Information security analyst jobs in Stockton, CA

About the Company Atomus' mission is to provide world class cybersecurity for the world's most critical organizations. We build security compliance software delivered as managed services sold directly, with relevant professional services and support. Examples of our commercial customers include hypersonic aircraft companies, satellite and space mission systems companies, AI and software companies, among many other companies serving primarily the aerospace and defense industry. At Atomus we are hardworking, we move fast, and we put our customers first. About the Role As a Cybersecurity Engineer will work closely with customers to help them implement and fully leverage Atomus' cybersecurity products, maintain compliance with NIST 800-171 and CMMC cybersecurity standards, and solve technical challenges. Our customers depend on Atomus to manage and secure their Windows, MacOS, Ubuntu, iOS, Android devices, and Firewalls while ensuring compliance. We aim to provide the best possible support when they have questions. Our team's main goal is to simplify our customers' lives, for compliance and security. You will serve as the voice of the customer by sharing their feedback and insights with our product team and reporting any issues to our software engineers. We take pride in delivering amazing experiences for our customers. Responsibilities Manage and guide new customers through the onboarding process, ensuring proper setup, configuration, and alignment with their security programs and establishing baseline compliance requirements of NIST 800-171 and CMMC while performing technical tasks/project management required for onboardings. Serve as the first point of contact for technical inquiries, providing debugging, troubleshooting, and solutions for technical IT/security issues related to the Atomus platform. Work closely with internal teams (sales, product, engineering) along with partners/vendors for customer requirements to communicate customer feedback and advocate for customer needs in product development and rolling out 3rd party products. Assist customers in managing and maintaining NIST 800-171 and CMMC compliance requirements, ensuring IT documentation is updated and maintained. Required Skills Experience in a customer-facing technical role, IT administrator, solutions engineer, Technical Customer Success, or TAM role preferably in cybersecurity or compliance. Strong experience with cybersecurity frameworks and technologies (e.g., NIST, CMMC, firewalls, routers, encryption tools). Intermediate networking knowledge of WAN and LAN connectivity, routers, firewalls, switches, security, etc. Experience with Microsoft Intune, Active Directory, Windows, MacOS and ABM, as well as mobile platforms like Android and iOS. Advanced understanding of Microsoft products (Exchange, SharePoint, Windows, Windows Server, Active Directory, etc.). Familiarity with command-line tools (e.g., PowerShell, Terminal) for troubleshooting and deployment. Strong troubleshooting skills, particularly related to network security, software issues, and IT environments. Excellent verbal and written communication skills; ability to explain complex topics to both technical and non-technical audiences. Applicants must have strong emotional intelligence to intuit and match customer sentiment for effective communication. Preferred Skills Prior experience with NIST 800-171, CMMC, or other compliance standards. Ability to manage multiple customer accounts and onboarding projects simultaneously. Familiarity with CRM platforms (HubSpot), and compliance documentation tools while managing SLAs which include customer satisfaction, initial response, and issue resolution times.

