Information security analyst jobs in Oxford, MA

Join a team focused on the success of our customers, the success of our communities, and the success of each other. Farm Credit East (FCE) is the leading provider of loans and farm advisory services to farm, forest product, fishing, and other agricultural business owners across the northeast with $13.5 billion in total loan volume and $29 million in annual financial services revenue from 18,000 customers across our 8-state territory. We are One Team Working Together with a focus on our five pillars: Outstanding Customer and Employee Experience, Quality Growth, Operational Excellence, Commitment to our Communities, and Protecting Customer Information. As part of our commitment to protecting customer information and enabling operational excellence, the Security Solutions Analyst plays a key role in supporting the secure design, implementation, and documentation of systems and cybersecurity initiatives. This role serves as a technical liaison between the Information Security team and internal and external stakeholders, including Farm Credit Financial Partners, Inc. (FPI). The analyst represents Information Security in the Architecture Review Board (ARB), evaluates strategic projects for security alignment, and ensures that security requirements are embedded in technical decisions and implementation plans. The analyst applies Security by Design principles, ensuring that systems and solutions are architected with security as a foundational principle. This includes adherence to internal standards, regulatory requirements, and industry best practices throughout the lifecycle of technology initiatives. The value drivers for this role are as follows: Secure Enablement of Initiatives Data Protection and Governance Support Alignment with Standards and Risk Appetite Operational Resilience and Incident Readiness Cross-Team Collaboration and Technical Alignment Come join a collaborative, customer-focused team at Farm Credit East! Duties and Responsibilities Security Architecture, Standards & Project Evaluations Represent Information Security in the Architecture Review Board (ARB) for all projects requiring architectural review. Evaluate strategic and technical initiatives for alignment with security architecture, regulatory requirements and risk posture. Conduct threat modeling to assess cybersecurity risk related to new projects and technologies. Apply security by design principles to ensure security is embedded throughout project lifecycles. Ensure solutions adhere to internal security standards, NIST CSF principles, and applicable regulatory frameworks. Ensure security standards are defined, are accurate, up-to-date, and aligned with FCE's risk appetite and industry best practices. Conduct security evaluations of internal and third-party systems, including encryption, patching, APIs, data residency, incident response, and third-party risk indicators. Review configurations and security controls for AI-enabled systems, including generative, agentic, and embedded AI. Evaluate risks related to model behavior, data usage, integration points, and alignment with internal standards and responsible AI security practices. Provide security oversight throughout the full lifecycle of systems, from design to deployment to decommissioning. System Configuration Oversight & Technology Service Provider Collaboration Provide guidance and maintain oversight for the configuration and security settings of all FCE systems. Partner with FPI and/or other outside vendors to ensure system configurations, access policies, and integration points meet FCE's security requirements. Participate in joint planning and review sessions to support shared initiatives and maintain architectural alignment. Maintain visibility into FPI-managed implementations and ensure security expectations are clearly communicated, documented, and tracked. Participate in change management process to assess the security impact of system changes, upgrades and new deployments. Initiative Coordination, Implementation Support & Incident Readiness Serve as a bridge between business and security to ensure cybersecurity initiatives are implemented effectively, securely and in alignment with organizational goals. Facilitate secure implementation of systems in alignment with architectural principles and engineering best practices. Monitor initiative progress and ensure readiness for integration with managed services. Ensure systems are configurated to support incident detection, logging, and response capabilities. Assist in tuning and optimizing security tools in collaboration with FPI or other external parties, such as data loss prevention (DLP), endpoint protection, and threat detection platform to improve visibility and reduce false positives. Lead the implementation of data classification and labeling, including applying classification rules, tagging sensitive data, and testing configurations to ensure accuracy and effectiveness. Contribute to incident readiness by validating that systems and integrations support timely response and containment of security events. Documentation, Reporting & Governance Develop and maintain technical documentation (e.g., workflows, configuration guides, implementation checklists). Maintain dashboards and reporting tools to track progress and security posture. Support audits, readiness assessments, and leadership reporting. Contribute to the development and maintenance of architecture standards and security metrics. Security by Design Enablement Facilitate effective communication of security risks and best practices for both technical and non-technical audiences. Champion Security by Design philosophy for embedding cybersecurity design thinking into organizational processes and enabling technologies. Contribute to internal education efforts by developing technical guides, reference material, and awareness content to promote security best practices. Promote a culture of security through collaboration, training, and knowledge sharing across departments. Translate technical tasks into business impact for non-technical stakeholders to support decision-making Support awareness and adoption of data classification and labeling frameworks, ensuring users understand how to handle sensitive information appropriately. Job Qualifications and Requirements: Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field required. Master's degree or equivalent experience preferred. Minimum of 3-5 years of experience in cybersecurity, information security, or security engineering roles. Hands-on experience with security architecture or engineering support, including secure system design, configuration, and implementation. Experience working with data protection technologies, such as data loss prevention (DLP), data classification and labeling, trainable classifiers, and endpoint protection. Experience collaborating with managed service providers or external technology partners to implement and maintain secure systems. Exposure to governance frameworks such as NIST CSF, CIS Controls, or ISO 27001, with an understanding of how to align security standards with organizational risk appetite. Participation in architecture review boards (ARBs) or similar governance bodies is a strong plus. Experience supporting change management processes, including security impact assessments for system changes and deployments. Strong background in technical documentation, process mapping, and reporting to support visibility and compliance. Security-related certifications such as CISSP, CCSP or equivalent are preferred. Certifications in architecture or engineering support (e.g., ITIL, TOGAF, cloud security) are a plus. We offer hybrid work options after two weeks of employment with Farm Credit East. Hybrid work options are determined based on job role and balancing the needs of the customers, the team, and individual work performance. This will be reviewed based on manager discretion. Compensation and Benefits: Salary Range: $80,000 to $120,000 commensurate with experience Short-Term Incentive to reward business results Retirement Contributions : 401k match up to 6% of salary; or for those unable to take full advantage of the 401(k) match, verified student loan payments may qualify for an employer match in your 401(k) up to 6% of salary Defined Contribution retirement plan funded at 2-9% of salary depending on years of service Time Off: 15-25 days of vacation leave per year, depending on years of service 12 days of holiday leave per year 7.5 days of sick leave in your first year, followed by 12 days of sick leave per year thereafter; unlimited rollover of unused sick leave year to year Paid Parental Leave: Up to 80 hours of paid leave for birthing, non-birthing, and adoptive parents Family Care Leave: Additional leave options available under FMLA and company policy Health and Insurance: Comprehensive medical, dental, and vision plans, including preventive care and wellness programs to support your overall health and well-being Health Savings Account Life insurance at 2x base pay Accidental Death and Dismemberment insurance at 2x base pay Long-term disability insurance at 2/3 base pay Additional Benefits: Tuition reimbursement Continuing education and training Employee Assistance Program offering a wide variety of tools and resources Benefits Eligibility: Eligibility Begins: First of the month following your hire date Eligible Employees: Full-time employees working 30+ hours per week; Part-Time employees working 20+ hours per week. Farm Credit East is an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, parental status, political affiliation, disability status, protected veteran status, genetic information or any other status protected by federal, state or local law. It is our goal to make employment decisions that further the principle of equal employment opportunity by utilizing objective standards based upon an individual's qualifications for a specific job opening. In compliance with the Americans with Disabilities Act (“ADA”), if you have a disability and would like a reasonable accommodation in order to apply for a position with Farm Credit East, please call ************** or e-mail ************************************

