Security architect jobs in Dartmouth, MA

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Job Description We are looking to fill multiple full time positions as Information Security Architects in Cumberland RI. Qualifications A minimum of 5+ years of relevant security domain experience. 3+ years of hands on technical experience in network and perimeter security A minimum of 3 years in an architecture role and be able to lead/step up as needed Demonstrated expertise in integrating/developing security solutions in a 7x24 production environment Prior experience in defining the technology strategy for a large, global organization, and the ability to influence and persuade peers and colleagues in other reporting structures Strong Plus Skills: Industry recognized certifications such as CISA, CISM, CISSP, or SANS GIAC are a plus Virtualization Security experience is a strong plus (VMware ESX 6.x, Hytrust, Hypervisor, in-hypervisor malware control. Virtual NIC, NSX or equivalent.) Knowledge of risk assessment methodologies, IT policies and standards Knowledge of vulnerability identification tools, Qualys, Veracode, Qualys WAS. Additional Information In person interview is acceptable.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Company DescriptionJobs for Humanity is partnering with Capital One to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Capital One Job Description201 Third Street (61049), United States of America, San Francisco, CaliforniaSenior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. What You'll Do: Act as a central Information Security point of contact for the Enterprise Platform team Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Product security consulting in Authentication/Access Management /Identity application and experienced in Authentication and industry-standard protocol for authorization/authorization Basic Qualifications: High School Diploma, GED or equivalent certification At least 8 years of experience working in cybersecurity or information technology At least 7 years of experience providing guidance and oversight of Security concepts At least 7 years of experience performing security risk assessments and security architecture reviews At least 7 years of experience with architecture, software design, networking, and cloud infrastructure At least 5 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 3+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 4+ years of experience in IAM or related areas Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling Experience with Penetration Testing or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and Defensive Security techniques Experience in a regulated environment Strong conceptual thinking, influence and communication skills At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $230,100 - $262,700 for Sr Manager, Cyber TechnicalSan Francisco, California (Hybrid On-Site): $243,800 - $278,200 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to [email protected] Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

The Director, Information Security holds primary responsibility for safeguarding the Care New England (CNE) computing environment. This includes securing systems across all CNE operating units, directing enterprise-wide cybersecurity strategy, and ensuring compliance with HIPAA, PCI, and all applicable federal, state, local, and industry regulations. The Director serves as the Chief Information Security Officer (CISO) for CNE, providing leadership in risk assessment, incident response, regulatory compliance, and cybersecurity governance. The role oversees information security tools, policies, vulnerability assessments, and monitoring systems; responds to security threats; leads mitigation activities; and collaborates closely with IS teams, Audit/Compliance, HR, Finance, and Legal. This leader develops and manages the Information Security program, directs security staff, sets security standards, leads incident management, evaluates emerging technologies, manages vendor relationships, and ensures organizational readiness through education, training, and participation in business continuity and disaster recovery planning. Duties and Responsibilities: Develop and maintain the enterprise Information Security Program. Establish protection goals, objectives, and metrics aligned with organizational strategy. Serve as the Chief Information Security Officer (CISO) for CNE. Coordinate with the Chief Privacy Officer to ensure compliant reporting of security incidents. Implement, manage, and maintain enterprise security systems and applications. Lead vulnerability assessments and ensure timely remediation. Oversee security incident response, forensic investigations, and threat mitigation efforts. Examine emerging technologies and assess their security implications. Lead ongoing risk assessment programs addressing information security and privacy. Ensure compliance with HIPAA, PCI, and applicable state and federal regulations. Develop and implement security policies, standards, guidelines, and procedures. Coordinate with IS teams, Audit/Compliance, HR, Finance, and Legal to align security efforts. Participate in disaster recovery and business continuity planning. Lead security education and awareness initiatives for staff across CNE. Manage security vendors responsible for operations, maintenance, and enhancements. Ensure vendor service delivery aligns with organizational security requirements and policies. Negotiate and manage contracts and service-level agreements with external partners. Manage, mentor, and develop information security staff. Promote professional growth and maintain awareness of industry trends. Provide input on resource allocation and security budgeting. Maintain 24-hour on-call availability to support critical operational needs. Perform other job-related duties as assigned. Requirements: Bachelor's Degree Required (computer science, MIS or related field) Minimum of 7-10 years of progressive experience in information security, Strong technical background in infrastructure, network security, firewalls, and cloud environments, Experience conducting forensic investigations and managing enterprise security products. Security certifications required: CISSP, GIAC, SANS, or similar. Audit certification preferred: CISA. Participation in national and regional security organizations preferred. Deep knowledge of cybersecurity principles, threat landscapes, and protection technologies. Strong working knowledge of enterprise infrastructure, network security, firewalls, and cloud platforms. Expertise in vulnerability management, forensic investigation, risk assessment, and incident response. Ability to develop enterprise-wide policies and governance frameworks. Strong communication skills for engaging executive leadership and cross-functional stakeholders. Exceptional organization, analytical, and decision-making abilities. Ability to manage technical teams and develop staff. Strong vendor management and contract negotiation skills. Ability to maintain confidentiality and uphold ethical and regulatory standards Additional Information: Care New England Health System (CNE) and its member institutions, Butler Hospital, Women & Infants Hospital, Kent Hospital, VNA of Care New England, Integra, The Providence Center, and Care New England Medical Group, and our Wellness Center, are trusted organizations fueling the latest advances in medical research, attracting top specialty-trained doctors, and honing renowned services and innovative programs to engage in the important discussions people need to have about their health. EEOC Statement: Care New England is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Ethics Statement: Employee conducts himself/herself consistent with the ethical standards of the organization including, but not limited to hospital policy, mission, vision, and values. Americans with Disability Act Statement: External and internal applicants, as well as position incumbents who become disabled must be able to perform the essential job-specific functions either unaided or with the assistance of a reasonable accommodation, to be determined by the organization on a case-by-case basis.