Job Title: IT Analyst Duration: 36+ months contract Roles/Responsibilities: Deliverables: Help Desk and End-User Support: The IT Consultant shall provide Tier 1 and Tier 2 support to State staff for OIG-HSR IT tools used for the ARS and WCRIS systems. SOW Section 8.1 Current Inventory and Environment describes the OIG HSR's equipment and services for which this support will be needed. These services may include but not be limited to troubleshooting desktops, laptops, mobile devices, peripheral equipment, and other OIG-HSR IT resources, diagnosing and resolving software, hardware, and network connectivity issues, supporting access to State systems and enterprise applications, and assisting users with VPN or remote access. Issues that cannot be resolved at the consultant level shall be escalated to the appropriate State staff or contractor. IT goods and services for which Help Desk and End-User support will be provided are described below in the section OIG-HSR To ensure accountability and transparency, the IT Consultant shall deliver monthly summaries of incidents and service requests, as well as monthly updates to the State's knowledge base of frequently asked questions and support procedures. Deliverables include: • Incident/Service Request Logs (monthly summary of tickets opened, resolved, pending) • User Support Knowledge Base Updates (monthly, updated FAQs and SOPs) Security and Compliance Support: The IT Consultant shall support the OIG-HSR's development and implementation of information security policies and procedures by: Identifying information security requirements applicable to the OIG-HSR's ARS and WCRIS systems; Developing policies and procedures for complying with those requirements. Training OIG-HSR staff on the information security policies and procedures. Monitoring and reporting to OIG-HSR leadership regarding compliance with information security policies and procedures Maintaining documentation demonstrating continuous compliance with requirements Timely developing and submitting required information technology reports to CDT and other oversight entities. Applying security patches, ensuring antivirus and endpoint protection measures are operational. Promptly reporting any identified security incidents in accordance with policy and procedure and supporting mitigation and resolution activities. Deliverables include: System Security Plan identifying needed information security policies and procedures and a schedule for developing each. Information Security Policies and Procedures Patch & Update Compliance Report (quarterly) Security Incident Log & Response Report (as needed) Asset and Inventory Management: The IT Consultant shall assist the State in managing IT equipment and software assets by creating and maintaining accurate inventory records of desktops, laptops, mobile devices, printers, and other technology. The IT Consultant shall support refresh cycles by preparing and deploying new hardware and software, while ensuring retired equipment is properly tracked and removed from the active inventory. Deliverables shall include an annual IT asset inventory report, along with deployment checklists and acceptance forms for each refresh or rollout. Deliverables include: IT Asset Inventory IT Asset Inventory Report (annual, reconciled against OIGHSR records) Deployment Checklist/Acceptance Form for all new hardware/ software rollouts Documentation and Knowledge Transfer: The IT Consultant shall capture recurring technical issues, resolutions, and procedures in order to enhance organizational knowledge. In addition, the IT Consultant shall deliver training sessions for State staff on new technologies, processes, or common issues relevant to the ARS and WCRIS systems to strengthen internal capabilities. Documentation shall include updated standard operating procedures reviewed biannually and a comprehensive knowledge transfer package at the conclusion of the engagement to ensure continuity of operations. Project Participation and Reporting: The IT Consultant shall actively participate in the OIG-HSR's ARS & WCRIS IT Projects. This includes preparing status updates pertaining to assigned project implementation roles, attending meetings, and coordinating with the PM Consultant, CDT, or OIG-HSR staff as needed. This also includes managing maintenance and operations for the two projects, and adhering to, implementing, and updating the Maintenance and Operations Transition Management Plan. Deliverables include: Reports as directed by OIG-HSR Updates as needed to the Maintenance and Operations Transition Management Plan Additional IT Support as Needed: The IT Consultant shall provide additional IT support to the OIG-HSR as requested. This support may include identifying, evaluating, procuring, implementing, and maintaining IT goods and services needed to support the ARS and WCRIS systems and providing IT subject matter expertise to support audit and investigative teams. Regular Status Reports: Present and deliver written and verbal weekly reports that include an overview of: Completed and upcoming activities • Status of IT Consultant tasks • Status of outstanding incident/service request • Other items as requested by the Project DirectorThe Contractor will deliver these oral reports to the OIG-HSR Project Director. Attend OIG-HSR staff and management meetings to provide updates on the Projects as directed by the Project Director. Mandatory Skills: Key personnel must have a minimum of five (5) years of experience applying analytical processes on IT projects. At least three (3) years of that experience must have been in systems analysis and design. Key personnel must have a minimum of three (3) years of recent, full-time experience providing IT support services (help desk, desktop, or end-user support) within the last ten (10) years. Key personnel's experience must include troubleshooting and resolving hardware, software, and network connectivity issues in a business or government environment. Key personnel must have working knowledge of state of California information security requirements, including SIMM 5300. Key personnel must have a minimum of one (1) year experience supporting California state agencies or departments in developing and implementing information security policies and procedures. Key personnel must have a CompTIA A+, Network+, Security+, or ITIL certification. A copy of certification must be provided with the offer. The certificate must be active and not expired by the time of offer submission and certification must be maintained during the contract term. Equivalent certifications may be accepted at the State's discretion. Key personnel must possess a bachelor's degree. Additional qualifying project management experience may be substituted for the required education on a year-for-year basis, up to four (4) years. Desirable Skills: More than one (1) year experience supporting California state agencies or departments in developing and implementing information security policies and procedures. Experience applying analytical and technical skills to assist in implementing business solutions, including some or all of the following tasks: Documenting an organization's current business process flows Identifying and documenting functional requirements for information systems Working with a product manager to define a product approach to meet user needs Designing, coding and testing functional components of information systems according to project specifications Developing project documentation and user training materials according to program specifications Conducting user training sessions

