Security architect jobs in Eugene, OR - 118 jobs

The Aircraft Services Architect will provide architecture and design expertise for aviation software systems. This role ensures compliance with aircraft standards (DO-178C, DAL-D/E, SAL) and focuses on secure, scalable architectures for in-flight systems, integrating with multiple domains and platforms. Mandatory Skills: Bachelor's or Master's degree in Computer Science, Aerospace Engineering, or related field. 8+ years of experience in aviation software architecture and design. Prior experience working with aircraft OEMs or aviation systems is highly desirable. Strong analytical and problem-solving skills with ability to lead technical discussions. Excellent communication and collaboration skills for working in global, cross-functional teams. Roles & Responsibilities: Define system and product requirements (functional and non-functional) for aviation software. Document requirements and decompose them into technical specifications and architecture artifacts. Design and implement system and software architectures to achieve DAL-D/E and SAL 1-3 assurance levels for security, data, and domain segregation. Drive architecture for hosting platforms using cloud-native virtualization technologies. Provide expertise in aviation domain standards and ensure compliance with DO-178C and related regulations. Collaborate with engineering teams, OEMs, and aircraft manufacturers for integration and validation. Implement secure architectures including secure boot, firmware updates, and secure communication protocols. Support Agile development teams, participate in PI planning, and architecture reviews. Prepare architecture diagrams, design documents, and test strategy reviews. Mentor team members and act as a technical leader to resolve design issues and improve processes. Required Skills & Expertise: Aviation Software Architecture: Experience designing and implementing large-scale, complex aviation systems. Compliance Standards: Deep understanding of DO-178C, DAL-D/E, SAL Levels, and aviation security standards. Security Expertise: Encryption, authentication, access control, threat modeling, secure boot, and secure firmware updates. Virtualization & Hosting: Cloud-native virtualization technologies for hosting platforms. Programming Languages: C++, GoLang, Java, Python; Linux kernel programming. Database Knowledge: MySQL, MariaDB, SQLite. Quality Assurance: Aviation software QA processes including validation, verification, and SQA techniques. Agile Practices: Experience in SAFe or SCRUM methodologies. Nice-to-Have: Experience with AWS Cloud and cloud-native architectures. Familiarity with CI/CD pipelines and DevOps practices. Exposure to Agile frameworks and architecture documentation tools (Confluence, Visio, Draw.io). Qualification: Bachelors/Masters

Our client is looking Aircraft Services Architect for Long-term project in Hillsboro, OR (Onsite) Below is the detail requirement. Role: Aircraft Services Architect The Aircraft Services Architect will provide architecture and design expertise for aviation software systems. This role ensures compliance with aircraft standards (DO-178C, DAL-D/E, SAL) and focuses on secure, scalable architectures for in-flight systems, integrating with multiple domains and platforms. Roles & Responsibilities: Define system and product requirements (functional and non-functional) for aviation software. Document requirements and decompose them into technical specifications and architecture artifacts. Design and implement system and software architectures to achieve DAL-D/E and SAL 1-3 assurance levels for security, data, and domain segregation. Drive architecture for hosting platforms using cloud-native virtualization technologies. Provide expertise in aviation domain standards and ensure compliance with DO-178C and related regulations. Collaborate with engineering teams, OEMs, and aircraft manufacturers for integration and validation. Implement secure architectures including secure boot, firmware updates, and secure communication protocols. Support Agile development teams, participate in PI planning, and architecture reviews. Prepare architecture diagrams, design documents, and test strategy reviews. Mentor team members and act as a technical leader to resolve design issues and improve processes. Required Skills & Expertise: Aviation Software Architecture: Experience designing and implementing large-scale, complex aviation systems. Compliance Standards: Deep understanding of DO-178C, DAL-D/E, SAL Levels, and aviation security standards. Security Expertise: Encryption, authentication, access control, threat modeling, secure boot, and secure firmware updates. Virtualization & Hosting: Cloud-native virtualization technologies for hosting platforms. Programming Languages: C++, GoLang, Java, Python; Linux kernel programming. Database Knowledge: MySQL, MariaDB, SQLite. Quality Assurance: Aviation software QA processes including validation, verification, and SQA techniques. Agile Practices: Experience in SAFe or SCRUM methodologies. Qualifications: Bachelor's or Master's degree in Computer Science, Aerospace Engineering, or related field. 8+ years of experience in aviation software architecture and design. Prior experience working with aircraft OEMs or aviation systems is highly desirable. Strong analytical and problem-solving skills with ability to lead technical discussions. Excellent communication and collaboration skills for working in global, cross-functional teams. Nice-to-Have: Experience with AWS Cloud and cloud-native architectures. Familiarity with CI/CD pipelines and DevOps practices. Exposure to Agile frameworks and architecture documentation tools (Confluence, Visio, Draw.io).

