Security architect jobs in Bethlehem, NY

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Principal Information Security Architect provides subject matter expertise for multiple, complex security systems, including developing security architectures and roadmaps, and evaluating, planning and designing security solutions. Additionally, the Principal Architect provides subject matter expertise to Product, IT, Network, and Security teams in the implementation of recommended solutions for identified technical security issues; ensures the implementation of security solutions utilizing advanced technical expertise; serves as architecture lead on major projects with the ability and expertise to develop overall architectural direction; initiates and executes advanced research and development activities of significance to future business security strategies. **The Main Responsibilities** + Drives beneficial security change into the business through the development or review of architectures to ensure that they fit business requirements for security, mitigate risks, conform to the relevant security standards, and balance information risk against the cost of appropriate countermeasures. + Develops and designs new security solutions to reduce risk and align business requirements with security standards. Supports vendor relationships; leads vendor reviews through RFx process, working with Procurement and appropriate business partners on requirements and success criteria. Supports development of business case and approval process. + Delivers guidelines, best practices, and direction on security standards/policies and roadmaps. Provides subject matter expertise, consultation, and escalation support. + Provides support to Security Review process by assisting with complex questions and projects. Work with business units and partners as needed. + Acts as liaison between the business and technology from a security perspective, maintains an overview of the environment as a whole and its security aspects, understands business strategy and how it relates to security strategy, acts as a liaison between appropriate regulatory bodies, IT auditors, and business stakeholders, educates IT and enterprise roles on the need for (and consequences of) reducing information-related risk, and ultimately drives organizational change at all levels of the business. **What We Look For in a Candidate** Required: + Bachelor's degree in computer science, engineering, or related field with 15+ years of relevant experience or + Master's degree in computer science, engineering, or related field with 12+ years of relevant experience. + Applicable professional/technical certifications must be in place, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA. + Knowledge of information security industry and regulatory obligations (ISO 27001/27002, NIST Framework, FISMA, FedRAMP, and GDPR). + Software development experience. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure \#LI-Remote **What to Expect Next** Requisition #: 340981 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name.

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **To foster collaboration and team synergy, this position follows a hybrid model. Employees within a 50-mile radius of our Pittsburgh, Buffalo, or Camp Hill locations will be required to work from the office on Tuesdays, Wednesdays, and Thursdays.** Execute a process to develop a security architecture that processes information of various levels of sensitivity. The security architecture must be compliant with existing enterprise technical security control requirements models. Produce gap analysis documentation to identify any gaps between specific technical security requirements and the architecture of the system and provide detailed technical recommendations on appropriate mitigation measures. Advise and consult clients responsible for the architecture, design, implementation, and deployment of technical security controls on appropriate application of existing security services to solve their problems or enable new business opportunities. Research and evaluate new security technologies to be used as point solutions to gaps where the project is unable to take advantage of or needing greater functionality than reusable enterprise security services. The security architecture work will include network security, network defense, operating system security identity, authentication and authorization, data protection, application security, activity audit and monitoring, mobile computing security, and partner/vendor access to corporate systems/data. **ESSENTIAL RESPONSIBILITIES** + Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members. + Determine security requirements by evaluating business strategies and requirements; conducting system security and vulnerability analyses and risk assessments; identifying integration issues; preparing cost estimates. + Plan security systems by evaluating network and security technologies. + Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures. + Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments. + May begin to provide leadership and mentoring in the areas of expertise and architecture to peers, developers, management and business users including technical expertise, coaching, and ad-hoc training. + Support assurance compliance to required standards, procedures, guidelines and processes. + Other duties as assigned or requested. **REQUIRED EDUCATION** + Bachelor's degree in Information Systems, Computer Science, Information Security, or Engineering, or relevant experience and/or education as determined by the company in lieu of bachelor's degree **PREFERRED EDUCATION** + Master's degree in Computer Science, Information Security or related field **EXPERIENCE** **_Minimum:_** + 5 - 7 years' experience architecting solutions + 5 - 7 years' experience in Information Security + Experience communicating with business partners **_Preferred:_** + 7 - 10 years' experience architecting solutions **SKILLS** + Business communication skills, both written and verbal and able to solve unconventional problems + Understanding of the TCP/IP protocol stack, application protocols such as SNMP, SMTP, DNS, and DHCP; IPSec and SSL VPNs; SSL/TLS protocol knowledge + Understanding of the information technology and information security industries, their current developments, trends, issues, and fundamental concepts + In-depth expertise in analyzing a wide spectrum of technical systems and services robustness and needs, and making practical recommendations to address them + Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasures + Experience with common information security management frameworks, such as HITRUST, ISO 27001, CobiT, ITIL + Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.) + Participate in evaluations and recommend solutions to support enterprises security controls including: networking, firewalls, IDS/IPS, data loss prevention, application security, infrastructure security, and data security **REQUIRED LICENSURE** None **PREFERRED LICENSURE** Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), etc. **TRAVEL REQUIREMENT:** 0%- 25% **LANGUAGE REQUIREMENT (** **_other than English_** **)?