Senior Cyber Security Analyst is an experienced cyber security individual who maintains the security of an organization's technical environment. They study existing security hardware and software, evaluate new security options and makes recommendations for improvement. Senior Cyber Security Analyst also identifies weak spots in a cyber security system that may be breached and creates procedures to manage threats. Senior Cyber Security Analyst monitors networks for suspicious activity and potential cyber threats. They keep up on threat intelligence, install and maintain security software and encryption. They are responsible for aiding in the planning of security systems, implementing policy and identifying business processes that may violate intended and acceptable use policies. They monitor and remediate vulnerabilities. Senior Cyber Security Analyst works on advanced, complex technical projects or business issues requiring state of the art technical or industry knowledge. Duties and Responsibilities Responsibilities include, but are not limited to the following: * Assist in developing, operating, and evolving Cloud Access Security solutions and capabilities * Performs system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines * Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems * Performs threat and vulnerability assessments, followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities Research, recommend, and implement streamlined automation processes * Develops and maintains documentation for security systems and procedures * Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems * Provide support to one or more projects simultaneously. Delivers projects on schedule * Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization * Assists and trains junior team members in the use of security tools, the preparation of security reports and the resolution of security issues * Applies patches where appropriate and, removes or otherwise mitigates known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity * Using threat intelligence information research emerging threats and vulnerabilities to aid in the identification of incidents * Job Knowledge - Remains up-to-date in assigned area of responsibility: possesses skills and knowledge to perform job effectively; efficiently and safely; acquires, understands, and applies technical and professional information and skills; understands and adheres to policies and procedures * Supports the creation of security incident response, business continuity/disaster recovery plans, including conducting tests, publishing test results and making changes necessary to address deficiencies * Analyzes problems and alternative solutions and takes appropriate timely action to achieve desired business results. Seeks unique and novel solutions to problems and considers impact of final resolution * Perform security standards testing against computers before implementation to ensure security * Provide Key Performance Metrics to our Risk Management team to help coordinate risk tracking. * Educate internal teams on information security best practices. * Assist in technical audits of IT Systems and controls. * Other duties as assigned. * Corporate Compliance Responsibility - As an essential function, responsible for complying with Neighborhood's Corporate Compliance Program, Standards of Business Conduct, applicable contracts, laws, rules and regulations, policies and procedures as it applies to individual job duties, the department, and the Company. This position must exercise due diligence to prevent, detect and report unlawful and/or unethical conduct by fellow co-workers, professional affiliates and/or agents