The Platform Services Architect is responsible for designing and developing architecture for embedded infrastructure services within the platform. This includes bootup, commissioning, storage management, thermal management, and integration with embedded hardware and software systems. The role requires expertise in Linux/Android OS, virtualization, and hardware-software alignment. Roles & Responsibilities: Design and develop architecture for platform services such as bootup, commissioning, storage management, and thermal management. Drive architecture for embedded software, collaborating with engineers in system software, virtualization, trusted OS, graphics, compute, device drivers, storage, networking, and security. Act as a technical leader, providing insight and direction to resolve issues and improve processes. Collaborate with hardware engineering teams to ensure hardware-software integration. Architect solutions using Linux, Android, and microcontroller RTOSs, including storage/persistence layers and device management. Break down architecture into development tasks, review deliverables, and resolve design issues or blockers. Document architecture using C4 and model-based frameworks and maintain version-controlled design artifacts. Participate in Agile development processes, PI planning, and architecture reviews. Required Skills & Expertise: Operating Systems: Deep knowledge of Linux and Android OS internals, kernel modules, and integration with embedded hardware. Embedded Systems: Experience designing and developing software for embedded systems, including hardware abstraction and device drivers. Storage Systems: Expertise in file systems, RAID, distributed storage, and data replication. Networking: Familiarity with Layer 2/3 networking concepts and protocols (VLAN, STP, LLDP, OSPF, IGMP, BGP). Virtualization: Containers, hypervisors, orchestration (Linux and Android environments). Hardware Bring-Up: Provisioning and commissioning experience. OTA Architecture: Over-the-air update strategies, edge computing, CDN integration. Programming: Proficiency in C++, Java, Python, and Linux kernel programming. Agile Practices: Experience in SAFe or SCRUM methodologies. Qualifications: Bachelor's or Master's degree in Computer Science, Electrical Engineering, or related field. 8+ years of experience in embedded systems architecture and platform services design. Strong analytical and problem-solving skills with ability to lead technical discussions. Excellent communication and collaboration skills for global team environments. Nice-to-Have: Experience with AWS Cloud and cloud-native architectures. Familiarity with CI/CD pipelines (GitLab CI, Jenkins) and DevOps practices. Exposure to architecture documentation tools (Confluence, Visio, Draw.io). Qualification: Bachelors/Masters