** None **PHYSICAL, MENTAL DEMANDS AND WORKING CONDITIONS** ( _The physical, mental demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential function of their job. Reasonable accommodations will be made when necessary to enable individuals with disabilities to perform the essential duties of the position, to the extent that they do not cause undue hardship._ **_Position Type:_** Office-Based **_Office-Based Positions_** An employee in this position works in an office environment. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. Teaches/Trains others regularly Occasionally Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Never Physical Work Site Required Yes **_Most On-The-Road Positions_** An employee in this position may work in a home or company office environment but is also frequently driving to and from various locations to perform the work off-site. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. **_Non-Office-Based Positions_** An employee in this position is frequently required to move throughout the workplace, sit, stand and walk, use hands and fingers to hold objects, tools or controls, possess fine motor skills (e.g., to write and operate a computer or to steer transportation equipment), possess gross motor skills (e.g., to carry items), reach with hands and arms, climb stairs and ladders, balance, stoop, kneel crouch and crawl, communicate effectively, and talk and hear. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus. The employee must be able to work in a busy environment where decisions often must be made quickly, must attend work on a regular and reliable basis, must adhere to all workplace policies, and may be called upon to work outside regular business hours. This work occurs in a [example: warehouse, hospital or provider's office or mailroom]. Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **ADDITIONAL INFORMATION** **Changes Approved By:** Kathleen Thompson **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement:_** _This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies_ As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements. **Pay Range Minimum:** $78,900.00 **Pay Range Maximum:** $147,500.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272809

GE Vernova Research is building a USG Classified Program at our Niskayuna, NY site. Information systems have an important role in this and we are looking for an individual with experience as an Information Systems Security Manager (ISSM) or Information Systems Security Officer (ISSO) to fill our ISSM role and help us build and administer our IS program Job Description Roles and Responsibilities The Information Systems Security Manager will be responsible for leading GE Vernova Research's Classified Information Systems program ensuring it meets or exceeds all requirements. The ideal candidate will be a detail oriented, self-starter with a strong IT background and previous experience supporting classified programs. This role offers a great opportunity to have a significant impact providing leadership in an important, growing area of the company. In this role, you will: * Develop, maintain, and oversee the Information Systems (IS) security program and ensure policies and procedures are documented, up-to-date, and being followed. * Lead and ensure implementation of strong processes in the IS program (i.e. configuration management, change management, vulnerability management, incident management, investigation, reporting, ...). * Stay current with the latest threats, vulnerabilities and best practices, make changes to the program as required, and regularly test security controls to ensure IS security. * In partnership with the FSO, manage IS program relationship with USG representatives and coordinate IS security inspections, tests & reviews. * Develop and implement an effective IS security education, training, and awareness program. * Leverage your skills and abilities to lead and/or assist with GE Vernova Research non-classified IT governance Position Requirements * Bachelor's Degree in Computer Science or in "STEM" Majors (Science, Technology, Engineering and Math) * A minimum of 7 years' professional experience, with a minimum of 5 years' professional experience in IT security or governance (Risk management, Compliance, Audits, Software Governance, etc.) and 2 years as an ISSM or ISSO * Strong process focus, detail oriented * Strong written and verbal communication skills * Strong interpersonal skills and demonstrated ability to work as part of a high performing team * Must be willing to work out of an office located in Niskayuna, NY * Strong analytical and problem-solving skills * Due to the nature of the duties of this position, this role requires the individual to have US Government Security Clearance; prerequisite for a security clearance is U.S. citizenship. Desired Characteristics * U.S. Government classified program ISSM or ISSO experience * Information security certifications (CISSP, CISM, CISA, etc.) * Knowledge of risk management frameworks (ISO, NIST, etc.) * Prior experience in IT operations and support * Self-starter, identifies opportunities for improvement and implements positive change * Project management experience This role requires access to U.S. export-controlled information. If applicable, final offers will be contingent on ability to obtain authorization for access to U.S. export-controlled information from the U.S. Government. Additional Information GE Vernova offers a great work environment, professional development, challenging careers, and competitive compensation. GE Vernova is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. GE Vernova will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable). Relocation Assistance Provided: No For candidates applying to a U.S. based position, the pay range for this position is between $119,200.00 and $198,600.00. The Company pays a geographic differential of 110%, 120% or 130% of salary in certain areas. The specific pay offered may be influenced by a variety of factors, including the candidate's experience, education, and skill set. Bonus eligibility: discretionary annual bonus. This posting is expected to remain open for at least seven days after it was posted on December 18, 2025. Available benefits include medical, dental, vision, and prescription drug coverage; access to Health Coach from GE Vernova, a 24/7 nurse-based resource; and access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services. Retirement benefits include the GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions, as well as access to Fidelity resources and financial planning consultants. Other benefits include tuition assistance, adoption assistance, paid parental leave, disability benefits, life insurance, 12 paid holidays, and permissive time off. GE Vernova Inc. or its affiliates (collectively or individually, "GE Vernova") sponsor certain employee benefit plans or programs GE Vernova reserves the right to terminate, amend, suspend, replace, or modify its benefit plans and programs at any time and for any reason, in its sole discretion. No individual has a vested right to any benefit under a GE Vernova welfare benefit plan or program. This document does not create a contract of employment with any individual.