Company Profile Trinity Partners, LLC ("Trinity") *********************************** is a leading healthcare consulting firm based in Waltham, MA that specializes in health care strategy for pharmaceutical, biotech and life sciences firms. Our clients include top tier to venture backed companies worldwide. Trinity provides services to these clients in a variety of practice areas including strategic planning, forecasting and market estimation, licensing and acquisitions, launch strategies, data warehousing and sales force effectiveness. The company consists of approximately 900 employees and is headquartered in Waltham, Massachusetts, with offices in New Jersey, New York, San Francisco, Pennsylvania, Germany, London & India. Trinity is an EEO employer. Chief Information Security Officer The Chief Information Security Officer will lead the development and execution of a comprehensive information security strategy for a global pharmaceutical consulting firm. They will act as the strategic leader of Trinity's cyber defense program as an integral part of the Trinity leadership team. This role will ensure the confidentiality, integrity, and availability of enterprise data, systems, and infrastructure across all geographies. The CISO will collaborate with executive leadership, IT, legal, compliance, and operations to embed security into the company's culture and business processes. The CISO will posses the ability to manage the cybersecurity team to identify, assess and prioritize threats and vulnerabilities across all of Trinity's environment, while effectively influencing and communicating across multiple teams to help create a cohesive security ecosystem. The ideal candidate will be able to build strong relationships across the business to help identify gaps in security controls, as well as direct internal audits. They will possess an ability to 'think like an adversary' and promote security throughout the organization. Key Objectives Strategic Leadership Develop and implement a global information security strategy aligned with business goals and regulatory requirements Establish and maintain enterprise-wide security policies, standards, and procedures. Lead the information security governance, risk management, including responsibility for audit readiness and post-assessment remediation plans, especially for ISO 27001 and 42001 gaps Define and report on key security metrics (e.g., incident response times, vulnerability remediation SLAs, phishing simulation results) to executive leadership and the board Lead the development and enforcement of cloud security strategies across Microsoft 365, Azure, AWS, and other SaaS platforms with emphasis on configuration management, monitoring, and incident detection/remediation in cloud environments Foster a security-first culture by engaging business leaders and department heads in regular security briefings and risk discussions. Lead threat detection, prevention, and response capabilities, including Security Operations Center (SOC) oversight. Ensure the timely investigation, response, and remediation of security incidents and breaches. Establish and document a framework-aligned, business-integrated security ecosystem for Trinity and enable mechanisms to showcase it to customers on a need basis. Lead data protection efforts across Trinity SaaS, Product and Internal environments, including cloud-native services and large-scale repositories. Software Development Lifecycle Oversight Integrate security practices into the full software development lifecycle, including secure architecture, code review, automated testing for vulnerabilities, and DevSecOps principles. Collaborate with IT and Product teams to ensure security controls are embedded from project initiation through deployment. Vendor & Third-Party Risk Management Oversee the security review process for third-party vendors, cloud providers, and partners. Ensure supply chain security and resilience. Operational Oversight Oversee the design and implementation of technical safeguards including access control, encryption, patch management, and threat detection systems Manage the cybersecurity team, including security engineers, analysts, and external vendors (e.g., Managed SOC services) Direct incident response planning and execution, including breach investigations and reporting Ensure secure configuration and monitoring of cloud-native services, including identity, access, and data protection controls Oversee data governance and protection strategies for large-scale data repositories, including SharePoint Online, OneDrive, and Teams Orchestrate regular security audits in SaaS ecosystems, to proactively identify vulnerabilities. Collaborate with international teams to maintain consistent security posture and incident response readiness globally Champion regular security audits and continuous improvement cycles, with a focus on cloud ecosystem vulnerabilities such as drift in Microsoft 365, AWS, Azure, among others. Compliance & Risk Management Work directly with General Counsel and Compliance group to ensure compliance with HIPAA, GDPR, NIST CSF, SOC 2, ISO 27001 and ISO 42001and other global data protection regulations relevant to pharmaceutical consulting Conduct regular risk assessments based on NIST RMF and develop mitigation plans Lead external security audits and accreditation surveys Ensure security practices are adapted to regional regulatory requirements and cultural contexts across North America, Europe, and Asia. Training & Awareness Champion a culture of security awareness across the organization specifically with development teams Develop and deliver training programs tailored to different roles and regions Demonstrated ability to communicate complex security concepts to the board, non-technical stakeholders, and external customers in plain, persuasive language. Technology & Innovation Evaluate and implement emerging security technologies (e.g., CASB, PAM, GRC tools) Align security architecture with frameworks such as NIST CSF, CIS 18, and OWASP Position Requirements: Education: Bachelor's or Master's degree in Information Security, Computer Science, or related field. * Work Experience: 10+[PL1] years of progressive experience in information security, including leadership roles and hands-on security engineering and vulnerability remediation. Other Skills: Knowledge and/or working skills in the following areas: * Experience in pharmaceutical, healthcare, or consulting industries preferred * Certifications such as CISSP, CISM, CEH, GSEC, ECSA, Security+ or CISA strongly preferred * Proven ability to lead cross-functional teams and manage global security operations * Strategic thinking and business acumen * Strong communication and stakeholder engagement skills with demonstrated record of translating technical content for business adoption * Experience with vendor management and contract negotiation * Familiarity with cloud security, application security, and data loss prevention * Understanding of modern threats and exploits * Ability to understand and communicate attack chains to management and key stakeholders * Develop, execute and track the performance of security measures to protect information and network infrastructure and computer systems * Identify, define and document system security requirements and recommend solutions to management * Identify and document security requirements and recommend solutions to management * Ownership of remediation activities for ISO and other regulatory gaps. * Experience managing or working with Managed Security Service Providers (MSSPs) and Security Operations Centers (SOCs). * Familiarity with Zero Trust architecture and identity-centric security models. About Us Trinity Life Sciences is a trusted strategic commercialization partner, providing evidence-based solutions for the life sciences. With 25 years of experience, Trinity is committed to revolutionizing the commercial model by providing exceptional levels of service, powerful tools and data-driven insights. Trinity's range of products and solutions includes industry-leading benchmarking solutions, powered by TGaS Advisors. To learn more about how Trinity is elevating life sciences and driving evidence to action, visit trinitylifesciences.com. Trinity's salary bands account for a wide range of factors that are considered in making compensation decisions including but not limited to skill sets and market demand for skills; level of experience and training; specific qualifications, performance, time in role/company, geographic location, and other business and organizational needs. A reasonable estimate of the current range is $250,000-$300,000 USD. In addition to your base salary, you will also be eligible for an annual discretionary performance bonus. Trinity's Commitment to Diversity, Equity & Inclusion Trinity Life Sciences is an Equal Opportunity Employer that prohibits discrimination and harassment of any kind. Trinity is committed to the principles of diversity, equity, and inclusion and to providing employees with a work environment that is free of discrimination and harassment. All employment decisions at Trinity are based on business needs, job requirements and individual qualifications, without regard to race, color, religion, disability, ethnicity, gender identity or expression, family, parental, or veteran status, and/or any other status based on identity or that is protected by the laws or regulations in the locations where we operate. Trinity will not tolerate any form of discrimination or harassment and encourages applicants of all ages and identities. For more information about Trinity's commitment to diversity, equity, and inclusion, you can visit our website.

