helping or leading a product security architecture and assurance effort in a large-scale IaaS/PaaS/SaaS Cloud Service Provider, or Fortune 500 company. + Expert knowledge of modern vulnerability types and threats including intelligence, discovery, mitigation, remediation, and root cause. + Understanding of security risks in AI based solutions including AI Agents, MCP, Generative AI and ML. + Hands-on experience with at-least one programming languages such as Java, Python. + Hands-on experience and knowledge of product development lifecycle in a large enterprise software company. + Understanding of industry standard frameworks such as OWASP, MITRE, NIST, PCI, FedRAMP, etc. + Ability to guide and engage individuals and development teams located across multiple geographies and or cultures. + Knowledge of Oracle Cloud Infrastructure or Oracle SaaS Services is a plus. + Excellent written and verbal communication skills, strong analytical and problem-solving skills. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $96,800 to $251,600 per annum. May be eligible for bonus, equity, and compensation deferral. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC5 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Will serve as the primary custodian of all Top‑Secret material, maintaining accountability registers and overseeing access control. The Top‑Secret Control Officer (TSCO) may need to travel to customer sites, government facilities, and partner locations to provide on‑site oversight and accountability. Will be responsible for the secure packaging, documentation, and transport of classified material (Confidential, Secret, Top‑Secret) between BAE facilities, customer sites, and government installations. The Classified Courier will maintain chain‑of‑custody logs, perform risk assessments, and execute secure transport using approved containers and vehicles. Travel > 50 % of the time. Administer clearance/access; review submittal packages prior to submission to customer and refer unusual packages to supervisor. Administer security guidelines; work with technical and physical specialist, facilities engineers, and program managers to establish required physical security requirements and have them installed. Read blueprints, contract standards for security and various manuals and directives and ensure appropriate application. Administer Security Practices and Procedures (SPP) for programs and apply industrial security requirements; interpret most requirements from SPP or ISM and implement it with little supervision. Address daily security tasks. (e.g., changing combinations, instructions for guards, courier/destruction activities, arranging support/security for moves, etc.) May prepare and present basic security briefings. Coordinate between program management and other functions to ensure security guidelines are properly implemented and executed and establish a clear relationship of roles and duties. May assist program managers and Division/Group executives by knowing the business area, being involved in new business development from a security perspective. Coordinate between program management and other functions to ensure security guidelines are properly implemented and executed. Ensure all business is conducted using the highest ethical standards and in compliance with all applicable laws, statues, and regulations as well as company policies and directives. Investigate security incidents, violations and prepare reports specifying preventive action to be taken. Ensure Customer compliance requirements are met, maintain 100% readiness for inspections, and assist customers with inspections and ensure corrective actions are implemented. Maintain a regular and predictable work schedule. Establish and maintain effective working relationships within the department, the Strategic Business Units, Strategic Capabilities Units and the Company. Interact appropriately with others in order to maintain a positive and productive work environment. Perform other duties as necessary. About BAE Systems Electronic Systems BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Electronic Systems (ES) is the global innovator behind BAE Systems' game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve. This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified. 4 or more years of relevant security experience to the position and minumim of a high school diploma. A current, active SECRET security clearance is required. Ability to obtain Special Access Program (SAP) access. Willing to undergo a Counterintelligence Scope Polygraph (CSP). Excellent analytical and problem-solving abilities, with a keen attention to detail. Ability to work effectively under pressure and prioritize tasks in a fast-paced environment. Proficiency in Microsoft Office Suite and other relevant software applications. Ability to travel 40-50% Bachelors Degree Programmatic experience working with applicable US Government regulatory guidance concerning SAP security management to include Risk Management Framework and all Intelligence Community Directives (ICDs) relevant to contractor program execution. Experience working with federal security regulations and guidelines, e.g., National Industrial Security Program Operating Manual (NISPOM), Federal Acquisition Regulation (FAR), and Defense Federal Acquisition Regulation Supplement (DFARS). Facility Security Officer (FSO) and/or Contractor Special Security Officer (CSSO) experience. Certification within critical functional areas is a plus; Security Fundamentals Professional Certification (SFPC), Industrial Security Professional (ISP), Certified Protection Professional (CPP), Certified Information Systems Security Professional (CISSP), Special Program Security Certification (SPSC). Benefits Information Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. Intern Benefits: Temporary employees generally are not eligible for BAE Systems benefits, but can elect to participate in the 401(k) savings plan. Temporary employees working 20+ hours per week are eligible for medical benefits, the employee assistance program, and business travel accident insurance. Please note: Some benefits may be different for union employees that are governed by a collective bargaining agreement (CBA) or for positions covered by a wage law called the McNamara-O'Hara Service Contract Act (SCA).