Job Description Job Title: Security Engineer Department: Technology Reports To: VP of Technology Pay Range: $150,000 - $175,000 per year, depending on experience FLSA Status: Exempt WHO WE ARE: Bay State Milling Company is a family-owned leader in grain-based food ingredients, proudly serving the industry since 1899. For over 125 years, we've been on a mission to promote the growth of nutritious, sustainable, and accessible food choices. Our portfolio spans flours, grains, seeds, and innovative plant-based ingredients, all crafted to meet evolving consumer demands for healthfulness, great taste, and affordability. Rooted in five generations of ownership, we combine deep milling expertise with forward-thinking innovation. From our flagship mill in Winona, Minnesota to facilities across North America, we partner with growers and customers to deliver quality and trust at every step. Guided by our core values-Integrity, Creativity, Collaboration, Caring, and Quality-we relentlessly pursue better for the food system and the communities we serve. JOB SUMMARY: The Security Engineer plays a critical role in safeguarding Bay State Milling's digital assets, infrastructure, and data. This position is responsible for designing, implementing, and maintaining security solutions that protect against cyber threats and ensure compliance with industry standards and regulatory requirements. The Security Engineer collaborates closely with all areas of the technology team and business stakeholders to assess risks, respond to incidents, and continuously improve the company's security posture. ROLE & RESPONSIBILITIES: Design and implement secure network, system, and application architectures. Evaluate and deploy security tools, technologies, and frameworks. Monitor systems for security breaches and investigate incidents. Lead response efforts for security events, including containment, remediation, and reporting. Conduct regular vulnerability assessments and penetration testing. Coordinate remediation efforts with infrastructure and application teams. Ensure compliance with internal policies, industry standards (e.g., NIST, ISO 27001), and regulatory requirements. Support audits and risk assessments and maintain documentation of security controls. Develop and deliver security awareness programs for employees. Provide guidance and training to technical teams on secure coding and system hardening. Manage and enforce identity and access controls across systems and applications. Implement role-based access and least privilege principles. Integrate security into cloud environments and CI/CD pipelines. Collaborate with Development teams to embed security into development workflows. Stay current with emerging threats, technologies, and best practices. Recommend and implement improvements to security policies, procedures, and tools. MINIMUM EDUCATION & WORK REQUIREMENTS: Bachelor's degree in computer science, Information Security, Cybersecurity, or a related field. Minimum of 5 years of firsthand experience in cybersecurity engineering, security operations, or related technical roles. Preferred certifications can include CISSP, CISM, or Cybersecurity Architect Proven experience with security technologies such as firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security platforms. Experience working in hybrid & cloud-native environments (e.g., AWS, Azure, GCP). Familiarity with secure software development practices and DevSecOps integration. KNOWLEDGE, SKILLS, AND ABILITIES: Strong understanding of network protocols, operating systems (Windows, Linux), and cloud infrastructure. Deep knowledge of cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Experience with SIEM platforms (e.g., Splunk, Sentinel), EDR solutions, and threat intelligence tools. Ability to assess and mitigate risks in complex enterprise environments. Strong analytical and problem-solving skills with attention to detail. Excellent communication skills, with the ability to translate technical risks into business impact. Ability to work independently and collaboratively in cross-functional teams. Familiarity with regulatory requirements such as GDPR, or CCPA. Experience with container security (e.g., Kubernetes, Docker) and infrastructure-as-code (e.g., Terraform, CloudFormation).