Company DescriptionJobs for Humanity is partnering with Capital One to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Capital One Job Description201 Third Street (61049), United States of America, San Francisco, CaliforniaSenior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. What You'll Do: Act as a central Information Security point of contact for the Enterprise Platform team Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Product security consulting in Authentication/Access Management /Identity application and experienced in Authentication and industry-standard protocol for authorization/authorization Basic Qualifications: High School Diploma, GED or equivalent certification At least 8 years of experience working in cybersecurity or information technology At least 7 years of experience providing guidance and oversight of Security concepts At least 7 years of experience performing security risk assessments and security architecture reviews At least 7 years of experience with architecture, software design, networking, and cloud infrastructure At least 5 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 3+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 4+ years of experience in IAM or related areas Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling Experience with Penetration Testing or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and Defensive Security techniques Experience in a regulated environment Strong conceptual thinking, influence and communication skills At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $230,100 - $262,700 for Sr Manager, Cyber TechnicalSan Francisco, California (Hybrid On-Site): $243,800 - $278,200 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to [email protected] Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Basic Qualifications CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $107,529.00 - USD $114,000.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: Cisco Certified Network Associate (CCNA) Security - Cisco - Cisco, GSEC: GIAC Security Essentials Certification - Global Information Assurance Certification (GIAC) - Global Information Assurance Certification (GIAC) Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) III is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: Assist the ISSM in meeting their duties and responsibilities. Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure all IS security-related documentation is current and accessible to properly authorized individuals. Ensure audit records are collected, reviewed, and documented (to include any anomalies) Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. Prepare reports on the status of security safeguards applied to computer systems. Perform ISSO duties in support of in-house and external customers. Conduct continuous monitoring activities for authorization boundaries under your preview. Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: 5+ years related experience, especially in developing RMF packages or bodies of evidence. 2+ years SAP experience required. Prior performance in roles such as System, Network Administrator or ISSO. Education: Bachelor's degree in a related area or equivalent experience (4 years) Certifications: IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II. Clearance Required to Start: TS/SCI required. Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities #ISSO III The likely salary range for this position is $98,345 - $133,055. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA MA Bedford Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

The Director, Information Security holds primary responsibility for safeguarding the Care New England (CNE) computing environment. This includes securing systems across all CNE operating units, directing enterprise-wide cybersecurity strategy, and ensuring compliance with HIPAA, PCI, and all applicable federal, state, local, and industry regulations. The Director serves as the Chief Information Security Officer (CISO) for CNE, providing leadership in risk assessment, incident response, regulatory compliance, and cybersecurity governance. The role oversees information security tools, policies, vulnerability assessments, and monitoring systems; responds to security threats; leads mitigation activities; and collaborates closely with IS teams, Audit/Compliance, HR, Finance, and Legal. This leader develops and manages the Information Security program, directs security staff, sets security standards, leads incident management, evaluates emerging technologies, manages vendor relationships, and ensures organizational readiness through education, training, and participation in business continuity and disaster recovery planning. Duties and Responsibilities: Develop and maintain the enterprise Information Security Program. Establish protection goals, objectives, and metrics aligned with organizational strategy. Serve as the Chief Information Security Officer (CISO) for CNE. Coordinate with the Chief Privacy Officer to ensure compliant reporting of security incidents. Implement, manage, and maintain enterprise security systems and applications. Lead vulnerability assessments and ensure timely remediation. Oversee security incident response, forensic investigations, and threat mitigation efforts. Examine emerging technologies and assess their security implications. Lead ongoing risk assessment programs addressing information security and privacy. Ensure compliance with HIPAA, PCI, and applicable state and federal regulations. Develop and implement security policies, standards, guidelines, and procedures. Coordinate with IS teams, Audit/Compliance, HR, Finance, and Legal to align security efforts. Participate in disaster recovery and business continuity planning. Lead security education and awareness initiatives for staff across CNE. Manage security vendors responsible for operations, maintenance, and enhancements. Ensure vendor service delivery aligns with organizational security requirements and policies. Negotiate and manage contracts and service-level agreements with external partners. Manage, mentor, and develop information security staff. Promote professional growth and maintain awareness of industry trends. Provide input on resource allocation and security budgeting. Maintain 24-hour on-call availability to support critical operational needs. Perform other job-related duties as assigned. Requirements: Bachelor's Degree Required (computer science, MIS or related field) Minimum of 7-10 years of progressive experience in information security, Strong technical background in infrastructure, network security, firewalls, and cloud environments, Experience conducting forensic investigations and managing enterprise security products. Security certifications required: CISSP, GIAC, SANS, or similar. Audit certification preferred: CISA. Participation in national and regional security organizations preferred. Deep knowledge of cybersecurity principles, threat landscapes, and protection technologies. Strong working knowledge of enterprise infrastructure, network security, firewalls, and cloud platforms. Expertise in vulnerability management, forensic investigation, risk assessment, and incident response. Ability to develop enterprise-wide policies and governance frameworks. Strong communication skills for engaging executive leadership and cross-functional stakeholders. Exceptional organization, analytical, and decision-making abilities. Ability to manage technical teams and develop staff. Strong vendor management and contract negotiation skills. Ability to maintain confidentiality and uphold ethical and regulatory standards Additional Information: Care New England Health System (CNE) and its member institutions, Butler Hospital, Women & Infants Hospital, Kent Hospital, VNA of Care New England, Integra, The Providence Center, and Care New England Medical Group, and our Wellness Center, are trusted organizations fueling the latest advances in medical research, attracting top specialty-trained doctors, and honing renowned services and innovative programs to engage in the important discussions people need to have about their health. EEOC Statement: Care New England is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Ethics Statement: Employee conducts himself/herself consistent with the ethical standards of the organization including, but not limited to hospital policy, mission, vision, and values. Americans with Disability Act Statement: External and internal applicants, as well as position incumbents who become disabled must be able to perform the essential job-specific functions either unaided or with the assistance of a reasonable accommodation, to be determined by the organization on a case-by-case basis.