The Team The Security Reference team within Fidelity Fund and Investment Operations (FFIO) is a global investment data management organization that specializes in the sourcing and processing security data within MDM (Master Data Management) system. GDS provides data services for trading, accounting, compliance, performance and analytical data in support of global investment decision making organizations. Security Reference, a division of GDS, specializes in managing, integrating and validating vendor and Fidelity-defined data associated with investment entities (securities, issues, brokers, funds, portfolios and index data). Our work is highly collaborative and involves close coordination and superb communication with our clients, global team members, and key business and technology partners across Fidelity. The Principal Data Analyst will work with business partners to resolve complex data inquiries while providing high level of customer service. They will support Security Reference and Corporate Hierarchy Data operations in Merrimack NH, ensuring accuracy, timeliness, and compliance with governance standards. This team provides hands-on support to trading desks, enabling efficient and accurate investment decision-making. Knowledge in various loan instruments including Term Loans, Revolvers, and Real Estate Loans, as well Equity securities (Common Stocks, Preferred Stocks) that are used in the Direct Lending space. Experience with both private loans and syndicated loans is also preferred. The Expertise You Have * Bachelor's degree in Business/Finance or related field required * Financial Services Industry experience working with reference data preferred * Knowledge in various loan instruments including Term Loans, Revolvers, and Real Estate Loans * Knowledge in with Equity securities (Common Stocks, Preferred Stocks) that are used in the Direct Lending space. * Experienced in managing projects and/or small teams of people in and agile environment * Ability to multi-task, work under pressure, and meet tight deadlines * Teammate who takes initiative and thinks across Fidelity * Hands on work style with can do attitude with strong desire to make things happen * Preferred reporting tools experience such as SQL, Bloomberg and CusipWeb a plus The Skills You Bring * Strong leader and mentor that builds productive and collaborate relationships with team members * You are a team who takes initiative and leads to achieve team goals * Highly motivated, flexible, quality focused team player with excellent organizational skills * Ability to work at different levels of detail and can concisely summarize complex issues * Solid organizational and project management skills to navigate high volume setting with tight deadlines * Demonstrated ability to work independently and collaboratively with all levels of staff, management and other business partners * Strong learning agility to quickly understand and connect key concepts and dependencies The Value You Deliver * Formulates both tactical and strategic plans to increase productivity and to reduce risk * Liaise with customer, business partners, and systems to translate business requirements into data requirements, evaluating and recommending data solutions * Make recommendations for global operational enhancements * Participates in new product forums and works with GDS management consultancy team to stay abreast of industry news and developments * Reviews database queries to analyze and validate data for problem resolution for ad-hoc customer questions or issues * Participates and/or leads Operations Support projects and initiatives involving multiple business partners, provide subject matter expertise Note: Fidelity will not provide immigration sponsorship for this position Certifications: Category: Investment Operations Most roles at Fidelity are Hybrid, requiring associates to work onsite every other week (all business days, M-F) in a Fidelity office. This does not apply to Remote or fully Onsite roles. Please be advised that Fidelity's business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

**About Us** **Since 1989, SHI International Corp. has helped organizations change the world through technology. We've grown every year since, and today we're proud to be a $16 billion global provider of IT solutions and services.** **Over 17,000 organizations worldwide rely on SHI's concierge approach to help them solve what's next. But the heartbeat of SHI is our employees - all 7,000 of them. If you join our team, you'll enjoy:** + **Our commitment to diversity, as the largest minority- and woman-owned enterprise in the U.S.** + **Continuous professional growth and leadership opportunities.** + **Health, wellness, and financial benefits to offer peace of mind to you and your family.** + **World-class facilities and the technology you need to thrive - in our offices or yours.