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Woods Hole Oceanographic Institution is searching for a highly skilled and cleared Information System Security Officer (ISSO) / Classified Systems Information Assurance Analyst to join our team, focusing exclusively on the security of classified information systems and networks. This critical role is responsible for ensuring the confidentiality, integrity, and availability of sensitive government information in accordance with stringent U.S. government (USG) security directives. The ISSO will be instrumental in the authorization and accreditation(A&A) process, continuous monitoring, incident response, and the implementation of robust security controls for classified environments. The ideal candidate will possess a deep understanding of relevant security frameworks, policies, and a proven track record of maintaining secure classified systems. This is a regular, full-time, exempt position, and is eligible for full benefits. ESSENTIAL FUNCTIONS Authorization & Accreditation (A&A) / Risk Management Framework (RMF): Lead or support the development, review, and submission of comprehensive security authorization packages (e.g., System Security Plans (SSPs), Risk Assessment Reports, Contingency Plans, Plan of Action and Milestones (POA&Ms)) for classified systems. Ensure all classified systems maintain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC) in accordance with RMF or legacy A&A processes (e.g., DIACAP). Interpret and apply USG security policies, regulations, and guidelines, including but not limited to: NISPOM, DoD Instruction 8500.01, NIST SP 800-53, DCID 6/3, ICD 503, JSIG, and DISA STIGs. Security Control Implementation & Enforcement: Design, implement, and maintain security controls specific to classified systems, including secure configurations, access controls, auditing, media control, and classified spillage prevention/response. Configure and manage specialized security tools relevant to classified environments (e.g., Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), Data Loss Prevention (DLP) solutions). Perform rigorous hardening of operating systems (Windows, Linux), applications, and network devices based on DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Vulnerability Management & Continuous Monitoring: Conduct vulnerability scans, analyze results, and work with system administrators to remediate security weaknesses on classified systems. Oversee and perform continuous monitoring activities, including reviewing audit logs, security events, and system alerts for anomalous behavior. Track and ensure compliance with Information Assurance Vulnerability Management (IAVM) directives. Incident Response & Classified Spillage: Act as a primary point of contact and lead for security incidents and classified spillage events on assigned systems. Execute incident response procedures, including containment, eradication, recovery, and detailed reporting to relevant government authorities. Participate in forensic investigations as required for classified incidents. Compliance & Audit Support: Maintain meticulous documentation of all security artifacts, configurations, policies, and procedures for classified systems. Support internal and external security inspections, audits, and assessments by government agencies (e.g., DCSA, DSS, NSA). Develop and implement standard operating procedures (SOPs) for the secure operation of classified systems. User Training & Guidance: Provide guidance and training to users on proper handling, marking, and safeguarding of classified information and operation of classified systems. Ensure all personnel accessing classified systems meet training requirements (e.g., security awareness, insider threat). Configuration Management: Manage and control changes to the hardware, software, and firmware of classified systems to maintain their security posture and accreditation. MINIMUM QUALIFICATIONS Security Clearance: Active U.S. Government Security Clearance required at the SECRET level or above. Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or equivalent experience. Experience: 5 years of dedicated experience in Information Assurance/Cybersecurity within classified government or defense environments. Demonstrable expertise in the Risk Management Framework (RMF) or equivalent A&A processes (e.g., DIACAP). Hands-on experience with security tools and technologies used in classified environments (e.g., ACAS, HBSS, SIEM, dedicated firewalls). Proven experience with DISA STIGs and their application to various operating systems and applications. Technical Skills: Strong understanding of network protocols, operating systems (Windows, Linux/Unix), and virtualized environments in a classified context. Experience with encryption technologies and COMSEC devices. Knowledge of scripting languages (e.g., PowerShell, Python, Bash) for automation and auditing is a plus. Desired Certifications: CISSP (Certified Information Systems Security Professional) DoD 8570.01-M IAT Level II (e.g., CompTIA Security+, CySA+, CCNA Security, SSCP) or higher (IAM Level I, II, or III). GIAC Certifications relevant to incident handling, forensics, or security auditing (e.g., GCIH, GCFA, GCCC, GSNA) Additional Job Requirements Salary Range: $114,000 to $148,000 USD The salary range provided for this position reflects the expected minimum and maximum base pay for new hires. Actual compensation will be determined based on factors such as relevant skills, experience, and qualifications, as well as internal equity and market conditions. In addition to base salary, eligible employees also receive a comprehensive benefits package. WHOI accepts applications on a rolling basis - applications will be reviewed as they are received, and we encourage you to submit your application as soon as possible to ensure full consideration. While we will continue to review applications until the position is filled, and early applicants may have an advantage in the selection process. EEO Statement Woods Hole Oceanographic Institution (WHOI) provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Job Overview: We are seeking a highly skilled and experienced Senior Security Engineer to join our IAM Engineering organization. The ideal candidate will have extensive solution-building experience across various Ping Identity products, including PingFederate, Ping DaVinci, PingOne, PingCentral, PingAccess, PingDirectory, AWS, and PingID Mobile. This role focuses on engineering rather than operations, and a background in Identity and Access Management (IAM) is a significant plus. Key Responsibilities: Design, develop, and implement IAM solutions using Ping Identity products such as PingFederate, PingDaVinci, PingOne, PingCentral, PingAccess, PingDirectory, and PingID Mobile. Architect and build secure and scalable IAM frameworks and solutions tailored to meet business and technical requirements. Collaborate with cross-functional teams to integrate IAM solutions with various applications and systems, ensuring seamless authentication and authorization processes. Develop and maintain AWS-based IAM solutions, leveraging cloud services to enhance security and scalability. Provide technical leadership and mentorship to junior engineers, fostering a culture of continuous learning and innovation. Conduct thorough security assessments and audits of IAM systems, identifying and mitigating potential risks and vulnerabilities. Stay current with the latest trends and