* Bot Attacks Analytics. Akamai hands on experience. * Experience on security tools like OWASP ZAP, Burp Suite, Nessus, or others. Roles & Responsibilities: * Analyze Bot Attacks: Independently analyze and respond to bot attacks in real-time, ensuring minimal disruption to our services. * Pattern Analysis: Identify and analyze attack patterns using Akamai, security logs, and other tools. Query data across various systems to gain comprehensive insights into attack vectors. * Technical Expertise: Utilize your deep understanding of e-commerce applications to contribute to the design and implementation of security features on our platform. * SRE Practices: Apply Site Reliability Engineering (SRE) principles to enhance the reliability, scalability, and security of our infrastructure. * Technology Proficiency: Work with technologies such as Java, Python, SQL. work with monitoring tools like Dataset (centralized logging) and New Relic (observability) * Continuous Learning: Stay updated with the latest security trends, SRE practices, and technologies. Be willing to learn and implement new tools and techniques. * Analytical Skills: Employ strong analytical skills to dissect complex security issues and develop effective mitigation strategies. Create detailed reports and alerts based on system logs and data analysis. * Security Assessment: Conduct thorough security assessments to identify potential vulnerabilities in our features and infrastructure. Propose and drive conversations on necessary feature changes to enhance security. * Vendor Collaboration: Lead discussions with vendors like Akamai and Riskified, ensuring that we leverage their solutions effectively to bolster our security posture. TCS Employee Benefits Summary: * Discretionary Annual Incentive. * Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. * Family Support: Maternal & Parental Leaves. * Insurance Options: Auto & Home Insurance, Identity Theft Protection. * Convenience & Professional Growth: Commute r Benefits & Certification & Training Reimbursement. * Time Off: Vacation, Time Off, Sick Leave & Holidays. * Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. # LI-RJ2 Salary Range - $100,000-$120,000 a year

Site: Mass General Brigham Incorporated Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham. Job Summary Summary The Mass General Brigham (MGB) Information Security Engineer III - Application and Cloud Security Lead provides leadership and expertise within the cybersecurity team, specifically overseeing security practices related to application development and cloud infrastructure. This role is responsible for ensuring robust and secure software development lifecycles, implementing advanced security strategies in cloud environments, and driving continuous improvement in both application security and cloud security posture. The Engineer will lead complex security projects, coordinate cross-team collaboration, and mentor junior and mid-level engineers to foster their professional growth. The ideal candidate is a deeply technical minded security professional focused on secure coding practices or development engineering with experience designing and executing strategic / programmatic roadmaps. The Information Security Engineer III may represent the organization in industry forums or regulatory discussions. Additionally, this role actively engages with external partners, vendors, and stakeholders to establish collaborative security strategies and ensure alignment with industry trends and best-in-class security practices. They should have prior experience building application and/or cloud security programs, and experience in multiple of the following areas: * DevSecOps * Strategic program build and design * Secure Code Development * Application Security Testing Tools * CI/CD Pipeline Hardening * Application and Code Vulnerability Analysis * Cloud security expertise Duties include * Collaboratively design the application and cloud security program to meet the needs of Mass General Brigham. Lead engineers in the execution of the strategic roadmap. * Leads the design, development, testing, and implementation of advanced security controls for application development and cloud environments based on published information security policies and business requirements * Establishes and maintains a secure software development lifecycle (SSDLC), incorporating security checkpoints, threat modeling, secure coding standards, and rigorous testing practices. * Drives the implementation and ongoing management of Cloud Security Posture Management (CSPM) tools and strategies, ensuring continuous monitoring and proactive remediation of cloud security issues. * Implement and maintain code analysis tools (e.g., SAST, DAST, IAST, SCA, etc.) to identify security vulnerabilities in code before deployment. Collaborate with development teams to integrate these tools into workflows and provide actionable insights to remediate identified issues, fostering a proactive approach to secure coding practices. * Serves as a technical leader within the cybersecurity team, providing guidance, mentorship, and professional development opportunities for junior and mid-level security engineers. * Collaborates closely with development, operations, and DevOps teams to embed security seamlessly into software development and deployment processes, fostering a DevSecOps culture. * Conducts and oversees application and cloud security assessments, including penetration testing, code reviews, configuration audits, and vulnerability management efforts. * Innovates by researching, evaluating, and proposing new security technologies and methods specifically designed to improve the organization's application and cloud security maturity. * Ensures high-quality, maintainable, and scalable security solutions through comprehensive architecture reviews, security assessments, and alignment with best practices. * Responds promptly and effectively to complex security incidents involving applications and cloud resources, providing expert guidance and leading remediation efforts. * Engages proactively with vendors, industry partners, and stakeholders to leverage external expertise, technologies, and best practices. * Aligns all actions and decisions with organizational values, including Patients First, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and demonstrates commitment to Diversity & Inclusion, Integrity & Respect, Learning & Continuous Improvement, Personal Growth, and Teamwork & Collaboration. * Performs other duties and responsibilities as assigned. Qualifications * Bachelor's degree in Information Security, Computer Science, or related field; advanced degrees or equivalent professional experience preferred. * Minimum of 5+ years of progressive experience in application security, cloud security, or related cybersecurity roles. * Relevant industry certifications preferred (CISSP, CCSP, CSSLP, AWS/Azure Security Specialty, GIAC certifications). Skills for Success * Expert-level knowledge and practical experience in secure software development methodologies, OWASP Top 10, and application security testing tools (SAST, DAST, IAST). * A comprehensive understanding of secure coding principles, with the ability to guide development teams in adhering to these best practices. Hands-on experience with static and dynamic application security testing tools is preferred. * Proven expertise in securing major cloud platforms (AWS, Azure, GCP), including experience with Cloud Security Posture Management tools, cloud-native security services, and infrastructure-as-code security. * Deep understanding of modern software architectures, microservices, APIs, and container security best practices (e.g., Docker, Kubernetes). * Ability to think strategically, creatively, and innovatively to design and implement robust security controls. * Demonstrated leadership skills with strong project management capabilities, able to effectively communicate complex technical security issues clearly to technical and non-technical stakeholders. * Proven track record of delivering and managing successful security projects and continuous improvement initiatives. * Strong ability to apply documented processes, playbooks, and frameworks (e.g., OWASP, NIST CSF, etc.) to effectively address and resolve a wide variety of application security challenges. * Knowledge of established security frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53 with a focus on their application in securing software and application environments. * Preferred certifications include: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), GIAC Penetration Tester Certification (GPEN), GIAC Experienced Penetration Tester (GX-PT), GIAC Certified Red Team Professional (GRTP), GIAC Security Operations Certified (GSOC), GIAC Security Expert (GSE), etc. * Must know how to use common M365 Office Suite of products. Additional Job Details (if applicable) * M-F Eastern Business Hours required * Hybrid onsite Flexible working model required weekly includes onsite in office (number of days weekly can vary, must be flexible for business needs) * 1-2 onsite days per week * Remote working days require stable, secure, quiet, compliant working station The salary range for this position is $92,102.14 to $155,032,25 annually. At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience, if applicable, education, certifications, and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums, and bonuses as applicable, and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. Remote Type Hybrid Work Location 399 Revolution Drive Scheduled Weekly Hours 40 Employee Type Regular Work Shift Day (United States of America) Pay Range $92,102.40 - $134,056.00/Annual Grade 7 At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience if applicable, education, certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. EEO Statement: Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veteran's Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact Human Resources at **************. Mass General Brigham Competency Framework At Mass General Brigham, our competency framework defines what effective leadership "looks like" by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused, half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance, make hiring decisions, identify development needs, mobilize employees across our system, and establish a strong talent pipeline.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