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Introduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. Your role and responsibilities The SAP S/4HANA Defense & Security Architect assists the program solution architect with designing, developing, and implementing the Ministry of Defense for Ukraine's Defense and Security implementation. This role requires a mastery of specific business processes and requirements within the defense and security sectors, ensuring that our solution meets the priorities and needs of the Ukrainians. This individual assists in managing the integration of SAP S/4HANA with other components and systems, as well as oversee the test, deployment and sustainment of these solutions. Requires strong organization and communication skills and knowledge of integration with SAP functional areas. Possesses and applies a comprehensive knowledge across key tasks and high impact assignments Required education High School Diploma/GED Preferred education Bachelor's Degree Required technical and professional expertise * SAP functional SME with more than 15+ years delivering end to end complex SAP projects; experience in one or more SAP S/4HANA Line of Business * Comprehensive knowledge of SAP S/4HANA D&S with one or more successful SAP S/4HANA D&S implementations * Minimum Education: Bachelor's degree in a recognized technical, engineering, scientific, managerial, business, or other discipline related to area of expertise. An additional 4 years of relevant experience may be substituted for the bachelor's degree. * Must be able to obtain and maintain a NATO security clearance Preferred technical and professional experience * Proven stellar communication skills and strong teamwork experience with a multi-lingual team. * Experience leading teams and coordinating with other program leaders and stakeholders located in other time zones (6+ hours difference) * SAP Certified Application Associate ABOUT BUSINESS UNIT IBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet. YOUR LIFE @ IBM In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better. Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background. Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do. Are you ready to be an IBMer? ABOUT IBM IBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world. Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 500 companies relying on the IBM Cloud to run their business. At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world. IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status. OTHER RELEVANT JOB DETAILS IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship. The compensation range and benefits for this position are based on a full-time schedule for a full calendar year. The salary will vary depending on your job-related skills, experience and location. Pay increment and frequency of pay will be in accordance with employment classification and applicable laws. For part time roles, your compensation and benefits will be adjusted to reflect your hours. Benefits may be pro-rated for those who start working during the calendar year.

Provide proven expertise and knowledge in Governance, Risk and Compliance (GRC), internal and external audit and assessment support and Information Security assurance initiatives. A firm knowledge of security compliance controls i.e NIST 800-53r4, HIPAA, HITECH, ISO27001 and other security standard frameworks is an absolute requirement. Gather and analyze metrics, key risk indicators and maintain scorecards defined within the area of information security to ensure the information security program is meeting governance expectations and maturity. This candidate must be familiar with general security risk management principals, healthcare and government-designed security control standards and best practices for security and privacy. Candidate should be familiar with documented security plans, procedures, supporting evidence and risk rating standards based on NIST and other risk management frameworks. Assist with evaluation and testing as well as work with the applicable teams to track, address, and remediate audit and assessment findings to closure. Candidate must be familiar with threats and vulnerabilities, latest trends and risks and be able to understand the technical remediation action steps or plans and communicate them effectively to teams within the organization. Manage policy exceptions with requestors and coordinate the annual exception review process. Requires working directly with various teams to document exceptions, identify compensating controls, and remediation action plans accordingly. Provide process improvement suggestions for more effective management and review of exceptions. Support and help mature the overall security management program. Should be familiar with general governance, risk and compliance (GRC) programs with specific knowledge of government practices, and security risk and policy management. Provide support for ongoing BAA, third party risk reviews, including initial inherent risk, ongoing residual risk, and attestation campaigns. Support and help maintain risk appetite frameworks focused on security and business continuity risks. Additionally, support and maintain other general regulatory risk assurance program functions. Support and address regular IT general controls (ITGC) activity reviews and be able to rate and score maturity and compliance to standard control objectives. A knowledge of security architectures including SDLC, cloud or multi-tenant infrastructure and environments and network/boundary architectures. Should be familiar with SIEM, DLP, and other reporting and protection capabilities. Qualifications This position requires: BS or BA degree in a related field or equivalent work experience. Minimum 5 years in information security, Risk Management, IT compliance, or security/IT risk related field. Strong oral and written communication, as well as good interpersonal skills. Knowledge and experience in standard security and regulatory frameworks including HIPAA, HITECH, NIST 800-53, other NIST standards, ISO 27001/31000, FFIEC and PCI. Possess the ability to solve a wide range of complex problems, requiring ingenuity and innovation. Preferred/Nice-to-haves: Experience using GRC platforms or rating scorecards to show compliance levels and maturity. Experience with SharePoint administration, including workflow and process design. Current Certified Information Systems Security Professional CISSP certification (or similar security profession certificate). Current Certified Information Systems Auditor CISA certification (or similar). Additional Information PlanIT Group, LLC is an Equal Opportunity/Affirmative Action (M/F/D/V) Employer. All your information will be kept confidential according to EEO guidelines.