best practices in IAM and security engineering, applying this knowledge to improve existing solutions. Work closely with stakeholders to understand their requirements and translate them into technical specifications and solutions. Develop and maintain comprehensive documentation for IAM solutions, including design documents, configuration guides, and operational procedures. Qualifications: Bachelor's degree in computer science, Information Security, or a related field. A master's degree is a plus. Minimum of 8+ years of overall experience in security engineering or a related field. At least 3+ years of experience with Ping Identity products, including PingFederate, Ping DaVinci, PingOne, PingCentral, PingAccess, PingDirectory, and PingID Mobile. At least 5+ years of experience with cloud services, particularly AWS. Strong engineering background with hands-on experience in building and deploying IAM solutions. Proficiency with AWS services and IAM integrations in cloud environments. In-depth understanding of IAM principles, including authentication, authorization, single sign-on (SSO), multi-factor authentication (MFA), and directory services. Experience with any programming language is a plus(Java preferably). Excellent problem-solving skills and the ability to troubleshoot complex IAM issues. Strong communication and collaboration skills, with the ability to work effectively in a team-oriented environment. Relevant certifications such as CISSP, CISM, or similar are a plus. Preferred Experience: Experience in Identity and Access Management (IAM) in large-scale enterprise environments. Familiarity with security standards and protocols such as SAML, OAuth, OpenID Connect, and LDAP. Experience with DevOps practices and tools for automation and continuous integration/continuous deployment (CI/CD). Compensation: $140,000.00 per year Who We Are CARE ITS is a certified Woman-owned and operated minority company (certified as WMBE). At CARE ITS, we are the World Class IT Professionals, helping clients achieve their goals. Care ITS was established in 2010. Since then we have successfully executed several projects with our expert team of professionals with more than 20 years of experience each. We are globally operated with our Head Quarters in Plainsboro, NJ, with focused specialization in Salesforce, Guidewire and AWS. We provide expert solutions to our customers in various business domains.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Your Future. Secured. ISC2 is a force for good. As the world's leading nonprofit member organization for cybersecurity professionals, our core values - Integrity, Advocacy, Commitment, Inclusion, and Excellence - drive everything we do in support of our vision of a safe and secure cyber world. Our globally recognized, award-winning portfolio of certifications provide an independent and globally recognized endorsement of cybersecurity knowledge, skills and experience for all career levels. Our charitable arm, the Center for Cyber Safety and Education, enables ISC2 and our members to serve the public by educating the most vulnerable about cyber risks and empowering access to enter and thrive in the cyber profession. Learn more at ISC2 online and connect with us on Twitter, Facebook and LinkedIn. When you join ISC2, you'll demonstrate your commitment to an inclusive and equitable environment. Your support of the unique perspectives and experiences shared by our global cybersecurity workforce and profession will be recognized. We invite you to take an active role in helping us create a true sense of belonging across our organization - an environment of authenticity, trust, empowerment and connectedness that empowers all of our successes. Learn more. **Position Summary** The Application Security Engineer will be an integral part of the security team and will work cross-functionally with several lines of business to ensure the secure delivery of products and applications. The Application Security Engineer will be expected to attend stand-ups and strategy sessions to identify areas of risk and offer consulting on best practices. The Application Security Engineer will act as a champion and will formalize the integration of application security into our current processes and tools. **Responsibilities** The Application Security Engineer will be expected to facilitate technical design reviews, perform code analysis, offer remediation recommendations, perform manual and dynamic security testing, and document and present all findings. The Application Security Engineer will work closely with the Development, Release, and QA teams to identify and coordinate security testing, validate, test, and vet both internally and externally developed applications. As an Application Security Engineer, you will act as a DevSecOps Engineer that will be responsible for secure application delivery as well as the underlying infrastructure. The Application Security Engineer must be comfortable with securing cloud-based products in environments such as AWS, Azure and Salesforce. Additionally, this position will provide security risk assessments, create threat models and assist the team with vulnerability testing. Additionally, this position manages the ISC2 responsible reporting program that supports the organization's secure application delivery objectives. In addition to the daily duties described, the individual will assist the security engineering team in the management of security technologies administered by the group (e.g., WAF, Firewall, IDS, and SEIM). This would be an "as needed" function, which is primarily to provide coverage for those duties when individuals on the security engineering team are out of the office for training or vacation. Additionally, the Application Security Engineer will be expected to participate in the Incident Response team and act as a Subject Matter Expert when dealing with the continuity of our operations and when responding with cyber incidents. + Conduct security assessments: Perform comprehensive security assessments of applications, including static code analysis, dynamic application testing, and penetration testing. Identify vulnerabilities, weaknesses, and potential attack vectors. + Secure code review: Review application source code to identify security flaws, such as insecure authentication mechanisms, input validation vulnerabilities, and potential injection attacks. Provide recommendations for remediation and best practices for secure coding. + Threat modeling: Collaborate with development teams to identify and assess potential threats and risks associated with the application. Use threat modeling techniques to prioritize security controls and countermeasures. + Develop and implement security controls: Design, develop, and implement security controls and countermeasures to protect applications against common security threats, such as cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection. Implement secure coding practices and security guidelines. + Vulnerability management: Establish and maintain a vulnerability management program for applications. Track and prioritize vulnerabilities based on their severity and impact. Coordinate with development teams to ensure timely remediation of identified vulnerabilities. + Security testing automation: Develop and maintain automated security testing tools and scripts to streamline the application security testing process. Integrate security testing into the continuous integration and deployment (CI/CD) pipeline. + Security training and awareness: Conduct security training and awareness programs and determine skills training needs for development teams, promoting secure coding practices andawareness of common security vulnerabilities. Stay updated with the latest security trends, attack techniques, and best practices. + Incident response: Provide support during security incidents or breaches related to applications. Participate in incident response activities, including containment, investigation, and remediation. + Compliance and regulatory requirements: Ensure that applications adhere to relevant security compliance standards, industry regulations, and data privacy requirements (e.g., GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability)). Collaborate with compliance teams to address any compliance-related concerns. + Security documentation and reporting: Prepare and maintain security documentation, including security policies, procedures, and guidelines. Generate periodic reports on the security posture of applications and present findings to relevant stakeholders. Other responsibilities include: + Maintain and manage all pipelines from a security perspective. + Onboard new pipelines for security tooling. + Keep pipeline diagrams up to date with current security details. + Serve as the primary SME for the DAST scanner.This includes configuration, testing, vulnerability management, and remediation oversight. + Recommend continuous improvements for the SAST scanner. + Security code release approvals + Maintain and manage the WAF, including signatures, configuration, and threat intel feeds. + Serve as the SME and provide recommendations for ongoing improvements. + Establish baseline WAF signatures for XD Prod following the Silverline migration. + Baseline WAF signatures after code releases. + Serve as the primary point of contact for vetting bug reports and managing the informed disclosure process. + Assist with attestation data gathering. + Support and assist with threat modeling. + Act as the formal backup for the threat modeling and attestation processes. + Review and approve Security Assessment Review reports as needed. + Perform other duties as required. **Behavioral Competencies** + Ability to demonstrate and support the ISC2 Core Values: Integrity, Excellence, Inclusion, Advocacy and Commitment + Function as an architect, who can conduct architecture reviews of new systems and solutions. + Serve as a builder who can build and integrate application security in our SDLC. + Act as a collaborator, who likes to engage with the team and the industry. + Serve as a team player, who will jump in and assist in other security functions as needed. + Function as a leader, who will use your knowledge and to train and guide developers and engineers. + Demonstrate a passion for application security, creative and critical thinking, strong analysis skills, the ability to work in a fast-paced environment, and have familiarity with agile, continuous integration, and continuous deployment. + Experience in securing SaaS-delivered offerings in multiple cloud environments deployed with automation & orchestration. **Qualifications** + Ability to write some code, as needed, to conduct security-focused testing. + Application Experience with common testing tools such as Veracode, Fortify, Zap, Burp, and fiddler, among others. + Application Understanding of common vulnerabilities & remediation. + Application Knowledge and understanding of automation and scripting languages. + Design & code review skills. + A solid understanding of Microsoft platforms such as .NET, Windows, C#, Azure. + General Knowledge of cloud security, API (Application Programming Interface) security, and associated best practices. **Education and Work Experience** + Bachelor's degree in computer science, information systems, related engineering field. Will consider a high school diploma and 10+ years of relevant work experience, as well as current additional credentials (CCSP, GDSP, etc..) in lieu of a degree. + A CISSP and CSSLP are required for this position. + 8+ years of experience in Information Security. + 8+ years of experience with static and dynamic analysis for coding and vulnerability identification and remediation. + 5+ years of Secure Development experience. + Application Experience with implementing Secure Development Lifecycle in an agile environment. + First-hand experience with architectural reviews, application reviews, and penetration testing. + Application Experience with Continuous Integration processes, particularly with building security practices into the pipeline. **Physical and Mental Demands** + Ability to travel up to 10% of time. May also include overnight travel. + Work extended hours, when necessary. + Work in an office environment using dual monitor computer screens. + Sitting for extended periods. **Equal Employment Opportunity Statement** All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic as protected by applicable law. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. **Job Locations** _US-Remote_ **Posted Date** _4 weeks ago_ _(11/19/2025 1:29 PM)_ **_Job ID_** _2025-2253_ **_\# of Openings_** _1_ **_Category_** _Information Security_

Select Cyber, an Information Security recruitment specialty firm, seeks to fill the following role for our client: Information Security Analyst Responsibilities : Must have the ability to support a flexible schedule in support of 7x24 staff and on-call responsibilities. Responsibilities include the construction of networks from existing design diagrams and documents as-build updates. Pre and Post-deployment responsibilities include strong understanding and adherance to customer change management processes, change requests, integration, support/troubleshooting, upgrades, and scaling to meet demand. The candidate will proactively scan, patch, upgrade, model, document, backup, protect and expand the network. Work with vendors to resolve problems via ticketing portals and escalating issues to team lead and/or management as needed. Strong experience with Linux and Windows operating system upgrades and patches. Ability to solve problems quickly and automate processes. A solid understanding of networking/distributed computing environment concepts; Understands principles of routing Must be well versed in TCP/IP, IPSec, VLANs, system hardening, and troubleshooting. Requirements: Bachelor's degree or equivalent and 5+ years of related experience in a 7x24 operations environment. Strong Networking background combined with Strong Security 5-7 years of Network Security Engineering experience or relevant certifications such as CCNP, CCNA, SANS, CISSP, etc. Expert level knowledge of installing, deploying, documenting, and troubleshooting firewall products, such as Junipers, Fortinet, Stonesoft, Palo Alto, Cisco. Strong interpersonal and communications skills Strong ability to solve problems quickly and automate processes. A solid understanding of networking/distributed computing environment concepts; understands principles of routing Experience with firewall products Experience with securing an enterprise environment Experience with enterprise class security networking technologies