** **Job Summary** The Chief Information Security Officer will develop and implement a comprehensive information security strategy that aligns with the organization's goals, ensuring the protection of information assets through effective policy enforcement and risk management. This role involves managing incident response, ensuring regulatory compliance, and overseeing security audits and technology investments to enhance the organization's security posture. The CISO will collaborate with various departments, conduct security awareness training, and provide regular updates to senior management and the board on security status, risks, and initiatives. **Role Description** + Develop and implement an information security strategy that aligns with the organization's goals and objectives to ensure comprehensive protection of information assets. + Oversee the development and enforcement of security policies to ensure that all security policies, procedures, and protocols are up-to-date and effectively implemented across the organization. + Lead risk management efforts by identifying, assessing, and mitigating information security risks to protect the organization from potential threats and vulnerabilities. + Manage incident response and recovery by developing and overseeing the execution of incident response plans to address security breaches and ensure timely recovery. + Ensure compliance with regulatory requirements by monitoring and enforcing compliance with relevant laws, regulations, and industry standards related to information security. + Collaborate with other departments such as IT, legal, HR, and others to integrate security measures into all aspects of the organization's operations. + Conduct security awareness training to educate employees on security best practices and promote a culture of security awareness throughout the organization. + Oversee security audits and assessments by regularly conducting internal and external audits to evaluate the effectiveness of security measures and identify areas for improvement. + Manage security technology investments by evaluating, selecting, and implementing security technologies and tools to enhance the organization's security posture. + Report to senior management and the board of directors by providing regular updates on the organization's security status, risks, and initiatives to ensure informed decision-making at the highest levels. **Behaviors and Competencies** + Technical Expertise: Can create new applications for technical knowledge and skills and can lead the development of technical standards and procedures. + Strategic Thinking: Can analyze complex situations, drive organizational transformation, and adapt strategies to changing market conditions. + Risk-Taking: Can inspire and encourage others to take calculated risks, fostering a culture of innovation and adaptability. + Decision-Making: Can lead organizational decision-making, mentor others in developing decision-making skills, and create frameworks that enhance the decision-making capabilities of the team. + Leadership: Can lead strategic team initiatives, inspire others to take leadership roles, and foster a culture of shared responsibility and continuous improvement. + Analytical Thinking: Can lead and innovate in the application of analytical thinking, solve complex problems, influence others, and contribute to best practices. + Communication: Can lead and model exceptional communication at all levels of the organization, develop and implement communication strategies, and coach others to improve their communication skills. + Adaptability: Can drive strategic transformations, inspire others to embrace change, and foster a culture of continuous adaptation. + Collaboration: Can lead complex team projects, inspire others to collaborate effectively, and foster a culture of mutual respect and shared purpose. + Ethics: Can lead strategic initiatives, inspire others to uphold ethical standards, and foster a culture of integrity and ethical conduct. **Skill Level Requirements** + Deep understanding of the security industry, best practices, emerging technologies, and leading solutions - Expert + Experience supporting various compliance and regulatory frameworks - Expert + Change Management, ability to manage, drive, and adapt to organizational change while maintaining team morale and productivity. - Expert + Continuous Improvement, identifying areas for improvement, implementing changes, and measuring results to enhance processes and performance. - Expert + Financial Awareness and understanding of financial concepts, budgeting, with the ability to make informed decisions based on financial data. - Expert + Forward Thinking, anticipating future trends and needs, and making decisions that position oneself or one's organization for success. - Expert + Innovation to generate, develop, and implement new and original ideas, challenging the status quo to improve processes and solutions. - Expert + Resilient, has the ability to recover quickly from difficulties and adapt in the face of challenging circumstances. - Expert + Influence, ability to persuade, lead, and influence others to achieve desired outcomes. - Expert + Willing to Learn, open to new ideas, and has a desire to continuously learn to stay current with the latest trends, threats, and technology. - Expert + Documentation involves creating, maintaining, and managing detailed and accurate records and documentation to support organizational processes and decisions. - Expert **Other Requirements** + Completed Bachelor's degree in computer science, information technology, cybersecurity, or a related field. Master's degree preferred. + 10+ years' experience in an enterprise information security role + 10+ years' experience in a leadership