WHY WORK AT SILK TITLE CO. Silk Title Co. is a privately owned, fast-growing company which handles billions of dollars a year in real estate transactions for some of the nation's top fin-tech institutions. Our motto, Service at Scale, combines our technology, proprietary processes, and talented team to deliver title insurance, search, and settlement services across the nation. Stuffy cover letters and fancy sounding resumes are not our thing. We want people with focused energy, solid work ethic and curious minds capable of absorbing everything we can teach about our business. Our employees are what make our company exceptional; we are a diverse team of problem solvers, QA experts, and business process gurus. We work hard but also know how to incorporate some fun through team building challenges. Our workplace exemplifies our core values of quality, communication, experience, transparency, and respect. ESSENTIAL RESPONSIBILITIES INCLUDE BUT ARE NOT LIMITED TO: • Provide Help Desk support to internal staff, clients, and partners through troubleshooting in person, on the phone, or remotely • Provide customer service by supporting enterprise PC, VoIP, and mobile devices • Champions IT policies and best practices • Configures user accounts through active directory and other proprietary systems • Provisioning, installing, and supporting infrastructure such as switches, firewalls, access points, PCs, printers, and scanners • Analyzing and monitoring systems and reports • Participates in other duties as assigned ***The IT Helpdesk Analyst must live within a commutable distance to the Warwick, RI office.***

The IT Security Analyst I is responsible for supporting the Bank's IT Security preventative and reactive measures including but not limited to Technology governance, risk, and compliance. IT governance-related duties include ensuring security controls are in place, effective, and that risks are recorded and actively being managed. Other tasks include configuration management, asset management, patch management, software/hardware lifecycle, threat intelligence, user activity monitoring, and reporting thereof. This role is expected to be fully aware of the Bank's security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals. Other duties include collaboration with senior IT Security personnel to optimize security tools and processes. Performs any functions, within scope of authority and expertise, to provide the highest level of service and responsiveness to customers and co-workers. This is a Hybrid work schedule, 3 days in the office and 2 days remote in Massachusetts. Responsibilities * IT Governance • Maintain the Bank's IT security program control framework to ensure compliance with industry standards (NIST, CIS, FFIEC) and MSB's IT security control requirements. • Develop systems and processes for identifying, managing, and reporting risks. • Provide governance, risk, and compliance data insights to drive improvement across the IT system. • Compile metrics/reporting for the weekly IT Governance report. Facilitate weekly presentation to stakeholders. • Design and implement security controls for our infrastructure and critical systems. • Assigns responsibility for IT Governance related issues and tracks them to resolution. • Continually working to improve the Banks overall security posture. • Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active t threats. • Manage daily volume of offline computers. Triage and resolve issues so computers can join network and be managed. • Reconcile asset type risk scores regularly and report metrics and issues to IT Division. * IT Security Control Programs • Configuration Hardening: Conduct hardening assessments of hardware and software to identify noncompliance of standards and define remediation requirements. Regular maintenance of configuration hardening benchmarks. • Vulnerability Management: Monitoring, delegation, and investigation of vulnerabilities in a severity-prioritized process. Development, deployment, and automation of scripts for remediation of vulnerabilities. • Patch Management: Systematic testing, deployment, and reporting of system patches. • Threat Intelligence: Monitor, triage, and report on Threat Intelligence alerts accordingly. • Software/Hardware Management: Reconciliation of end-of-life/end-of-support hardware and software. Authorization of software based on weight of business need and risk. Regular upkeep of software versions within Bank infrastructure. * System & Application Administration• Workstation ownership - building, securing, and ongoing management of assigned workstation assets.• Identifying and mitigating vulnerabilities on assigned assets and applications.• Application ownership - configuring, implementing, securing, and ongoing management of the Bank's security applications.Security Operations• Recommend additional security solutions or enhancements to existing security solutions to improve overall security.• Participate in investigations into problematic activity.• Consults with third party vendors/suppliers as required. Requirements Education * Bachelor's Degree in computer science, information systems or equivalent work experience is required Work Experience * 2+ years experience supporting security components and applying security best practices across an enterprise application/network infrastructure is required Additional Requirements * Experience with managing and securing Microsoft Windows or Linux is preferred. * Working knowledge of IT security controls and how to determine their effectiveness. Knowledge, Skills, and Abilities * Understanding of common security technologies and functions (Endpoint AV, Patch Management, Encryption, Vulnerability Scanning, etc.) * Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles * Passion and enthusiasm for Cyber Security * Demonstrates excellent communication, facilitation, efficient decision making and problem solving skills Licenses and Certifications * Certified Information Systems Security Professional (CISSP) or equivalent security related certification Preferred Expected Pay Range From: $62,682 To: $111,280The pay range is the salary we in good faith expect to pay for this role at the time of posting. Actual compensation paid may fluctuate higher or lower than the posted range and the range may be modified in the future due to several factors including, but not limited to, relevant experience, certifications, and qualifications, internal equity, adjustments to the requirements and responsibilities of the job, business needs, and economic and market data. EEO Statement Middlesex Savings Bank is an Equal Opportunity Employer/protected Veterans/Individuals with Disabilities