The Information Security Engineer is responsible for implementing and supporting security technologies and controls that protect the organization's IT infrastructure, systems, and data. This role plays a hands-on part in improving the overall security posture by contributing to the deployment, operation, and maintenance of security solutions. Working together with management and senior team members, the Information Security Engineer assists in executing security strategies, supporting compliance requirements, and mitigating risks across the enterprise. This position provides technical expertise to security operations, contributes to security engineering initiatives, and escalates complex issues when necessary. The Information Security Engineer supports all Kraft Group companies and locations. DUTIES AND RESPONSIBILITIES * Design, deploy, and manage security solutions in alignment with security policies and business needs. * Assist in conducting risk assessments, security reviews, and gap analyses for compliance with standards such as NIST, CIS, ISO 27001, HIPAA, and GDPR. * Participate in vulnerability management lifecycle-monitoring alerts, identifying risks, and implementing remediation activities. * Manage and operate enterprise security tools including Tenable, CrowdStrike, NG-SIEM, Cisco FirePower, NetSpi, CyberArk and Zscaler. * Assist with firewall rule reviews, applying least privilege and zero-trust principles, and managing change workflows. * Administer and enhance Privileged Access Management (PAM) solutions, including implementing Just-In-Time (JIT) access, credential rotation, session monitoring, and least-privilege controls using CyberArk or similar technologies. * Respond to security incidents, performing triage, containment, documentation, and escalation in coordination with senior team members. * Analyze security event logs and correlate data to identify threats and recommend improvements based on threat intelligence. * Support penetration testing efforts by collaborating with third-party testers, reviewing findings, and assisting in remediation. * Contribute to user awareness programs by promoting security best practices and supporting education initiatives across the organization. * Collaborate with IT teams to guide and influence security best practices in operations, infrastructure, and application development. * Assist in internal and external audit activities, including documenting controls, tracking exceptions, and managing remediation plans. * Create and maintain security dashboards and reports to communicate trends, vulnerabilities, and risk metrics to leadership. * Stay informed of evolving security threats, technologies, and industry developments to improve security measures. * Work with IT and development teams to ensure security is integrated into design and implementation processes. * Special projects and assignments as business dictates. * Responsible for the creation, maintenance and control of all personally identifiable information or any other information protected by Confidentiality and Privacy Standards see Mass Regulations on Personal Identity Regulations and HIPAA. SUPERVISORY RESPONSIBILITIES * This position has no supervisory responsibilities SKILLS AND QUALIFICATIONS * Bachelor's degree in Cybersecurity, Computer Science, or Information Systems preferred. * 4-6 years of experience in cybersecurity architecture, security engineering, or related fields, with a track record of implementing security solutions. * Strong understanding of Defense-in-Depth, Zero-Trust Security Models, and Compensating Controls. * Experience in security design and implementation for Enterprise Platforms and Operating Systems (Windows, Unix/ Linux). * Familiarity with network security concepts, firewalls, and enterprise security controls (Cisco iOS & NX-OS, Aruba OS, Extreme XOS). * Experience with Enterprise NGFW platforms (Cisco FTD) and advanced threat detection tools. * Familiarity with regulatory compliance frameworks such as CIS, CISA, NIST, ISO 27001, ISO 27002, HIPAA, GDPR. * Ability to support cross-functional security projects and provide security guidance to IT teams. * Strong analytical and problem-solving skills with a focus on security risk mitigation. * Strong communication and documentation skills for reporting security risks and solutions to stakeholders. PHYSICAL DEMANDS * Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. WORK ENVIRONMENT * Participate in after-hours on-call escalations and in Stadium event coverage rotations * The noise level in the work environment is usually moderate. * Fast-paced office environment. CERTIFICATES, LICENSES, REGISTRATIONS * Certified Information Systems Security Professional (CISSP) or similar certifications preferred OTHER DUTIES Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. This company is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. #LI-KG

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

A large healthcare company is seeking an experienced Endpoint Security Engineer - Configuration Compliance to join its enterprise security team focusing on MSB. The client is over $370Bn in revenue and operates over 9,000 locations. They are dedicated to putting people first from their customers to their employees, engaging with customer feedback to further innovate to provide the best care possible, simplifying processes for care, creating a trusting environment, and to creating the safest and highest quality of care to keep patients protected. The client is dedicated to giving back to those around them. They have stared a Foundation to provide financial support to the communities to help with areas such as maternal health, mental health, scholarships, free health services/screenings, etc. The Senior Endpoint Security Engineer plays a critical role in defining, implementing, and managing secure policy configuration policies across the organization's IT systems and infrastructure. This role ensures that security policy configurations are aligned with industry best practices and focuses on ensuring compliance with security standards, minimizing security gaps, vulnerabilities, and risk, through configuration management, and supporting organizational goals for a strong security posture. The Senior Endpoint Security Engineer works closely with IT, DevOps, and security teams to enforce secure baselines and automate policy compliance. This role is for process improvement for MSB so going through for the current workflow and each step to ensure proper documentation and solutioning in areas where there are deficiencies. It will be 70% working alongside leadership for improvement and 30% hands-on Key Responsibilities: Secure Policy Configuration Management (Hardening) · Develop, implement, and maintain secure configuration policy framework and baselines for operating systems, databases, applications, and network devices (e.g., firewalls, routers). · Collaborate with stakeholders to align secure configuration policies with business and compliance requirements. · Automate configuration scanning, remediation, and validation processes by developing and integrating workflows using tools like Qualys, ServiceNow, and APIs or scripting languages to enhance efficiency and scalability. · Regularly review and update policies to reflect changes in the threat landscape or regulatory requirements. · Stay informed of emerging security threats, compliance requirements, and best practices related to secure configurations. · Implement and maintain tools, processes, and configuration scan templates aligned with policy changes to continuously monitor, detect, and enforce secure configurations (e.g., Minimum Security Baseline scanners, configuration management tools).Conduct security audits