The New York Independent System Operator (NYISO) manages the efficient flow of electricity on more than 11,000 circuit-miles of high-voltage transmission lines, dispatching power from hundreds of generating units across the state. The New York Independent System Operator (NYISO) applies cutting-edge technology to operating a reliable electricity system, managing competitive markets for wholesale electricity, and planning for the Empire State's energy future. The NYISO's Information Technology department invites applications for a full-time Director, Enterprise Security & Chief Information Security Officer. The Director, Enterprise Security & Chief Information Security Officer is responsible for the design, implementation, and operations of the NYISO's physical and cyber security programs to ensure the protection of NYISO assets, operations, and employees. This position is responsible for all aspects of the NYISO's cyber and physical security program, including security risk management, threat & vulnerability management, incident response, data & information protection, security architecture, security infrastructure management, identity & access management, security training & awareness, and engagement on security matters with both internal and external entities, including government, law enforcement and NYISO stakeholders. The Director, Enterprise Security & Chief Information Security Officer ensures a strong security posture across the organization, with a high degree of operational readiness and capability to detect and respond to continuously evolving threats and vulnerabilities. This position requires the development and management of key external relationships with security service providers, vendors, government intelligence partners, and law enforcement agencies. The Director, Enterprise Security & Chief Information Security Officer leads participation in industry forums to augment the capabilities of the NYISO security staff and directs an internal team of security professionals charged with providing cyber and physical security services. The Director, Enterprise Security & Chief Information Security Officer oversees a security governance, risk, & compliance program that ensures adherence with applicable regulatory frameworks including NERC Critical Infrastructure Protection (CIP) standards and establishes trusted relationships throughout the electric utility industry to collaborate and share pertinent information. The Director, Enterprise Security & Chief Information Security Officer manages a team of cyber and physical security professionals, including a contract armed guard force, and reports directly to the Senior Vice President and Chief Information Officer. ESSENTIAL DUTIES and RESPONSIBILITIES Provides vision and leadership to guide the development of the NYISO cyber and physical security strategy and strategic plan and directs the implementation of the strategy through annual resource, budgetary, and project planning activities. Directs all operational security functions, including oversight of the NYISO's 24/7 Cyber Security Operations Center whose mission is to continuously monitor the threat landscape and immediately respond to events as necessary to protect the NYISO from cyber risks. Serves as senior cyber security escalation point for all cyber incidents and events and directs all activities across the organization during escalated cyber events and incidents. Oversees the cultivation of both classified and unclassified intelligence from government, law enforcement, and commercial partners, with processes that develop it into actionable information to be used by the cyber security analysts on the team. Leads the selection, design, engineering, and development of technical security infrastructure and cloud solutions. Develops security architectures to facilitate the application of security concepts and strategies into practical designs and configurations that are engineered to address evolving security challenges Oversees the NYISO's Security Governance, Risk & Compliance programs including policies and practices ensuring the organization's compliance with NERC Critical Infrastructure Protection standards, security components of Service Organization Control (SOC) 1, and other cyber and physical security standards. Engages in external outreach with NERC, NPCC, and other entities that audit NYISO's compliance with regulatory standards. Oversees the NYISO physical security program, with accountability for the protection of facilities, property, and physical assets, as well as access control & badging systems, video surveillance, workplace violence prevention, and other areas as required. Manages a large contract guard force (including armed guards) to ensure the safety and protection of all who enter NYISO property and facilities. Ensures the safe handling and storage of sidearms employed by armed guards. Develops and implements an engaging and effective security awareness & training program for all NYISO employees and contractors, and fosters a strong security-oriented culture across the NYISO. Works directly with the leaders of business units to facilitate risk analysis and risk management processes, identify acceptable levels of risk, and bridges security and the business units together through strong collaboration. Guides the implementation of information protection policies and processes to protect NYISO information assets from inappropriate disclosure. Manages NYISO employees assigned to the security team, including hiring, training, staff development, performance management and annual compensation review of department employees, and oversees contractors assigned in support of the physical security function. Provides presentations and briefings on all security matters to the Board of Directors, NYISO executive leadership, and industry leaders and dignitaries conveying security concepts in clear and concrete business terms. Oversees the business aspects of the security function including contracting, budgeting, vendor management and asset management. Develops strong, collaborative relationships with security service providers as a key component of the NYISO security program Provides subject matter expertise to senior leadership on a broad range of technical security standards and best practices. Represents the organization at conferences, seminars, and industry events. Establishes effective communications and reporting of security status at all levels of the organization. Briefs executive leadership, board members, and market participants on security matters, including