role + Advanced Certifications: CISSP, CRISC, GCEIT, CISM, GIAC The estimated annual pay range for this position is $275,000 - $350,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status

Location: Richardson, TX, US Company: Celestica International LP Req ID: 129734 Region: Americas Country: USA State/Province: Texas City: Richardson General Overview Functional Area: Information Technology (ITM) Career Stream: IT Risk & Compliance (RAC) Role: Director (DR1) Job Title: Director, Information Security 1 Job Code: DR1-ITM-SECR Job Level: Level 12 Direct/Indirect Indicator: Indirect Summary We are seeking an experienced and strategic Director of Data Security and Governance to lead our comprehensive data protection program. This critical role involves establishing and enforcing data security policies to meet stringent regulatory requirements, including the International Traffic in Arms Regulations (ITAR), and fulfilling complex data security obligations within commercial contracts. You will be responsible for building our data governance framework from the ground up, including implementing a robust data classification program and deploying modern security solutions like Data Security Posture Management (DSPM) and Data Rights Management (DRM)., in addition to managing the DLP program. Detailed Description Performs tasks such as, but not limited to, the following: * Strategy & Policy Development: Design, implement, and oversee the enterprise-wide data security and governance strategy, policies, and standards. * Compliance & Regulatory Oversight: Serve as the primary expert on data security requirements for ITAR and other government regulations. Ensure all data handling processes and systems are compliant with contractual and legal obligations. * Data Classification Program: Develop and manage a corporate data classification policy and program. Work with business units to identify, classify, and protect sensitive and regulated data throughout its lifecycle. * Technology Implementation: Lead the selection, implementation, and operationalization of a Data Security Posture Management (DSPM) solution to provide visibility and control over our data landscape. * Data Rights Management (DRM): Implement and manage a DRM solution to control access to and usage of sensitive data, ensuring that only authorized individuals can access and interact with protected information according to defined policies. * Risk Management: Conduct regular data security risk assessments, identify vulnerabilities, and oversee remediation efforts to mitigate risks. * Incident Response: Develop and lead the data-focused components of the incident response plan, including containment, investigation, and reporting of data breaches. * Collaboration & Training: Partner closely with Legal, IT, Engineering, and business stakeholders to embed data security principles into their operations. Develop and deliver training programs to raise awareness about data governance and security best practices. Typical Experience * Experience: * Minimum of 10 years of experience in cybersecurity and data governance, with at least 4 years in a leadership role. * Proven track record of successfully implementing a data classification program across an enterprise. * Direct experience with the procurement and deployment of DSPM and DRM technologies. * Skills & Knowledge: * Deep understanding of data protection principles, including encryption, access control, data loss prevention (DLP), and data discovery. * Expert knowledge of security frameworks such as NIST Cybersecurity Framework, NIST 800-171, and ISO 27001. * Excellent project management skills and the ability to lead cross-functional teams. * Strong communication skills, with the ability to articulate complex security concepts to technical and non-technical audiences. * Certifications (Preferred): * Certified Information Systems Security Professional (CISSP) * Certified Information Security Manager (CISM) * Certified Information Privacy Professional (CIPP) Typical Education Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent experience. A Master's degree is a plus. Educational requirements may vary by geography. Physical Demands Duties of this position are performed in a normal office environment. Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required. Notes This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Celestica's policy on equal employment opportunity prohibits discrimination based on race, color, creed, religion, national origin, gender, sexual orientation, gender identity, age, marital status, veteran or disability status, or other characteristics protected by law. This policy applies to hiring, promotion, discharge, pay, fringe benefits, job training, classification, referral and other aspects of employment and also states that retaliation against a person who files a charge of discrimination, participates in a discrimination proceeding, or otherwise opposes an unlawful employment practice will not be tolerated. All information will be kept confidential according to EEO guidelines. COMPANY OVERVIEW: Celestica (NYSE, TSX: CLS) enables the world's best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers. Celestica would like to thank all applicants, however, only qualified applicants will be contacted. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services. This location is a US ITAR facility and these positions will involve the release of export controlled goods either directly to employees or through the employee's movement within the facility. As such, Celestica will require necessary information from all applicants upon an applicant's acceptance of employment to determine if any export control exemptions or licenses must be filed. Job Segment: Information Security, Facilities, Supply Chain, Computer Science, Information Systems, Technology, Operations