and assessments to identify deviations and implement corrective actions. · Develop and deliver executive-level reports on compliance with configuration policies, including metrics on policy adherence and risk mitigation. · Lead root cause analysis and remediation efforts for configuration-related security incidents. Collaboration and Integration · Work closely with IT, DevOps, and Security Operations teams to ensure secure configuration policies are integrated into system and application lifecycles. · Partner with compliance and risk teams to ensure configurations meet regulatory standards (e.g., PCI DSS, HIPAA, SOX). · Provide guidance and support during internal and external audits. Continuous Improvement and Training · Promote a culture of security awareness and best practices within the organization. · Drive automation initiatives to streamline configuration management processes. · Provide training and resources to ensure teams understand and adhere to secure configuration policies. Compensation: $15/hr to $20/hr. Exact compensation may vary based on several factors, including location, skills, experience, and education. Employees in this role will enjoy a comprehensive benefits package starting on day one of employment, including options for medical, dental, and vision insurance. Eligibility to enroll in the 401(k) retirement plan begins after 90 days of employment. Additionally, employees in this role will have access to paid sick leave and other paid time off benefits as required under the applicable law of the worksite location. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements - 3-5+ years of experience in information security, with a focus on secure configuration management or related areas. - 5+ years of hands-on experience with Qualys and the Policy Audit module - background in secure configuration frameworks including CIS Benchmarks and configuration management tools (e.g., Qualys, Rapid7, Tanium). - 5+ years of strong understanding of operating systems (Windows, Linux, mac OS) and network device configurations. - 5+ years with security architecture awareness. - Strong grasp of how configuration compliance integrates with vulnerability, asset, and change management systems. - Strong communication and ability to drive meetings with stakeholders - Proficient knowledge and experience with database query languages (e.g., MySQL, SQL). - Knowledge of security monitoring and ITSM platforms (e.g., Splunk, ServiceNow, Archer). - Strong knowledge of compliance standards (e.g., ISO 27001, PCI DSS, HIPAA). - Experience with system hardening and secure configuration standards/frameworks (e.g., NIST SP 800-53, DISA STIGs). - Proven ability to diagnose and resolve technical issues within Qualys PC, agent-based systems, and automation framework. - Qualys Query Language (QQL) for data analysis, validation and reporting. - Familiarity with scripting languages (e.g., Python, PowerShell, Bash) for automation. - Certified Information Systems Security Professional (CISSP). - Certified Information Systems Auditor (CISA). - CompTIA Security+ or Cybersecurity Analyst (CySA+). - Qualys Security Configuration Assessment (SCA).

Are you ready to take on a pivotal role that will shape the future of security architecture in a leading financial institution? We are seeking three seasoned and visionary Distinguished Enterprise Architects to join our dynamic security organization, each aligned to one of our key business areas: Commercial Banking, Consumer Banking, and Private Banking. In this highly strategic role, you will have the opportunity to drive architecture across these domains, partnering closely with technical and business leaders to make a lasting impact. While the role resides within the security function, this is far from a narrow security engineering position. You will leverage core enterprise architecture principles to ensure secure, scalable, and resilient design across all technology layers including cloud, infrastructure, applications, and data, grounded in frameworks such as TOGAF, Zachman, and NIST. Your expertise will be instrumental in transforming our security landscape and empowering our business units to achieve their strategic goals with confidence. Key Responsibilities + Champion customer protection on the front lines of delivering strategic initiatives for the company. + Define and evolve enterprise-wide architecture strategies aligning with both business goals and cybersecurity objectives. + Partner with line-of-business architects, ensuring cohesive integration of business, application, data, and technology architecture domains. + Lead the development of architecture standards, creating reference models and reusable patterns that promote consistency across cloud platforms, DevOps, and software development efforts. + Champion secure-by-design principles, applying these principles across the full SDLC without being prescriptive to specific languages, stacks, or front-end design. + Serve as a senior advisor, translating regulatory requirements and risk posture into actionable architectural guidance across technology and security teams. + Collaborate with Infrastructure, DevOps, SRE, and Engineering leaders to embed architectural controls into CI/CD pipelines, runtime environments, and operational workflows. + Evaluate and guide the adoption of emerging technologies focusing on cloud-native platforms, identity frameworks, API security, secure data exchange, and container orchestration with an emphasis on innovation and risk reduction Qualifications + 15+ years of experience in senior technical roles with demonstrated leadership at the enterprise or divisional level. + Ability to drive security-focused initiatives, unifying technical security, enterprise architecture, application architecture, and business outcomes. + Ability to align security priorities with the broader business context, tailoring security policies and measures to meet the organization's evolving needs. + Strong communication and presentation skills with the ability to distill complex architecture topics for both technical and executive audiences. + Experience embedding security into key business initiatives such as digital transformation, customer experience enhancement, and operational efficiency. + Strong grounding in enterprise architecture concepts with practical application across multiple architecture domains. + Demonstrated success achieving results within tight budgetary constraints. + A passion for coaching junior team members. + Deep experience in cloud (AWS, Azure, or GCP), DevOps and infrastructure automation, and modern application architectures (microservices, APIs, containers). + Hands-on experience with Enterprise application development, including expertise in multiple programming languages and database technologies. + Solid understanding of cybersecurity architecture, including identity, access, encryption, secure network design, and threat modeling. + Proactive security design experience, ensuring security concerns are proactively designed (shift-left) to enable the organization to pursue its strategic goals with confidence. + Experience fostering a security-driven culture, promoting security as a business enabler, driving secure scalability, protecting sensitive data, and maintaining regulatory compliance, all while accelerating business value and supporting long-term growth. + Ability to work across a matrixed environment, influencing without direct authority. + This is not a management position, but experience is a plus. + Experience working with regulatory agencies is a plus. Education and Certifications + Required: Bachelor's degree in Software Engineering, Computer Science, Computer Engineering, related discipline, or equivalent experience. + Preferred: Master's degree in Software Engineering, Computer Science, Engineering, Mathematics, or related discipline. Pay Transparency The salary range for this position is $170,000 - $230,000 per year plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience. We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens' paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit *************************************** #LI-Citizens1 Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance. Equal Employment Opportunity Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability. Why Work for Us At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth Background Check Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information. 12/31/2025