strategy, operational status, security planning, and other matters. Establishes & maintains strong partnerships with local, state and federal law enforcement and other related government agencies. Builds relationships and forums with NYISO's stakeholders seeking to elevate the overall security awareness and posture of NY's electric industry. SUPERVISORY RESPONSIBILITIES This position does possess supervisory responsibility and there are supervisory employees who report to this position. Manages full time and contract employees. QUALIFICATIONS: Bachelor's Degree (BS) in Computer Science, Engineering, Management, or related technical field required; Master's Degree (MS/MBA) strongly preferred. At least fifteen years experience in progressively responsible IT management positions is required. Broad and deep understanding of technical security concepts and familiarity with related technologies and infrastructure, as well as a solid conceptual knowledge of enterprise IT architecture, infrastructure, software, and operational functions. Demonstrable experience in senior positions leading and motivating cross- functional, interdisciplinary teams, including strong enterprise security operations & incident management experience. Project management skills, experience managing department finances & budgets, and contracting and vendor negotiations. Experience in the energy sector and familiarity with Critical Infrastructure Protection standards is strongly desirable. CERTIFICATES, LICENSES, REGISTRATIONS Must be able to obtain and maintain a DHS, DOE, or DOD security clearance to be granted access to classified intelligence and information. Professional cyber security certification, such as a CPP, CISSP, CISM, CISA or other physical and/or information security credentials, is a plus. ADDITIONAL REQUIREMENTS Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, and governmental regulations. Ability to write reports, business correspondence, and procedure manuals. Ability to write presentations and articles for publication that conform to prescribed style and format. Ability to effectively communicate security and risk-related concepts to technical and nontechnical audiences including senior NYISO leadership and the NYISO Board of Directors. Ability to define problems, collect data, establish facts and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables. High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. Proficient with personal computers running the Windows operating system; experience with productivity software such as Microsoft Office applications, e-mail, and Internet programs. PHYSICAL DEMANDS While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand, walk, sit and use hands to perform routine office tasks. The employee is occasionally required to reach with hands and arms. The employee must occasionally lift and/or move up to 15 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. WORK ENVIRONMENT The noise level in the work environment is usually moderate. Contact with staff and public will occur. Travel may be required to attend and/or conduct meetings, conferences and training. This position may require work on nights, weekends or holidays. At the NYISO, we realize the importance of balancing the availability of remote work with the inherent value of bringing people together to attain success in the areas of maximum collaboration, relationship building and growth, teamwork, innovation and problem solving, as well as professional development and mentoring. In this role, you will be required to work onsite from our Rensselaer, NY location several days per workweek, with the option to work remotely on the remaining days. You will also be expected to respond to all business needs that may require any increase to the regular onsite requirements. The NYISO takes pride in recruiting, developing and retaining highly talented individuals. In addition to competitive salaries, we offer a comprehensive benefits package and innovative reward programs. All offers of employment will be made contingent upon the successful completion of a drug screening and background check. The NYISO is an Equal Opportunity Employer and as such, does not discriminate in its hiring or employment practices. #LI-Onsite Salary Range$170,500-$306,400 USD

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About the job : Application Security (AppSec) and DevSecOps Engineer Career Level : Mid-level Who We Are: This is Nexgentek, Inc - where every challenge is an opportunity, and every solution is a masterpiece in the making. As a full-lifecycle IT company, we transcend mere delivery; we engineer success. From inception to implementation, our seasoned expertise shepherds every phase of the journey. Be it planning, analysis, design, development, testing, or the seamless transition to production, we stand as steadfast partners in our clients' progress. At Spearhead Technology, quality isn't a mere aspiration-it's our ethos. Rooted in Tech Advisory, our methodology is guided by insights that spark transformative outcomes. We recognize the paramount importance of talent retention. Through a steadfast commitment to work-life balance, competitive remuneration packages, and an optimized operational model, we ensure our team remains as exceptional as our services. Step into Spearhead Technology, where innovation meets precision, and together, let's sculpt the future of technology with finesse and distinction. Requirements At Nexgentech. Inc, we're committed to building secure, reliable, and innovative systems that our clients and communities can trust. We're looking for an experienced and proactive Application Security (AppSec) and DevSecOps Engineer who is passionate about embedding security into every step of the software development lifecycle. In this role, you'll partner with engineering, operations, and security teams to design and implement scalable security practices that not only safeguard our applications and infrastructure but also support agility and growth. If you enjoy being hands-on, solving complex challenges, and mentoring others on secure development, this role is for you. What You'll Do Secure SDLC Integration Embed security from the earliest stages of design through development and deployment. Work closely with Agile/Scrum teams to identify, track, and resolve security issues during sprint cycles. Conduct security architecture and threat modeling reviews. Lead secure design discussions and threat modeling sessions. Educate development teams on secure coding standards and best practices. Help define and