Company DescriptionJobs for Humanity is partnering with Capital One to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Capital One Job Description201 Third Street (61049), United States of America, San Francisco, CaliforniaSenior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. What You'll Do: Act as a central Information Security point of contact for the Enterprise Platform team Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Product security consulting in Authentication/Access Management /Identity application and experienced in Authentication and industry-standard protocol for authorization/authorization Basic Qualifications: High School Diploma, GED or equivalent certification At least 8 years of experience working in cybersecurity or information technology At least 7 years of experience providing guidance and oversight of Security concepts At least 7 years of experience performing security risk assessments and security architecture reviews At least 7 years of experience with architecture, software design, networking, and cloud infrastructure At least 5 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 3+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 4+ years of experience in IAM or related areas Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling Experience with Penetration Testing or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and Defensive Security techniques Experience in a regulated environment Strong conceptual thinking, influence and communication skills At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $230,100 - $262,700 for Sr Manager, Cyber TechnicalSan Francisco, California (Hybrid On-Site): $243,800 - $278,200 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to [email protected] Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

BAE Systems is hiring the Security Specialist Senior Principle to act as the Site Security Manager (SSM) for multiple secure facility builds in support of BAE Systems' Electronic Systems. The SSM is responsible for the security of facilities under construction ensuring compliance with the ICD705, Construction Security Plan (CSP), and any other policies/regulations put forth. This position has the unique opportunity to help BAE Systems' Electronic Systems build modern facilities to address the growing threats. If you have these capabilities and the interest in proactively working with teams across the country, we are interested in you. In this Site Security Manager position you will make impacts in the following ways: Develop, implement, and ensure compliance with Construction Security Plans (CSP). Partner with Facilities, IT, and Networking teams to drive a common set of requirements and standards for secure facility construction. Review, validate, and coordinate revisions to design drawings in accordance with best practices and applicable policy. Influence external customer requirements driving adoption of secure facility best practices and modern designs. Work with program managers and security teams to understand the programs roles and responsibilities in setting requirements for facilities. Liaison within the IT & Security function to ensure all directorates equities are addressed in facility designs and execution. Develop, operate to, and ensure closure of secure facilities Plan of Actions & Milestones (POA&M). Partner with Project Managers, Site Contractors, and Local Security Officers to ensure the security of the construction site. Represent the IT & Security Function as a shareholder in the success of all active and forthcoming secure facility projects. About BAE Systems Electronic Systems BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Electronic Systems (ES) is the global innovator behind BAE Systems' game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve. This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified. Bachelor's Degree and 7 years work experience or 10 years of experience in lieu of degree. Must have a SECRET clearance with the ability to obtain a Top Secret Clearance, Special Access Programs and obtain SCI Eligibility. Additionally, shall be able to successfully pass a Counterintelligence Polygraph when and if necessary. Demonstrated knowledge of 32 CFR Part 117, DoD SAP Manuals, and appropriate Intelligence Community Directives. Possess a high level of understanding and previous application of the ICD-705, to include, but not limited to; intrusion detection systems, access control devices, TEMPEST requirements, drawings/specifications, etc. for DoD and IC customers. Ability to solve complex problems arriving at a decision independently. Thorough knowledge and demonstrated application of the U.S. Government security standards. Interface with program managers and maintain liaison with US