Job Description Aquinas Consulting is currently looking to fill an IT Security and Compliance Engineer job for our direct client in East Hartford, CT. In this role, you will design, implement, and manage security controls across cloud and on-prem environments while guiding clients through compliance requirements. You will support audits, assess gaps, and respond to incidents - ensuring clients maintain strong security postures. IT Security and Compliance Engineer Job Responsibilities: Design and implement security architectures across cloud, on-prem, and hybrid client environments Manage and optimize security tools including EDR, MDR, MFA, SIEM, firewalls, and VPNs Collaborate with NOC/SOC partners to monitor threats and respond to incidents Conduct gap assessments and advise on remediation plans for compliance frameworks such as NIST, CMMC, and PCI Support client audits by coordinating evidence collection and documentation Perform vulnerability scans, risk assessments, and configuration reviews Create and maintain security policies, procedures, and environment documentation Deliver security awareness training for internal teams and client personnel Develop and execute incident response playbooks and handle security events Improve security processes and tools, ensuring audit readiness and SLA compliance Stay current on industry trends and recommend new security measures Qualifications: Strong knowledge of servers, network infrastructure, and security technologies (firewalls, VPNs, MFA, SIEM, MDR, EDR) Experience securing cloud platforms such as AWS, Azure, or GCP, including IAM and native controls Familiarity with compliance frameworks such as NIST, CMMC, PCI, ISO 27001, etc. Excellent troubleshooting skills and experience supporting incident response Strong written and verbal communication skills with both technical and non-technical audiences Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience) 4+ years in cybersecurity engineering (MSP/MSSP/SOC experience preferred) Relevant certifications such as CompTIA Security+, CISSP, CISM, GIAC, or ISO 27001 Lead Implementer preferred If you are interested in this IT Security and Compliance Engineer job in East Hartford, CT, please apply now to be connected with a member of our team. Please note: Applying to this role is an agreement to have your information entered into our database and acknowledgement that a recruiter will reach out to you either by phone, email, and/or text message regarding this and similar job opportunities. Aquinas Consulting is a woman and minority owned company headquartered in Milford, CT that provides Engineering, Information Technology (IT), and Manufacturing staffing solutions throughout the US. We take pride in 20 years of service to our clients, our hiring managers, our consultants, and our local community. Aquinas is an affirmative action, equal opportunity employer and committed to considering all qualified applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. *************************

Job Specification: Title: Security Operations Center Supervisor Schedule: Thursday-Saturday (10:30pm-6:30am) Pay: $28.85/hour The Security Operations Center (SOC) Supervisor oversees the daily operations of the SOC to ensure the continuous protection of people, property, and assets. The supervisor is responsible for managing SOC Analysts, ensuring compliance with post orders, coordinating incident response, and maintaining communication with site management, field personnel, and clients. Key Responsibilities * Supervise, train, and mentor SOC Analysts to ensure effective performance and adherence to operational procedures. * Oversee monitoring of Avigilon and related security systems across all client sites. * Ensure all incidents, alarms, and emergencies are responded to promptly and documented accurately. * Conduct quality control checks on incident reports, shift summaries, and communications. * Coordinate with site supervisors, managers, and law enforcement as needed during critical incidents. * Develop, review, and update SOC post orders, policies, and standard operating procedures. * Ensure proper shift coverage, scheduling, and timely dissemination of information between shifts. * Assist in performance evaluations, disciplinary actions, and ongoing professional development of SOC staff. * Provide leadership during emergencies and maintain command presence in high-stress situations. Qualifications * High school diploma or equivalent required; Associate or Bachelor's degree preferred (Criminal Justice, Security Management, or related field). * Minimum of 2-4 years of experience in a Security Operations Center, with at least 1 year in a leadership or supervisory role. * Proficient in Avigilon Control Center (ACC) and other video management or access control systems. * Strong leadership, communication, and decision-making skills under pressure. * Experience in report writing, investigation management, and coordination with external agencies. * Proficiency with Microsoft Office Suite and incident tracking software. * Ability to train and motivate a diverse team in a 24/7 operational environment. * Must meet standards for professionalism, conduct, and background clearance. "Securitas is committed to diversity, equity, inclusion and belonging in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other applicable legally protected characteristic." #MetroBoston

ARS is seeking candidates to fill an ISSE Journeyman role located on Hanscom AFB in Bedford, Massachusetts. Our desire is to build a team of highly qualified professionals that will provide expertise in Cybersecurity, Cloud, and Systems Engineering, who will support the development and sustainment of unique secure enclaves at the edge, that provide enterprise services and cyber network defense capabilities to customers across the DoD. This team will provide engineering expertise using technologies such as ePO, Splunk, ACAS, Azure Automation, STIG/SCAP, and other enterprise capabilities. The ISSE will have an active role in monitoring a system and its environment of operation to include developing and updating a System Security Plan, managing and controlling changes to the system, and assessing the security impact. ISAE II certification. CISSP, CASP, CSSLP, CISSP-ISSEP, or CISSP-ISSAP preferred. Why Work with us? Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers. Responsibilities include: Maintain the operational security posture of systems. Monitor systems and environments for security compliance. Develop and update System Security Plans (SSPs). Manage and control system changes and assess their security impact. Handle physical, personnel, and environmental security. Conduct incident response and security awareness training. Assist the ISSM and assume ISSM duties when necessary. Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM; Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package; Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard; Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS; Report all security-related incidents to the ISSM Conduct periodic reviews of information systems to ensure compliance with the security authorization package; Serve as member of the CCB, if designated by the ISSM; Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change; Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization; Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly; Ensure all IS security-related documentation is current and accessible to properly authorized individuals; and Ensure audit records are collected, reviewed, and documented (to include any anomalies). Participate in joint agile backlog planning and provide feedback to the software development team and infrastructure teams around high to medium risk items that require information system owner approval. Other duties as assigned. Qualifications/Technical Experience Requirements: Must be a US citizen Active Secret Security Clearance Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics. ISAE II certification. CISSP, CASP, CSSLP, CISSP-ISSEP, or CISSP-ISSAP preferred. Bachelor's degree in computer science, Engineering, Finance, Business, or related field 5-8 years demonstrated performance in related technology The expected annual salary range: $150k - $165K. Salary is dependent upon the role, associated responsibilities, candidates experience and qualifications to include education/training and key skills. All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals based on disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