maintain a secure backlog, including user stories and acceptance criteria tied to security requirements. Champion secure development practices across teams and pipelines. CI/CD Pipeline Security Integrate tools for SAST, DAST, SCA, and IaC scanning into CI/CD workflows. Automate security checks to provide continuous feedback and compliance assurance. Ensure outputs are traceable by syncing findings with ticketing and tracking systems. Application Security Perform static and dynamic analysis, vulnerability assessments, and manual code reviews. Coordinate and lead internal and third-party penetration tests. Work with developers to remediate vulnerabilities efficiently and effectively. Track resolution progress through security-focused sprint cycles. Monitor and assess third-party and open-source components for risks. Infrastructure & DevSecOps Harden containerized environments (Docker, Kubernetes) and manage their security posture. Apply secure practices in cloud platforms like AWS, Azure, or GCP using IaC tools (Terraform, CloudFormation). Implement strong secrets management, access controls, and cloud-native protections. Governance & Compliance Align application security practices with standards like ISO 27001, SOC 2, HIPAA, NIST 800-53, and NIST SSDF. Support audit readiness by maintaining evidence and documentation for compliance controls. Map implemented security controls to regulatory frameworks and security policies. What You Bring Required Qualifications Bachelor's degree in Computer Science, Cybersecurity, or equivalent practical experience. 3-5+ years in AppSec, DevSecOps, or similar security-focused engineering roles. Strong experience with security tools: SAST (e.g., Checkmarx, SonarCloud), DAST (e.g., OWASP ZAP, Burp), SCA (e.g., Snyk), IaC scanning (e.g., tfsec). Proficiency with CI/CD systems like Jenkins, GitHub Actions, GitLab CI/CD. Knowledge of secure design principles, OWASP Top 10, and threat modeling. Experience with scripting languages (Python, Bash, etc.). Familiarity with containerization and orchestration (Docker, Kubernetes). Experience in regulated environments (e.g., HIPAA, SOC2) and knowledge of NIST 800-53 and NIST SSDF. Preferred Qualifications Certifications such as OSCP, CISSP, CSSLP, or CEH. Experience with multi-cloud security (Azure, AWS, GCP). Background leading pen tests and managing coordinated remediation. Participation in bug bounty or responsible disclosure programs. Experience with a security champions program. What Sets You Apart You're a great communicator who can translate complex security risks into actionable insights-whether speaking to engineers or executives. You're a natural collaborator who thrives in cross-functional teams. You're adaptable, resourceful, and capable of working independently with a proactive mindset. You bring not just technical acumen but also empathy, curiosity, and a commitment to doing things the right way. Benefits What's in it for you: At Spearhead Technology, we prioritize your well-being and professional growth. Here's what you can expect: Achieve a healthy work-life balance. Competitive compensation and abundant growth opportunities. Enjoy a standard 5-day workweek with 2 fixed weekly offs. Experience an employee-centric environment with supportive policies. Benefit from family-friendly and flexible work arrangements. Access our Performance Advancement and Career Enhancement (PACE) initiative and discover opportunities for both personal and professional growth. From tailored career development plans to expert counseling services, PACE empowers you to chart your course to success with confidence and clarity. Elevate your career trajectory with our Learning & Development (L&D) program. Join our team and embark on a transformative journey of upskilling and self-discovery. With continuous learning as your compass, you'll not only enhance your expertise but also open doors to new opportunities, paving the way for career growth and fulfillment. Please note : At Spearhead Technology, we value the importance of collaboration, learning, and fostering connections with clients, peers, leaders, and communities. While some in-person engagement may be required for certain roles, we are committed to providing flexibility to accommodate your individual work-life balance needs. As an equal opportunities' employer, Spearhead Technology welcomes and encourages applications from all members of society. We are dedicated to creating an inclusive environment where diversity is celebrated, and individuals are valued for their unique perspectives and contributions. We do not discriminate on the basis of race, religion or belief, ethnicity, disability, age, citizenship, marital or civil partnership status, sexual orientation, or gender identity.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Werken bij Kyndryl betekent werken aan vooruitgang. Wij ontwerpen, bouwen, beheren en moderniseren informatiesystemen waar de wereld iedere dag van afhankelijk is. Dat doen we onder andere voor onze klant het Ministerie van Defensie. Daar bouwen we aan een compleet vernieuwde IT-infrastructuur, waardoor de krijgsmacht een hoogwaardige en informatiegestuurde organisatie kan blijven. Wat ga je doen? Jij gaat als Senior Elastic Security & Observability Engineer een belangrijke bijdrage leveren aan het ontwikkelen van observability oplossingen voor applicatie en Infrastructuur beheerders/ontwikkelaars. Bij het ontwikkelen van deze oplossingen denken je samen met de klant end-to-end na over de uitdaging: hoe verzamelen je automatisch data uit gemeenschappelijke databronnen, hoe slaan je deze efficiënt op in Elasticsearch, hoe presenteer je deze informatie aan de gebruiker en welke acties moeten ondernomen worden om de rauwe data om te zetten in bruikbare informatie. Jou taak is werken aan UI's en API's in Kibana voor observability-gebruikers. Je werkt samen met het UI-team en productbeheer om hoogwaardige, intuïtieve en innovatieve UI's en robuuste API's te bouwen om de ervaring te stimuleren. Daarnaast werk je voornamelijk aan IT operations data analytics en je zet deze om naar (Elastic) Rules ten behoeve van het IT operationeel support. Daarnaast ondersteun je het IT Operations team met het verder automatiseren van de (zero touch) deployment van de IT Operations product suite middels Ansible. Verder wordt je verantwoordelijk voor het implementeren van de Security modules binnen Elastic. Daaronder valt bijvoorbeeld het analyseren van data tegen SIEM regels om bepaalde activiteit te detecteren om zo een hogere mate van beveiliging neer te zetten. Waar ga je