Government Program Security Officers. Develop and revise enterprise level construction security plans, procedures, and instructions. Support to other security disciplines within the SAP program to include Personnel Security, Physical Security, Information Assurance (IA), Communications Security (COMSEC), Document Control and Visitor Control. Must demonstrate proven leadership skills, and excellent communication skills. TS/SCI with current CI Polygraph. Industry recognized RF/TEMPEST training or certification. Demonstrate in-depth knowledge of the DoD SAP Manuals, ICDs and TEMPEST. Demonstrate working knowledge of the DoD SAP Manuals, ICD series manuals, and TEMPEST guidance and best practices. Ability to apply the foregoing knowledge of government security requirements in a complex multi-level secure environment to ensure program compliance in non-routine situations. Ability to work independently to identify, assess, and resolve unique security situations with innovative solutions geared to facilitate contract performance within the bounds of security requirements. Project Management with a proven track record of successfully leading or performing on complex projects. Highly proficient written and verbal communication skills with emphasis on clear and coherent presentation of complex information. Ability to manage time, make sound decisions, take independent action, analyze problems, and provide focused solutions. Must display professional demeanor, exceptional people skills, ability to communicate effectively, and be able to perform in a multi-tasked, dynamic environment. Benefits Information Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. Intern Benefits: Temporary employees generally are not eligible for BAE Systems benefits, but can elect to participate in the 401(k) savings plan. Temporary employees working 20+ hours per week are eligible for medical benefits, the employee assistance program, and business travel accident insurance. Please note: Some benefits may be different for union employees that are governed by a collective bargaining agreement (CBA) or for positions covered by a wage law called the McNamara-O'Hara Service Contract Act (SCA).

Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures. **Responsibilities** Responsible for advanced planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures. Provides technical advice and direction to support the design and development of secure architectures. May participate in an incident management team, bringing advanced-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander of serious incidents. Develops new methods, and playbooks, as well as sophisticated scripts, applications, and tools, and trains others in their use. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as incident commander of serious incidents. Participates in developing new methods, playbooks throughout Oracle. Evaluates existing and proposed technical architectures for security risk, provides technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling. Brings advanced-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, and where computer programming/scripting knowledge is required. Work with Senior management to develop and implement a multi-year security roadmap Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

**About Us** **As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. We call it Digital Agility.** **To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com.** **Job Description Summary** The Senior Security Consultant - Penetration Testing is a critical role within Stratascale's Adversarial Operations team who will assist in leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. This position is remote with a Home Office setup as determined by Stratascale management. **Role Description** + Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements. + Consult and document attack surface, threats, and vulnerability improvements based on team's overall assessment of client's environment. + Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls. + Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations. + Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts. + Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling. + Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients their stakeholders. + Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems. + Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation. + Develop and deliver governance models, security frameworks, compliance reporting, and security assessments. + Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery. + Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement. + Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met. + Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions. + Participate in customer and internal meetings, providing technical guidance and facilitating discussions. + Stay educated on new product technologies, industry trends, and emerging capabilities within the practice. + Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants. **Behaviors and Competencies** + Communication: Can effectively communicate complex ideas and information to diverse audiences, facilitate effective communication between others, and mentor others in effective communication. + Relationship Building: Can take