As part of Meta Security, our Insider Trust team is dedicated to identifying and responding to insider threats that target our data. Our mission is to detect, investigate, and mitigate damage caused by insider threats. We handle a wide range of abuse cases, including misuse of user data, intellectual property theft, and leaks of sensitive information.We are seeking an experienced Security Engineer to join the team. This role involves investigating, hunting, and automating internal signals to detect malicious activities related to insider threats. **Required Skills:** Security Engineer Investigator, Insider Trust Responsibilities: 1. Perform analysis, and threat hunting from a variety of log sources (e.g., individual host logs, network traffic logs) to identify potential insider threats 2. Create workflows and automations to streamline signal detection, threat hunts, and investigative processes 3. Collaborate with software and production engineering teams to build scalable and adaptable solutions for insider threat investigations 4. Identify gaps in our infrastructure and work with cross-functional partners to improve visibility through logging and automation 5. Build operational workflows and actions to auto-resolve false positives and provide context, scaling investigation capabilities 6. Prioritize efforts to maximize impact by enhancing visibility, automating processes, and scaling investigative capabilities 7. Coach, mentor, and support team members to foster long-term career growth, job satisfaction, and success **Minimum Qualifications:** Minimum Qualifications: 8. Bachelor's degree in Computer Science, Engineering, or equivalent experience 9. 5+ years of experience in Detection & Response Engineering, Insider Threat, or a similar Security Engineering role 10. Technical and procedural expertise in conducting security investigations, including response, forensics, and large-scale log analysis 11. Experience with attacker tactics, techniques, and procedures 12. Proficiency in coding or scripting in one or more general-purpose programming languages **Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Job Title: Security Engineer Department: Technology Reports To: VP of Technology Pay Range: $150,000 - $175,000 per year, depending on experience FLSA Status: Exempt WHO WE ARE: Bay State Milling Company is a family-owned leader in grain-based food ingredients, proudly serving the industry since 1899. For over 125 years, we've been on a mission to promote the growth of nutritious, sustainable, and accessible food choices. Our portfolio spans flours, grains, seeds, and innovative plant-based ingredients, all crafted to meet evolving consumer demands for healthfulness, great taste, and affordability. Rooted in five generations of ownership, we combine deep milling expertise with forward-thinking innovation. From our flagship mill in Winona, Minnesota to facilities across North America, we partner with growers and customers to deliver quality and trust at every step. Guided by our core values-Integrity, Creativity, Collaboration, Caring, and Quality-we relentlessly pursue better for the food system and the communities we serve. JOB SUMMARY: The Security Engineer plays a critical role in safeguarding Bay State Milling's digital assets, infrastructure, and data. This position is responsible for designing, implementing, and maintaining security solutions that protect against cyber threats and ensure compliance with industry standards and regulatory requirements. The Security Engineer collaborates closely with all areas of the technology team and business stakeholders to assess risks, respond to incidents, and continuously improve the company's security posture. ROLE & RESPONSIBILITIES: Design and implement secure network, system, and application architectures. Evaluate and deploy security tools, technologies, and frameworks. Monitor systems for security breaches and investigate incidents. Lead response efforts for security events, including containment, remediation, and reporting. Conduct regular vulnerability assessments and penetration testing. Coordinate remediation efforts with infrastructure and application teams. Ensure compliance with internal policies, industry standards (e.g., NIST, ISO 27001), and regulatory requirements. Support audits and risk assessments and maintain documentation of security controls. Develop and deliver security awareness programs for employees. Provide guidance and training to technical teams on secure coding and system hardening. Manage and enforce identity and access controls across systems and applications. Implement role-based access and least privilege principles. Integrate security into cloud environments and CI/CD pipelines. Collaborate with Development teams to embed security into development workflows. Stay current with emerging threats, technologies, and best practices. Recommend and implement improvements to security policies, procedures, and tools. MINIMUM EDUCATION & WORK REQUIREMENTS: Bachelor's degree in computer science, Information Security, Cybersecurity, or a related field. Minimum of 5 years of firsthand experience in cybersecurity engineering, security operations, or related technical roles. Preferred certifications can include CISSP, CISM, or Cybersecurity Architect Proven experience with security technologies such as firewalls, SIEM, IDS/IPS, endpoint protection, and cloud security platforms. Experience working in hybrid & cloud-native environments (e.g., AWS, Azure, GCP). Familiarity with secure software development practices and DevSecOps integration. KNOWLEDGE, SKILLS, AND ABILITIES: Strong understanding of network protocols, operating systems (Windows, Linux), and cloud infrastructure. Deep knowledge of cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Experience with SIEM platforms (e.g., Splunk, Sentinel), EDR solutions, and threat intelligence tools. Ability to assess and mitigate risks in complex enterprise environments. Strong analytical and problem-solving skills with attention to detail. Excellent communication skills, with the ability to translate technical risks into business impact. Ability to work independently and collaboratively in cross-functional teams. Familiarity with regulatory requirements such as GDPR, or CCPA. Experience with container security (e.g., Kubernetes, Docker) and infrastructure-as-code (e.g., Terraform, CloudFormation).

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************