The Director, Information Security holds primary responsibility for safeguarding the Care New England (CNE) computing environment. This includes securing systems across all CNE operating units, directing enterprise-wide cybersecurity strategy, and ensuring compliance with HIPAA, PCI, and all applicable federal, state, local, and industry regulations. The Director serves as the Chief Information Security Officer (CISO) for CNE, providing leadership in risk assessment, incident response, regulatory compliance, and cybersecurity governance. The role oversees information security tools, policies, vulnerability assessments, and monitoring systems; responds to security threats; leads mitigation activities; and collaborates closely with IS teams, Audit/Compliance, HR, Finance, and Legal. This leader develops and manages the Information Security program, directs security staff, sets security standards, leads incident management, evaluates emerging technologies, manages vendor relationships, and ensures organizational readiness through education, training, and participation in business continuity and disaster recovery planning. Duties and Responsibilities: Develop and maintain the enterprise Information Security Program. Establish protection goals, objectives, and metrics aligned with organizational strategy. Serve as the Chief Information Security Officer (CISO) for CNE. Coordinate with the Chief Privacy Officer to ensure compliant reporting of security incidents. Implement, manage, and maintain enterprise security systems and applications. Lead vulnerability assessments and ensure timely remediation. Oversee security incident response, forensic investigations, and threat mitigation efforts. Examine emerging technologies and assess their security implications. Lead ongoing risk assessment programs addressing information security and privacy. Ensure compliance with HIPAA, PCI, and applicable state and federal regulations. Develop and implement security policies, standards, guidelines, and procedures. Coordinate with IS teams, Audit/Compliance, HR, Finance, and Legal to align security efforts. Participate in disaster recovery and business continuity planning. Lead security education and awareness initiatives for staff across CNE. Manage security vendors responsible for operations, maintenance, and enhancements. Ensure vendor service delivery aligns with organizational security requirements and policies. Negotiate and manage contracts and service-level agreements with external partners. Manage, mentor, and develop information security staff. Promote professional growth and maintain awareness of industry trends. Provide input on resource allocation and security budgeting. Maintain 24-hour on-call availability to support critical operational needs. Perform other job-related duties as assigned. Requirements: Bachelor's Degree Required (computer science, MIS or related field) Minimum of 7-10 years of progressive experience in information security, Strong technical background in infrastructure, network security, firewalls, and cloud environments, Experience conducting forensic investigations and managing enterprise security products. Security certifications required: CISSP, GIAC, SANS, or similar. Audit certification preferred: CISA. Participation in national and regional security organizations preferred. Deep knowledge of cybersecurity principles, threat landscapes, and protection technologies. Strong working knowledge of enterprise infrastructure, network security, firewalls, and cloud platforms. Expertise in vulnerability management, forensic investigation, risk assessment, and incident response. Ability to develop enterprise-wide policies and governance frameworks. Strong communication skills for engaging executive leadership and cross-functional stakeholders. Exceptional organization, analytical, and decision-making abilities. Ability to manage technical teams and develop staff. Strong vendor management and contract negotiation skills. Ability to maintain confidentiality and uphold ethical and regulatory standards Additional Information: Care New England Health System (CNE) and its member institutions, Butler Hospital, Women & Infants Hospital, Kent Hospital, VNA of Care New England, Integra, The Providence Center, and Care New England Medical Group, and our Wellness Center, are trusted organizations fueling the latest advances in medical research, attracting top specialty-trained doctors, and honing renowned services and innovative programs to engage in the important discussions people need to have about their health. EEOC Statement: Care New England is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Ethics Statement: Employee conducts himself/herself consistent with the ethical standards of the organization including, but not limited to hospital policy, mission, vision, and values. Americans with Disability Act Statement: External and internal applicants, as well as position incumbents who become disabled must be able to perform the essential job-specific functions either unaided or with the assistance of a reasonable accommodation, to be determined by the organization on a case-by-case basis.

Basic Qualifications RRequires a Bachelor's degree in Systems Engineering, or a related Science, Engineering, Technology or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibilityrequirements for access to classified information. Due to the nature of work performed within our facilities, U.S.citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package #CJ3 Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $127,432.00 - USD $140,000.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

ARS is seeking candidates to fill an ISSE Journeyman role located on Hanscom AFB in Bedford, Massachusetts. The selected individual will be able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. *ISAE II certification required. CISSP, CASP, CSSLP, CISSP-ISSEP, or CISSP-ISSAP preferred. Why Work with us? Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers. Responsibilities include: Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF). Recommending policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data. Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals. Conducting systems security evaluations, audits, and reviews. Recommending systems security contingency plans and disaster recovery procedures. Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures. Participating in network and systems design to ensure implementation of appropriate systems security policies. • Facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes. Assessing security events to determine impact and implementing corrective actions. Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services. Perform the Information System Security Engineer (ISSE) duties in an Information Assurance Workforce System Architecture and Engineering (IASAE) position as outlined in AFI 33-200, AFI 33-210 and AFMAN 33-285 for assigned systems. Perform the Information System Security Manager (ISSM) duties as outlined in DoDI 8510.01 for assigned systems/applications. Perform the Information System Security Officer (ISSO) duties as outlined in DoDI 8510.01 for assigned systems/applications. Other duties as assigned. Qualifications/Technical Experience Requirements: Must be a US citizen DoD 8570.01 MMGT512 compliant certification. Experience with the Risk Management Framework (RMF). ISAE II certification. CISSP, CASP, CSSLP, CISSP-ISSEP, or CISSP-ISSAP preferred. Active Secret Security Clearance The expected salary range: $155K -$165k. Salary is dependent upon the role and associated responsibilities, candidate's experience and qualifications to include education/training and key skills. All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals based on disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.