ownership of complex team initiatives, collaborate with diverse groups, and drive results through effective relationship management. + Self-Motivation: Can take ownership of complex personal or professional initiatives, collaborate with others when necessary, and drive results through self-motivation. + Negotiation: Can take ownership of complex negotiations, collaborate with others, and drive consensus. + Impact and Influence: Can rally a team or group towards a common goal, creating a positive and persuasive influence. + Business Development: Can take ownership of significant business initiatives, collaborate with various stakeholders, and drive business results. + Emotional Intelligence: Can use emotional information to guide thinking and behavior, manage and/or adjust emotions to adapt to environments or achieve one's goal(s), and help others do the same. + Detail-Oriented: Can oversee multiple projects, maintaining a high level of detail orientation, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks. + Follow-Up: Can take ownership of tasks, collaborate with others in managing follow-ups, and drive results through effective task completion. + Presenting: Can effectively use visual aids, storytelling, and persuasive techniques to enhance presentations and engage audiences. + Delegation: Can delegate responsibilities across a team, balancing workload, and ensuring all members understand their roles. + Analytical Thinking: Can use advanced analytical techniques to solve complex problems, draw insights, and communicate the solutions effectively. + Critical Thinking: Can integrate and synthesize information from various sources to inform strategic decision-making and problem-solving. + Technical Troubleshooting: Can take ownership of complex technical problems, collaborate with others to manage solutions, and drive results in problem resolution. **Skill Level Requirements** + Expertise in planning, executing, and leading penetration tests across networks, web and mobile applications, APIs, wireless, and cloud environments, including scoping, rules of engagement, and debriefs. - Intermediate + Proficiency with offensive security methodologies and frameworks such as PTES, OWASP (WSTG/MASVS/ASVS), MITRE ATT&CK, and threat modeling to drive risk-based testing. - Intermediate + Deep hands-on experience with common offensive tooling and techniques, including reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, and data exfiltration, along with strong operational security practices. - Intermediate + Ability to assess and attack cloud services (AWS, Azure, GCP) including IAM misconfigurations, storage, serverless, container/orchestration, and cloud networking, and communicate cloud-specific remediation guidance. - Intermediate + Strong web application testing skills including auth flows, access control, injection, deserialization, SSRF, XXE, business logic abuse, and modern app architectures (SPAs, microservices, GraphQL, WebSockets). - Intermediate + Working knowledge of Active Directory and Azure AD attack paths (Kerberoasting, constrained/unconstrained delegation, ACL abuses, LAPS/MAPS, certificate services), and the ability to simulate realistic enterprise attack chains. - Intermediate + Proficiency with social engineering and phishing engagements, including payload development, infrastructure setup, pretexting, and measurement aligned to customer policies and legal constraints. - Intermediate + Competence in scripting and automation to accelerate testing and proof-of-concept development using Python, PowerShell, Bash, and basic Go or JavaScript as needed. - Intermediate + Ability to develop clear exploit proofs-of-concept, reproduce vulnerabilities reliably, and validate fixes; familiarity with exploit development fundamentals is a plus. - Intermediate + Strong reporting and communication skills, including writing executive summaries and technical reports with reproducible steps, risk ratings, and actionable remediation, and presenting findings to both technical and non-technical stakeholders. - Intermediate + Experience collaborating in red/purple team exercises, working with blue teams, and translating findings into detection and hardening recommendations (e.g., SIEM detections, EDR tuning, hardening baselines). - Intermediate + Familiarity with vulnerability management workflows, responsible disclosure practices, and integration of pen test results into remediation programs and retesting cycles. - Intermediate + Proficiency with productivity and documentation tools such as Word, Excel, PowerPoint, and Outlook to efficiently produce statements of work, test plans, and final reports. - Intermediate **Other Requirements** + Completed Bachelor's Degree in a related field or relevant work experience required + 5-7 years of hands-on penetration testing/red team experience delivering engagements for mid-to-large enterprises, including leading complex assessments. + Ability to travel to SHI, Partner, Customer events, and on-site testing engagements as needed. + Advanced industry certifications preferred (e.g., OSCP, OSEP, OSWE, GXPN, GPEN, CRTO, CRTP, PNPT; CISSP or CSSLP a plus). + Demonstrated understanding of legal/ethical considerations, testing authorization, and safe handling of client data The estimated annual pay range for this position is $165,000 - $205,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Develops and executes programs and processes to reduce information security risk and strengthen Oracle's security posture. **Responsibilities** Supports the strengthening of Oracle's security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas. Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs. Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance. Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required. Incident Management and response: Brings advanced level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents. Digital Forensics: Brings advanced level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required. Other areas of focus may include duties providing advanced level skills and knowledge to manage Information Security Education, Training and Awareness programs. In a Corporate Security role, may manage the creation, review and approval of corporate information security policies. Mentors and trains other team members. Compiles information and reports for management. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $104,200 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Join BAE Systems' award-winning security team at Electronic Systems (ES) as a Security Operations Manager. Develop and lead a 24/7 integrated physical security operation, combining real-time monitoring, incident response, and threat assessment to safeguard personnel, facilities, and mission-critical assets. Job Summary: As a Security Operations Manager, you will play a critical role in ensuring the physical security of our facilities and personnel. You will lead a team of security professionals, developing and implementing effective security strategies, procedures, and protocols to prevent and respond to security incidents and emergencies. If you have a passion for physical security and a proven track record of leadership, we encourage you to apply. Key Responsibilities: Lead daily operations of a high-visibility, mission-critical 24/7/365 Security Operations Center supporting over 60 sites Develop and implement incident response plans for physical security incidents, such as unauthorized access, theft, or violence Conduct vulnerability assessments to identify potential security risks and develop mitigation strategies Coach, train, and mentor security operators and analysts in effective observation, documentation, and reporting Design, implement, and manage a best-in-class SOC project, collaborating with critical internal and external stakeholders Optimize integrated physical security systems (e.g., access control, surveillance, and alarm systems) across multiple sites Leverage outside security service guard resources to achieve mission. Cultivate vendor partnerships Support emergency response and conduct proactive drills to continuously improve. Manage enterprise emergency notification system Develop and execute a security awareness training program for employees and contractors Ensure compliance with UL2050, local regulations and laws related to physical security and emergency response Provide duty of care for employee foreign travel Develop and manage budgets for physical security operations, including resource allocation and procurement of security equipment and services Collaborate with stakeholders to ensure that the Security Operations, Physical Security and the business are aligned with organizational goals and objectives About BAE Systems Electronic Systems BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Electronic Systems (ES) is the global innovator behind BAE Systems' game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve. This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified. Bachelor's degree in security management, a related field, or equivalent experience 5+ years of experience in a physical security focused operations center, including 3+ years in a leadership role Proven leadership and communication skills, with the ability to brief senior executives Strong understanding of physical security principles, including access control, surveillance, and alarm systems Ability to solve complex problems independently and function under pressure in stressful emergency situations Demonstrated ability to create innovative solutions and develop collaborative relationships CPP, PSP, or security management certification Experience in GSOC, UL2050, ICD705, NISPOM or classified environments Technical experience developing intelligence products Working knowledge of physical security systems, including access control, surveillance, and alarm systems Previous experience in developing and coordinating security programs, projects, and plans Active security clearance (or ability to obtain) Benefits Information Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. Intern Benefits: Temporary employees generally are not eligible for BAE Systems benefits, but can elect to participate in the 401(k) savings plan. Temporary employees working 20+ hours per week are eligible for medical benefits, the employee assistance program, and business travel accident insurance. Please note: Some benefits may be different for union employees that are governed by a collective bargaining agreement (CBA) or for positions covered by a wage law called the McNamara-O'Hara Service Contract Act (SCA).