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: SCITRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Northrop Grumman Mission Systems (NGMS) is seeking a Principal Cybersecurity Analyst/Sr. Principal Cybersecurity Analyst to join our team based in McClellan, CA. What You'll Get to Do: Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. Assist in the implementation of the required government policy (i.e., NISPOM, ICD 503), make recommendations on process tailoring, participate in and document process activities. Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M. Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed. This requisition may be filled as either a Principal Cybersecurity Analyst or Sr. Principal Cybersecurity Analyst. #MPR Basic Qualifications for a Principal Cybersecurity Analyst Bachelor's degree and 5 years of relevant experience; 3 years with a Masters; 1 year with a PhD. An additional 4 years of relevant experience may be considered in lieu of a degree. Active Top Secret clearance with SCI eligibility Must possess an IAT Level II (DoD 8570) certification Experience with Risk Management Framework accreditation functions, including documentation, scanning, assessment, POAM management, through all steps of the RMF Experience with Continuous Monitoring to comply with RMF Experience with cybersecurity, information security and information assurance roles Experience executing and monitoring security tools, such as SIEM, Splunk, and vulnerability and compliance scanners Demonstrated ability to handle multiple levels of classified systems and data and follow data transfer/trusted download/assured file transfer processes Basic Qualifications for a Sr. Principal Cybersecurity Analyst Bachelor's degree and 8 years of relevant experience; 6 years with a Masters. 4 years with a PhD. An additional 4 years of relevant experience may be considered in lieu of a degree. Active Top Secret clearance with SCI eligibility Must possess an IAT Level II (DoD 8570) certification Experience with Risk Management Framework accreditation functions, including documentation, scanning, assessment, POAM management, through all steps of the RMF Experience with Continuous Monitoring to comply with RMF Experience with cybersecurity, information security and information assurance roles Experience executing and monitoring security tools, such as SIEM, Splunk, and vulnerability and compliance scanners Demonstrated ability to handle multiple levels of classified systems and data and follow data transfer/trusted download/assured file transfer processes Preferred Qualifications: Bachelor's degree in a STEM discipline Active TS/SCI clearance Active DoD 8570 IAT Level II, or higher, certification such as CompTIA Security+; required to start and must be maintained Primary Level Salary Range: $137,400.00 - $206,000.00Secondary Level Salary Range: $110,300.00 - $165,500.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Key Responsibilities Architectural Leadership: Design, develop, and maintain the comprehensive security architecture for Cloud Software Group's products and corporate infrastructure. Cloud Security Expertise: Lead the security strategy for our cloud environments, including AWS, Azure, and Google Cloud, ensuring best practices and compliance. Security Domain Knowledge: Provide expert guidance across a broad range of security domains, including application security, network security, identity and access management (IAM), data protection, and incident response. Collaboration and Communication: Work closely with engineering, DevOps, product, and leadership teams to embed security into every stage of the software development lifecycle. Present complex security concepts to both technical and non-technical audiences. Threat Modeling & Risk Analysis: Conduct threat modeling and risk assessments to identify vulnerabilities and recommend mitigation strategies. Mentorship: Mentor and guide junior security professionals, fostering a culture of security awareness and continuous improvement. Compensation may vary depending on your location, qualifications including job-related education, training, experience, licensure, and certification, that could result at a level outside of these ranges. Certain roles are eligible for additional rewards, including annual bonus, and sales incentives depending on the terms of the applicable plan and role as well as individual performance. NY generally ranges: $190,720-$286,080 CA generally ranges: $199,012-$298,518 All other locations fall under our General State range: $165,843-$248,765 Benefits may vary depending on the nature of your employment with Cloud Software Group and the country where you work. U.S. based employees are typically offered access to healthcare, life insurance and disability benefits, 401(k) plan and company match, among others. This requisition has no specific deadline for completion. About Us: Cloud Software Group is one of the world's largest cloud solution providers, serving more than 100 million users around the globe. When you join Cloud Software Group, you are making a difference for real people, each of whom count on our suite of cloud-based products to get work done - from anywhere. Members of our team will tell you that we value passion for technology and the courage to take risks. Everyone is empowered to learn, dream, and build the future of work. We are on the brink of another Cambrian leap -- a moment of immense evolution and growth. And we need your expertise and experience to do it. Now is the perfect time to move your skills to the cloud. Cloud Software Group is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination. All qualified applicants will receive consideration for employment without regard to age, race, color, creed, sex or gender, sexual orientation, gender identity, gender expression, ethnicity, national origin, ancestry, citizenship, religion, genetic carrier status, disability, pregnancy, childbirth or related medical conditions (including lactation status), marital status, military service, protected veteran status, political activity or affiliation, taking or requesting statutorily protected leave and other protected classifications. Cloud Software Group will consider qualified applicants with a criminal history and conduct the recruiting process in accordance with the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers and San Diego Fair Chance Ordinance. For access to the laws see the following links: California FCA and Los Angeles FCO. If you need a reasonable accommodation due to a disability during any part of the application process, please contact us at **************, HR directly via ************** or email at *************** for assistance.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