werken? Je zult hybride werken. Een aantal dagen per week werk je vanuit een klantlocatie in het midden van het land, danwel vanuit het hoofdkantoor van Kyndryl in Hoofddorp en een aantal dagen per week werk je vanuit huis. Belangrijk om te weten: om voor Defensie te mogen werken moet je in het bezit zijn van de Nederlandse nationaliteit en een Nederlands paspoort. Je moet ook Nederlands kunnen spreken en schrijven. Het hoofdkantoor van Kyndryl Nederland is gevestigd in het duurzame Pharos gebouw in Hoofddorp. Onze Kyndryl Social Club organiseert regelmatig informele en inspirerende activiteiten. Wat bieden wij jou? * Een bruto maandsalaris van minimaal €5,400 tot €6,790. Het salarisaanbod kan dit bereik eventueel overschrijden, afhankelijk van de vaardigheden en capaciteiten die je meebrengt naar het team. * Educatieprogramma's en certificeringen om je kennis te verbreden en verdiepen; * Je werkt samen met ervaren collega's; * Verschillende doorgroeimogelijkheden, afhankelijk van je ervaring en interesse; * De Kyndryl Social Club organiseert regelmatig borrels en andere leuke activiteiten; * Kyndryl Cares: jij kunt 1 dag per jaar vrijwilligerswerk doen zonder dat het je wat kost; * De ruimte om je werktijden flexibel in te delen en thuis te werken; * Parttime werken is in overleg mogelijk; * De tools om je werk uit te oefenen: een mobiele telefoon die je ook privé kunt gebruiken en de keuze uit een MacBook of Lenovo laptop; * Een maandelijkse internetvergoeding; * Een bijdrage aan je pensioen: als je bij Kyndryl werkt ben je automatisch aangesloten bij het BeFrank pensioenfonds; * Ruime regelingen voor bijvoorbeeld partnerverlof. Part-time werken is in overleg mogelijk vanaf 32 uur per week. Daarnaast bieden wij jou een open en inclusieve cultuur Diversiteit is veel meer dan hoe we eruit zien of waar we vandaan komen; het is hoe we denken en wie we zijn. We verwelkomen mensen van alle culturen, achtergronden en ervaringen. Deze toewijding om iedereen welkom te heten in ons bedrijf betekent dat Kyndryl jou - en iedereen naast je - de mogelijkheid geeft om je volledig in te zetten in je werk, zowel persoonlijk als in samenwerking met je collega's en actief bij te dragen aan onze cultuur die inclusie en rechtvaardigheid centraal stelt. Onze Kyndryl Inclusion Networks - onze employee resource groups (ERGs) - zijn slechts één van de vele manieren waarop we een werkomgeving creëren waarin alle Kyndryls steun en advies kunnen vinden én geven. Who You Are Vereiste technische en professionele expertise Je bent bekend met meerdere van de hieronder genoemde producten, technologieën en kennisgebieden, en weet deze regelmatig toe te passen in je werk: * Minimaal 5 jaar ervaring met met alle aspecten van Elastic (Observability, Monitoring, Analytics, Security, Machine Learning, Data Ingestie, Indexing); * JavaScript/JSON/Python/YAML programmeervaardigheden; * Ervaring met een moderne MVC style JS Framework; * Sterke communicatievaardigheden om effectief te kunnen communiceren met collega's en stakeholders; * In staat zijn om zelfstandig maar ook in een team te kunnen werken; * Ervaring met het bouwen van Intuïtieve User Interfaces; * Ervaring met het creëren van, en onderhouden van (REST) API's; Overige gewenste competenties en aanvullende technische kennis: * "Out of the Box" denken; * Leergierig en open staan voor nieuwe technologieën en/of methodieken; * Ervaring met React en/of Typescript; * Ervaring met Node.js; * Ervaring met het schrijven van geautomatiseerde testen; * Kennis van andere Observability, Security, Performance of Availability tools/services; * Kennis van StackState, Dynatrace/Suse Observability en IT Open Data Pipelines; Onze ambitie is maximale automatisering van infrastructuurlevering en -beheer. In deze rol werk je nauw samen met diverse teams om slimme automatiseringsoplossingen te ontwikkelen die de operationele efficiëntie verhogen en de kwaliteit van onze dienstverlening verder verbeteren. Ben jij klaar om een sleutelrol te spelen in deze digitale transformatie? Sluit je aan bij ons projectenteam en maak impact ! Being You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

SummaryGE Vernova Research is building a USG Classified Program at our Niskayuna, NY site. Information systems have an important role in this and we are looking for an individual with experience as an Information Systems Security Manager (ISSM) or Information Systems Security Officer (ISSO) to fill our ISSM role and help us build and administer our IS program Job Description Roles and Responsibilities The Information Systems Security Manager will be responsible for leading GE Vernova Research's Classified Information Systems program ensuring it meets or exceeds all requirements. The ideal candidate will be a detail oriented, self-starter with a strong IT background and previous experience supporting classified programs. This role offers a great opportunity to have a significant impact providing leadership in an important, growing area of the company. In this role, you will: Develop, maintain, and oversee the Information Systems (IS) security program and ensure policies and procedures are documented, up-to-date, and being followed. Lead and ensure implementation of strong processes in the IS program (i.e. configuration management, change management, vulnerability management, incident management, investigation, reporting, ...). Stay current with the latest threats, vulnerabilities and best practices, make changes to the program as required, and regularly test security controls to ensure IS security. In partnership with the FSO, manage IS program relationship with USG representatives and coordinate IS security inspections, tests & reviews. Develop and implement an effective IS security education, training, and awareness program. Leverage your skills and abilities to lead and/or assist with GE Vernova Research non-classified IT governance Position Requirements • Bachelor's Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math) • A minimum of 7 years' professional experience, with a minimum of 5 years' professional experience in IT security or governance (Risk management, Compliance, Audits, Software Governance, etc.) and 2 years as an ISSM or ISSO • Strong process focus, detail oriented • Strong written and verbal communication skills • Strong interpersonal skills and demonstrated ability to work as part of a high performing team • Must be willing to work out of an office located in Niskayuna, NY • Strong analytical and problem-solving skills • Due to the nature of the duties of this position, this role