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Founded in 2017 Perfecta is a division and a wholly owned subsidiary of City National Security a well known and reputed company providing IT Consulting , Staffing and Security services throughout the United States. Perfecta brings a rich experience of over 12 years in providing fully scaled IT Consulting and Staffing & Recruiting services. Perfecta brings a successful track record of delivering value based quality professional solutions at economical price to its customers across the U.S. Perfecta has successfully executed various IT and Staffing projects with its government and commercial clients and has consistently provided quality services to its customers. Job Description Part I. General Information Under this Statement of Work (SOW), the Contractor shall analyze, recommend, create working documentation, guidelines, policies, standards, instructional procedures, and conduct assessments to support the implementation of the following: • PERS Information Security Awareness and Training Program • PERS Information Security Program • Reorganization and alignment of PERS Information Security policies, standards, and procedures Part II. Work The Contractor shall comply with OPERS contractual deliverable review and approval processes by working with OPERS Quality Assurance in utilizing the Quality Checkpoint process attached to this SOW as Attachment 1. Quality Checkpoint is a Quality Assurance process to verify that major deliverables in the project have been reviewed and approved by their respective stakeholders. PERS Information Security Awareness and Training Program Contractor shall assist OPERS' CISO in the creation, documentation, and implementation of a structured Information Security Awareness and Training Program. Contractor shall work with OPERS to plan, document and implement solutions to fit the needs of OPERS. Tasks to support OPERS' Information Security Awareness and Training Program include, but not limited to: 1. Define activities to be performed to enable and implement the Security Awareness and Training Program 2. Research and document materials needed to implement the program 3. Research and document delivery methods and related activities to implement the program 4. Research, obtain stakeholder buy-in, and document a regularly occurring schedule of activities. 5. Develop content for PERS specific, role based training for data/system owners/custodians. 6. Develop content, produce materials for PERS specific training for staff. 7. Deliver Security, Awareness and Training materials, presentations, etc. to targeted audiences Reorganization of PERS Information Security policy structure In the first phase of policy, standard, procedure creation, emphasis was placed on creating required policy documentation to address HPE findings. In this second phase, the emphasis is to consolidate and reorganize the policy structure, resulting in fewer policies, and more specific requirements, based on security domains: 1. Identify and convert redundant policies to standards as appropriate 2. Align policy structure to NIST CSF domains 3. Address gaps by creating policies, standards, and procedures as identified and needed. Implementation of PERS Information Security Program Initialize and implement operation of Information Security program: 1. Conduct Third Party and Software Development Information Security assessments 2. Initialize policy exception requesting, approval, denial, and risk acceptance process. Part III. Special Considerations Contractor acknowledges and agrees that any and all information regarding OPERS installation, design, configuration, data migration will be kept confidential. Part IV. Travel and Other Expenses OPERS shall not reimburse Contractor for any expenses under this Contract. Work must be completed on-site, Tigard, OR Additional Information All your information will be kept confidential according to EEO guidelines.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

The Information Security Manager is responsible for designing, implementing, and enhancing a comprehensive technology compliance and risk management program to bolster the organization's security posture. This role involves continuous assessment, reporting, and improvement of technology risks and compliance activities across global operations. You will serve as a pillar of the Information Security Program by driving and managing program activities, ensuring success through collaboration with internal and external partners. In the future you will establish a team and reports, but on the forefront there will be a focus on managing third party and vendor risk with an emphasis on front end offensive security activities and conducting service provider security assessments. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements -5+ years of experience managing an enterprise risk register -5+ years of experience managing InfoSec gathering and reporting metrics -5+ years of experience spearheading offensive security activities -5+ years of experience managing policy document and improvement -5+ years of experience implementing data retention policies -5+ years of experience managing third party risk management and cyber risk rating tools -CISSP Certification -Automotive industry experience

Your Opportunity We believe that if you want to fix healthcare you have to fix it for patients and providers. Our responsibility is to ensure both patient and provider safety and accessibility. In this role you will be a technical contributor on the security team building security tools, implementing security controls, building security alerting infrastructure, and liaising between technical teams. You will be an active voice in a small but growing security team. About You: You have 2+ years of security-related experience You have experience using infrastructure as code tools such as CloudFormation or Terraform You are comfortable developing code in a high-level language such as Python, NodeJS, Ruby, etc. You have experience working with cloud platforms such as AWS, Azure, or GCP You are familiar with OWASP Top Ten vulnerabilities and how they impact an environment You are familiar with building security alerts from multiple data sources You have some familiarity with control frameworks such as NIST CSF and ISO 27001 You enjoy collaborating with external teams and stakeholders, their success is your success You're passionate about building automated tasks to help efficiency You don't dwell on mistakes, you own them and use them as opportunities to learn and grow from You are an active voice and listener in a small but focused security team No matter how large, small, complex, or mundane the task, you follow through to the best of your ability and persevere through challenges. What You'll Do: Implement technical security controls into our environment Develop tools that assist with identifying and remediating security threats Help build our security monitoring infrastructure across our platform Ideate, develop, and execute technical compliance frameworks into controls Review third party applications and tools for security & compliance Be a champion of security to stakeholders, team members, and outside vendors Best Parts of the Job: You'll work with a small team that encourages you to learn new things You'll have a wide scope of responsibilities and make impactful change You'll use creativity to solve novel problems and be encouraged to learn new technologies to meet our business goals You'll have an experienced technical manager who deeply cares about your performance