This job requires relocation to the United States, Silicon Valley, through the use of a TN visa. If selected for this job, the process of coming to the United States will be handled by Tech-Mex. The Information Security Engineer maintains 24x7 support, responds to vendor security questionnaires, performs monitoring and maintenance of the security infrastructure and components, participates in project planning and deployment of new technologies and will be responsible for remediation of identified compliance and risk gaps. He/she works independently, operating under the defined guidelines established by the Director of Information Technology and Security. ESSENTIAL Job Duties & Responsibilities Monitor and advise on information security issues related to the systems and workflow to ensure the internal and external security controls for the company are appropriate and operating as intended Documenting gaps between vendor requirements and National MIs infrastructure Coordinate and execute IT security projects Coordinate response to information security incidents Conduct company-wide audits and manage remediation plans Collaborate with other areas of IT to manage security vulnerabilities Conduct research to keep abreast of latest security issues Ensures that system documentation is accurate and updated as needed Participates in disaster recovery (DR) exercises as directed Logfile review and analysis Install and maintain new systems Prioritize remediation of gaps based on internal and external audits Prepares compliance reports by collecting, analyzing, and summarizing data Evaluates information to determine compliance with laws, regulations, or standards MINIMUM QUALIFICATIONS 3-5 plus years related work experience Vendor audit and compliance experience, preferably with the SIG framework Strong technical skills in anti-virus, DLP, and PKI Strong experience with the McAfee suite of products Solid understanding of networking concepts and system administration Experience with Nessus, RSA envision, RedHat Linux and database security Knowledge of data compliance and privacy standards and regulations as they apply to insurance and banking industries Knowledge of Information Security Standards (ISO27001, NIST, etc) Self-motivated, self-directed and shows attention to detail while working Ability to effectively prioritize and execute reporting tasks in a fast-paced, results-driven environment Extensive experience working in a team-oriented, collaborative environment with a diverse team of business and IT staff Bachelor's degree in Computer Science or Information Systems preferred; Professional certifications are an advantage Essential Worker Competencies The ability to function independently with minimal supervision. Works ethically and with integrity supporting organizational goals and values Displays commitment to excellence Completes work in a timely manner and meets deadlines Good verbal and written communication skills Meets productivity standards and achieves key outcomes Is dependable and keeps commitments Contributes to building a positive team spirit and treats others with respect Candidate will be relocated to the United States