requires the individual to have US Government Security Clearance; prerequisite for a security clearance is U.S. citizenship. Desired Characteristics • U.S. Government classified program ISSM or ISSO experience • Information security certifications (CISSP, CISM, CISA, etc.) • Knowledge of risk management frameworks (ISO, NIST, etc.) • Prior experience in IT operations and support • Self-starter, identifies opportunities for improvement and implements positive change • Project management experience This role requires access to U.S. export-controlled information. If applicable, final offers will be contingent on ability to obtain authorization for access to U.S. export-controlled information from the U.S. Government. Additional Information GE Vernova offers a great work environment, professional development, challenging careers, and competitive compensation. GE Vernova is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. GE Vernova will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable). Relocation Assistance Provided: No For candidates applying to a U.S. based position, the pay range for this position is between $119,200.00 and $198,600.00. The Company pays a geographic differential of 110%, 120% or 130% of salary in certain areas. The specific pay offered may be influenced by a variety of factors, including the candidate's experience, education, and skill set.Bonus eligibility: discretionary annual bonus.This posting is expected to remain open for at least seven days after it was posted on December 18, 2025.Available benefits include medical, dental, vision, and prescription drug coverage; access to Health Coach from GE Vernova, a 24/7 nurse-based resource; and access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services. Retirement benefits include the GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions, as well as access to Fidelity resources and financial planning consultants. Other benefits include tuition assistance, adoption assistance, paid parental leave, disability benefits, life insurance, 12 paid holidays, and permissive time off.GE Vernova Inc. or its affiliates (collectively or individually, “GE Vernova”) sponsor certain employee benefit plans or programs GE Vernova reserves the right to terminate, amend, suspend, replace, or modify its benefit plans and programs at any time and for any reason, in its sole discretion. No individual has a vested right to any benefit under a GE Vernova welfare benefit plan or program. This document does not create a contract of employment with any individual.

**Introduction** A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience. **Your role and responsibilities** The SAP S/4HANA Defense & Security Architect assists the program solution architect with designing, developing, and implementing the Ministry of Defense for Ukraine's Defense and Security implementation. This role requires a mastery of specific business processes and requirements within the defense and security sectors, ensuring that our solution meets the priorities and needs of the Ukrainians. This individual assists in managing the integration of SAP S/4HANA with other components and systems, as well as oversee the test, deployment and sustainment of these solutions. Requires strong organization and communication skills and knowledge of integration with SAP functional areas. Possesses and applies a comprehensive knowledge across key tasks and high impact assignments **Required technical and professional expertise** - SAP functional SME with more than 15+ years delivering end to end complex SAP projects; experience in one or more SAP S/4HANA Line of Business - Comprehensive knowledge of SAP S/4HANA D&S with one or more successful SAP S/4HANA D&S implementations - Minimum Education: Bachelor's degree in a recognized technical, engineering, scientific, managerial, business, or other discipline related to area of expertise. An additional 4 years of relevant experience may be substituted for the bachelor's degree. - Must be able to obtain and maintain a NATO security clearance **Preferred technical and professional experience** - Proven stellar communication skills and strong teamwork experience with a multi-lingual team. - Experience leading teams and coordinating with other program leaders and stakeholders located in other time zones (6+ hours difference) - SAP Certified Application Associate IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

As part of Meta Security, our Insider Trust team is dedicated to identifying and responding to insider threats that target our data. Our mission is to detect, investigate, and mitigate damage caused by insider threats. We handle a wide range of abuse cases, including misuse of user data, intellectual property theft, and leaks of sensitive information.We are seeking an experienced Security Engineer to join the team. This role involves investigating, hunting, and automating internal signals to detect malicious activities related to insider threats. **Required Skills:** Security Engineer Investigator, Insider Trust Responsibilities: 1. Perform analysis, and threat hunting from a variety of log sources (e.g., individual host logs, network traffic logs) to identify potential insider threats 2. Create workflows and automations to streamline signal detection, threat hunts, and investigative processes 3. Collaborate with software and production engineering teams to build scalable and adaptable solutions for insider threat investigations 4. Identify gaps in our infrastructure and work with cross-functional partners to improve visibility through logging and automation 5. Build operational workflows and actions to auto-resolve false positives and provide context, scaling investigation capabilities 6. Prioritize efforts to maximize impact by enhancing visibility, automating processes, and scaling investigative capabilities 7. Coach, mentor, and support team members to foster long-term career growth, job satisfaction, and success **Minimum Qualifications:** Minimum Qualifications: 8. Bachelor's degree in Computer Science, Engineering, or equivalent experience 9. 5+ years of experience in Detection & Response Engineering, Insider Threat, or a similar Security Engineering role 10. Technical and procedural expertise in conducting security investigations, including response, forensics, and large-scale log analysis 11. Experience with attacker tactics, techniques, and procedures 12. Proficiency in coding or scripting in one or more general-purpose programming languages **Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************