We are seeking an experienced and proactive DevSecOps engineer with expertise in AWS and AZURE Platforms to join our Cybersecurity Application Platform Security Team. This role combines expertise in AWS & AZURE platforms security with a strong foundation in DevSecOps practices to ensure the ‘secure by design', ‘secure by default' principles throughout development, deployment, and operation of AWS & AZURE platforms. The ideal candidate will have hands-on experience with Cybersecurity platforms, with a deep understanding of AWS & AZURE cloud platforms. This position plays a critical role in assisting customer portfolio teams to secure SaaS, PaaS platforms, maintain compliance and availability. DevSecOps engineer role responsible for security automation of cloud services. Job Responsibilities Secure the AWS & AZURE Platform: Implement best practices to ensure AWS & AZURE applications are “secure by design” and “secure by default” protecting sensitive data and workflows. Provide guidelines on usage of AppExchange / Vendor products versus using out of box capabilities with a keen eye for cybersecurity risk. Risk Identification & Mitigation: Proactively identify security risks across the AWS & AZURE ecosystem and implement solutions to address vulnerabilities. DevSecOps Enablement: Drive DevSecOps practices within the organization by embedding security into the development lifecycle of AWS & AZURE applications. Collaboration with Stakeholders: Partner with various customer portfolio teams to influence their roadmaps, ensuring security is a foundational element in their strategies. Data Security & Compliance: Ensure compliance with data protection regulations and implement robust data security measures within AWS & AZURE and integrated systems. Cloud Integration Expertise: Leverage your knowledge of AWS & AZURE to secure integrations Continuous Improvement: Stay up to date on emerging threats, trends, and technologies in application security to continuously improve our security posture. Communication & Advocacy: Act as a trusted advisor on security matters, effectively communicating complex technical concepts to both technical and non-technical stakeholders. Qualifications We're looking for someone with: Recent 5+ years of experience in IT focused on DevSecOps, DevOps or Security Engineering roles. Recent 3+ years of shell scripting, aws-cli, python, lambda. Recent 1+ years of Terraform deployments and Terraform templates (Infrastructure as Code). Knowledge of and experience with CI/CD technologies. Knowledge of and experience with continuous security practices. Knowledge of infrastructure automation and infrastructure as code. Demonstrated ability to integrate security practices into AWS & AZURE applications. Proficiency in data protection techniques such as encryption, tokenization, and access controls. Bachelor's degree in computer science, Information Security, or a related field. Desired Skills Experience with Salesforce, SAP, and MuleSoft architecture, development, and administration with a focus on platform security (e.g., profiles, roles, permissions, encryption). Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives. Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps. Preferred Technical Skills/ Qualifications Relevant certifications in Cybersecurity - SSCP, CISSP, CISM preferred. AWS certifications (e.g., AWS Certified Solutions Architect or AWS Certified Security Specialty). AZURE certifications. Experience with regulatory frameworks like GDPR, CCPA, or HIPAA. The ideal candidate will be passionate about security, have a proactive mindset, and be able to balance security requirements with business needs. They should be comfortable working in a fast-paced environment and be able to adapt to evolving security threats and technologies Salary Range $63.58 - $100.38 USD (Hourly) Please note that the salary information provided herein is base pay only (gross); it does not include other forms of compensation which may or may not apply to this specific position, namely, performance-based bonuses, benefits-related payments, or other general incentives - none of which are guaranteed, may be subject to specific eligibility requirements, and are wholly within the discretion of Astreya to remit. Further, the salary information noted above is a range that consists of a minimum and maximum rate of pay for this specific position. Where an applicant or employee is placed on this range will depend and be contingent on objective, documented work-related considerations like education, experience, certifications, licenses, preferred qualifications, among other factors. Astreya offers comprehensive benefits to all Regular, Full-Time Employees, including: Medical provided through Cigna (PPO, HSA, EPO options) / Medical provided through Kaiser (HMO option only) for California employees only Dental provided through Cigna (DPPO & DHMO options) Nationwide Vision provided through VSP Flexible Spending Account for Health & Dependent Care Pre-Tax Account for Commuter Benefit/Parking & Transit (location-specific) Continuing Education and Professional Development via various integrated platforms, e.g. Udemy and Coursera Corporate Wellness Program Employee Assistance Program Wellness Days 401k Plan Basic Life, Accidental Life, Supplemental Life Insurance Short Term & Long Term Disability Critical Illness, Critical Hospital, and Voluntary Accident Insurance Tuition Reimbursement (available 6 months after start date, capped) Paid Time Off (accrued and prorated, maximum of 120 hours annually) Paid Holidays Any other statutory leaves, paid time, or other fringe benefits required under state and federal law

Hands-on cloud security engineer who has a deep understanding of emerging technologies including Openstack, PaaS - Pivotal cloud foundry, Mesos, Docker container, Security, Software defined networks, Cloud integration technologies. Hands-on deployment of AWS\Azure IaaS components necessary to support the Cyber Security deployment needs, as well as approved Cyber Security specific solutions in the AWS\Azure environment to support these efforts. Qualifications Bachelor's Degree in STEM and/or a minimum of 4 years of equivalent experience Minimum of 6 years of experience of application design and architecture Minimum of 6 years of experience with deployment of cloud controls for infrastructure, platform, and applications (IaaS/SaaS/PaaS) AWS and Azure experience a must Additional Information All your information will be kept confidential according to EEO guidelines.

Sonsoft , Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. Sonsoft Inc. is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services. Job Description Our client has a contract opportunity in the Sacramento area for an Information Security Consultant. The current project goes until December, 31st 2017. There is the possibility that it will go longer. Requirements: • 2 (or more) years of demonstrable experience conducting PCI assessments with project dates. • CISSP • QSA Additional Information ** U.S. Citizens and those who are authorized to work independently in the United States are encouraged to apply. We are unable to sponsor at this time. Note:- This is a Contract job opportunity for you. Only US Citizen, Green Card Holder, GC-EAD, H4-EAD, L2-EAD, OPT-EAD & TN-Visa can apply. No H1B candidates, please. Please mention your Visa Status in your email or resume. ** All your information will be kept confidential according to EEO guidelines.

Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada. With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company. Procom's areas of staffing expertise include: • Application Development • Project Management • Quality Assurance • Business/Systems Analysis • Datawarehouse & Business Intelligence • Infrastructure & Network Services • Risk Management & Compliance • Business Continuity & Disaster Recovery • Security & Privacy Specialties• Contract Staffing (Staff Augmentation) • Permanent Placement (Staff Augmentation) • ICAP (Contractor Payroll) • Flextrack (Vendor Management System) Job Description IT Analyst On behalf of our client, Procom Services is searching for an IT Analyst for a contract opportunity in Folsom, CA. IT Analyst Job Details Position is needed to support the Enforcement process of the Patching Pipeline. A basic understanding of Information Security and patching is needed. Candidate will be responsible for enforcement of security and or non-security IT related patches. Ability to efficiently prioritize and organize competing work demands with little oversight. IT Analyst Mandatory Skills Experience in creating varied documentation as audiences can vary between technical and non-technical users including management. Must have a great attention to detail along with the ability to use standard Office products with Excel at the forefront. IT Analyst Start Date ASAP IT Analyst Assignment Length 4 Months "Please note that we are not able to work with candidates on H1B Visas or candidates represented by third parties." Additional Information All your information will be kept confidential according to EEO guidelines. Please send your resume in Word format only.

Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada. With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company. Procom's areas of staffing expertise include: • Application Development • Project Management • Quality Assurance • Business/Systems Analysis • Datawarehouse & Business Intelligence • Infrastructure & Network Services • Risk Management & Compliance • Business Continuity & Disaster Recovery • Security & Privacy Specialties• Contract Staffing (Staff Augmentation) • Permanent Placement (Staff Augmentation) • ICAP (Contractor Payroll) • Flextrack (Vendor Management System) Job Description Position is needed to support the Enforcement process of the Patching Pipeline. A basic understanding of Information Security and patching is needed. Candidate will be responsible for enforcement of security and or non-security IT related patches. Ability to efficiently prioritize and organize competing work demands with little oversight. Qualifications PLEASE NOTE THAT WE ARE NOT ABLE TO WORK WITH CANDIDATES ON H1B VISAS OR CANDIDATES REPRESENTED BY THIRD PARTIES. Experience in creating varied documentation as audiences can vary between technical and non-technical users including management. Candidates must have a great attention to detail along with the ability to use standard Office products with Excel at the forefront. Additional InformationPLEASE NOTE THAT WE ARE NOT ABLE TO WORK WITH CANDIDATES ON H1B VISAS OR CANDIDATES REPRESENTED BY THIRD PARTIES.

Job Title: IT Applications Analyst III Employment Type: Contract About Us DMV IT Service LLC, founded in 2020, is a trusted IT consulting firm specializing in IT infrastructure optimization, cybersecurity, networking, and staffing solutions. We partner with clients to achieve technology goals through expert guidance, workforce support, and innovative solutions. With a client-focused approach, we also provide online training and job placements, ensuring long-term IT success. Job Purpose We are looking for a skilled and proactive IT Applications Analyst III to design, maintain, and enhance applications that support probation operations. The ideal candidate will combine technical development expertise with strong problem-solving and support skills to ensure the smooth performance and continuous improvement of critical systems. Requirements Key Responsibilities: Develop, enhance, and maintain probation-related applications and databases. Provide technical support and troubleshooting for system users. Collaborate with cross-functional teams to identify, design, and implement system improvements. Monitor application performance, diagnose issues, and implement timely fixes. Document system configurations, processes, and support procedures. Participate in testing, deployment, and version upgrades of probation systems. Ensure compliance with data security, privacy, and operational policies. Required Skills & Experience: Proven experience in application development and technical support. Proficiency in programming languages, frameworks, and database management. Strong analytical and problem-solving abilities. Experience in system maintenance, performance tuning, and user support. Familiarity with probation, justice, or government systems is preferred. Excellent communication and documentation skills.

* AD Account and Group migration between domains. * Kofax Capture product administration and desktop client installation. * Design, configure, and manage SharePoint Online environments, including *site collections, hub sites, communication sites, and team sites*. * Create and maintain *content types, site templates, lists, libraries, and PnP Searches* to support business processes. * Manage *document libraries, versioning, permissions, retention policies, and metadata*. * Monitor and optimize *SharePoint storage usage*, request and configure storage increases when needed. * Implement and enforce *governance and security best practices* across M365/SharePoint environments. * Run and maintain *PowerShell scripts* for automation, reporting, and advanced administration tasks. * Collaborate with business units to translate requirements into SharePoint solutions. * Troubleshoot issues related to *SharePoint Online, OneDrive, and Teams integration*. * Manage *user access, groups, and permissions* across M365 services. * Work with Microsoft support and vendors on escalated issues. *Required Skills* * Strong communication and documentation skills. * Problem-solving skills and ability to work with technical and non-technical users. * AD and Azure AD account and group maintenance * Strong experience with *SharePoint Online administration* * Hands-on experience creating and managing *content types, hub sites, and custom site structures*. * Knowledge of *document management principles* (retention, classification, versioning). * Proficiency in *PowerShell* for automation and scripting tasks. * Familiarity with *Microsoft Teams, OneDrive, and Exchange Online integration* with SharePoint. * Understanding of *permissions models, Azure AD groups, and role-based access control*. * Experience in *storage monitoring and scaling within M365*. * Kofax Capture administration *Preferred Qualifications* * *Microsoft 365 Certified: Teams Administrator Associate* or *SharePoint Administrator Associate*. * Experience with *workflow automation* and *custom scripting beyond PowerShell* (Graph API, PnP). * Experience with *Power Platform tools* (Power Automate, Power Apps, Power BI) to extend SharePoint solutions. * Knowledge of *Microsoft Purview (compliance, retention, data loss prevention)*.

We're delighted you're considering joining us! At Hill Physicians Medical Group, we're shaping the healthcare of the future: actively managed care that prevents disease, supports those with chronic conditions and anticipates the needs of our members. Join Our Team! Hill Physicians has much to offer prospective employees. We're regularly recognized as one of the "Best Places to Work in the Bay Area" and have been recognized as one of the "Healthiest Places to Work in the Bay Area." When you join our team, you're making a great choice for your professional career and your personal satisfaction. DE&I Statement: At PriMed, your uniqueness is valued, celebrated, encouraged, supported, and embraced. Whatever your relationship with Hill Physicians, we welcome ALL that you are. We value and respect your race, ethnicity, gender identity, sexual orientation, age, religion, disabilities, experiences, perspectives, and other attributes. Our celebration of diversity and foundation of inclusion allows us to leverage our differences and capitalize on our similarities to better serve our communities. We do it because it's right! Job Description: We are seeking a skilled Governance, Risk, and Compliance (GRC) Engineer to strengthen our security posture and ensure adherence to healthcare regulations. The GRC Engineer will play a vital role in designing, implementing, and maintaining risk management processes, compliance frameworks, and policies that align with healthcare regulations such as HIPAA and HITECH. The ideal candidate will have experience with tools like SAI360, CyberArk, and other compliance and security platforms. Job Responsibilities: * Develop, implement, and maintain GRC policies, processes, and controls in alignment with industry best practices and regulatory requirements (e.g., HIPAA, HITECH, NIST, ISO 27001). * Perform risk assessments and develop mitigation strategies for identified security risks. * Administer and optimize SAI360 for governance, risk management, and compliance activities, including reporting and policy management. * Collaborate with cross-functional teams to ensure new projects and systems are designed with security and compliance in mind. * Monitor and report on compliance status, identifying gaps and proposing remediation strategies. * Oversee third-party vendor risk assessments and ensure adherence to security requirements. * Support internal and external audits by providing documentation, evidence, and responses to audit findings. * Conduct security awareness training programs and promote a culture of compliance within the organization. Required Experience/Skills/Knowledge: * 5+ years of experience in Governance, Risk, and Compliance roles or a related field. * Strong knowledge of healthcare regulations, including HIPAA, HITECH, and other relevant standards. * Proficiency in GRC tools such as SAI360 for compliance and risk management. * Experience with privileged access management tools like CyberArk. * Solid understanding of risk assessment methodologies and security frameworks, including NIST CSF, ISO 27001, or COBIT. * Excellent communication and collaboration skills to engage with technical and non-technical stakeholders. * Strong analytical and organizational skills with attention to detail. Preferred Experience/Skills/Knowledge: * Experience working in the healthcare industry or with Protected Health Information (PHI). * Familiarity with tools such as Varonis, Extrahop, or SIEM platforms. * Knowledge of data classification, data loss prevention (DLP), and data governance. * Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Risk and Information Systems Control (CRISC). * Experience implementing compliance with NIST 2.0 or managing frameworks for healthcare-related threats. Required Education: * Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. * Equivalent work experience may be considered in lieu of a degree. Additional Information: This role is critical in maintaining our organization's compliance with healthcare security standards and reducing risk exposure. The position offers a collaborative environment with opportunities for professional development and certifications. Competitive salary and benefits package, with the chance to make a significant impact on healthcare security. Salary: $135,000 - $150,000 Annual Hill Physicians is an Equal Opportunity Employer

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Hands-on cloud security engineer who has a deep understanding of emerging technologies including Openstack, PaaS - Pivotal cloud foundry, Mesos, Docker container, Security, Software defined networks, Cloud integration technologies. Hands-on deployment of AWS\Azure IaaS components necessary to support the Cyber Security deployment needs, as well as approved Cyber Security specific solutions in the AWS\Azure environment to support these efforts. Qualifications Bachelor's Degree in STEM and/or a minimum of 4 years of equivalent experience Minimum of 6 years of experience of application design and architecture Minimum of 6 years of experience with deployment of cloud controls for infrastructure, platform, and applications (IaaS/SaaS/PaaS) AWS and Azure experience a must Additional Information All your information will be kept confidential according to EEO guidelines.

We're delighted you're considering joining us! At Hill Physicians Medical Group, we're shaping the healthcare of the future: actively managed care that prevents disease, supports those with chronic conditions and anticipates the needs of our members. Join Our Team! Hill Physicians has much to offer prospective employees. We're regularly recognized as one of the “Best Places to Work in the Bay Area” and have been recognized as one of the “Healthiest Places to Work in the Bay Area.” When you join our team, you're making a great choice for your professional career and your personal satisfaction. DE&I Statement: At PriMed, your uniqueness is valued, celebrated, encouraged, supported, and embraced. Whatever your relationship with Hill Physicians, we welcome ALL that you are. We value and respect your race, ethnicity, gender identity, sexual orientation, age, religion, disabilities, experiences, perspectives, and other attributes. Our celebration of diversity and foundation of inclusion allows us to leverage our differences and capitalize on our similarities to better serve our communities. We do it because it's right! Job Description: We are seeking a skilled Governance, Risk, and Compliance (GRC) Engineer to strengthen our security posture and ensure adherence to healthcare regulations. The GRC Engineer will play a vital role in designing, implementing, and maintaining risk management processes, compliance frameworks, and policies that align with healthcare regulations such as HIPAA and HITECH. The ideal candidate will have experience with tools like SAI360, CyberArk, and other compliance and security platforms. Job Responsibilities: Develop, implement, and maintain GRC policies, processes, and controls in alignment with industry best practices and regulatory requirements (e.g., HIPAA, HITECH, NIST, ISO 27001). Perform risk assessments and develop mitigation strategies for identified security risks. Administer and optimize SAI360 for governance, risk management, and compliance activities, including reporting and policy management. Collaborate with cross-functional teams to ensure new projects and systems are designed with security and compliance in mind. Monitor and report on compliance status, identifying gaps and proposing remediation strategies. Oversee third-party vendor risk assessments and ensure adherence to security requirements. Support internal and external audits by providing documentation, evidence, and responses to audit findings. Conduct security awareness training programs and promote a culture of compliance within the organization. Required Experience/Skills/Knowledge: 5+ years of experience in Governance, Risk, and Compliance roles or a related field. Strong knowledge of healthcare regulations, including HIPAA, HITECH, and other relevant standards. Proficiency in GRC tools such as SAI360 for compliance and risk management. Experience with privileged access management tools like CyberArk. Solid understanding of risk assessment methodologies and security frameworks, including NIST CSF, ISO 27001, or COBIT. Excellent communication and collaboration skills to engage with technical and non-technical stakeholders. Strong analytical and organizational skills with attention to detail. Preferred Experience/Skills/Knowledge: Experience working in the healthcare industry or with Protected Health Information (PHI). Familiarity with tools such as Varonis, Extrahop, or SIEM platforms. Knowledge of data classification, data loss prevention (DLP), and data governance. Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Risk and Information Systems Control (CRISC). Experience implementing compliance with NIST 2.0 or managing frameworks for healthcare-related threats. Required Education: Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. Equivalent work experience may be considered in lieu of a degree. Additional Information: This role is critical in maintaining our organization's compliance with healthcare security standards and reducing risk exposure. The position offers a collaborative environment with opportunities for professional development and certifications. Competitive salary and benefits package, with the chance to make a significant impact on healthcare security. Salary: $135,000 - $150,000 Annual Hill Physicians is an Equal Opportunity Employer

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************