SCT resources have a broad range of skills in different technologies. The large skill-set has been made possible by a conscious focus on strengthening our skills base. Every person selected for our team brings something new, something that adds to our offerings. We learn continuously, both on the job and through formal training programs. Job Description Requirements: 5+ years' experience with strong programming skills with proficient in of C#/.NET, Managed C++, MSTest using Visual Studio, Java programming using Eclipse tools and Familiarity with Ant Experience of developing a browser plugin for Windows, including knowledge of ensuring compatibility across Chrome, Firefox and Internet Explorer General understanding of system level Windows API/features (registry/privileges/security) Experience with security models including authentication, encryption using AES Working experience securing Internet services with (one or more) SSL/TLS protocols, PKI/X.509, digital signatures Experience of working with scripting languages like Python/JavaScript Familiar with version control systems (i.e Perforce) Work in agile environments, particularly SCRUM Strong written and verbal communication skills Education: B.S. in Computer Science, or equivalent work experience

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Job Details: Title: SOA Architect Location: Lake Oswego, OR Duration: 3 month (may extend) Note: • The client is looking for a Web Services SOA Architect for an on-site position in Lake Oswego, OR Required: • Web Services (SOA) Designer/Architect • Interested in helping architect and build our next generation of SOAP and REST web services? At Thomson Reuters, you'll have an opportunity to help us continue to be the market leader in delivering enterprise-class, mission-critical, commercial, and scalable products to serve the tax needs of the Fortune 1000 elite • Extensive Experience with web services standards/design and related technologies (HTTP, XML, JSON, REST, SOAP, WS*). • Extensive Experience programming in Java • Extensive Experience working with a variety of Applications Servers and Databases (primarily Tomcat, Oracle) • Responsibility for technical design, performance test, core framework development & being the subject matter expert for the company's web services. • Work closely with the Technology organization in helping to design, develop, test and maintain internal and external facing web services. • Standard data formats: HTML, XML, XML related technologies including but not limited to XSLT and XML Parsers, Understanding of XML4IP a plus, PDF, Web 2.0 technologies, Architectural Patterns, Design Patterns, JEE framework and other related frameworks as related • Software Architecture, Design Patterns, Architectural frameworks, Single Page Application, MVC, MVVM, MV* • Experience with web service technologies: SOAP, WSDL, UDDI, eBXML and JAX pack. Explain the technologies included within JAX pack, i.e. JAXP, JAXB, JAXM, JAX-RPC, JAXR • Web development integration approaches such as SOA and TOGAF Additional Information To know more about this position please contact; Monil Narayan ************

As an Application Security Engineer, you'll help drive Concora Credit's Mission to enable customers to Do More with Credit - every single day. The impact you'll have at Concora Credit: We are seeking a highly skilled Application Security Engineer to strengthen our application and product security posture across web, mobile, and cloud-based platforms. The ideal candidate will have deep hands-on experience in secure application development practices, threat modeling, and vulnerability management - with a proven track record of sustained collaboration and communication with development teams and supporting security programs within the financial services industry and PCI DSS compliance environments. The candidate's success will be dependent on their ability to Integrate with multiple teams and be a collaborative and guiding presence. We hire people, not positions. That's because, at Concora Credit, we put people first, including our customers, partners, and Team Members. Concora Credit is guided by a single purpose: to help non-prime customers do more with credit. Today, we have helped millions of customers access credit. Our industry leadership, resilience, and willingness to adapt ensure we can help our partners responsibly say yes to millions more. As a company grounded in entrepreneurship, we're looking to expand our team and are looking for people who foster innovation, strive to make an impact, and want to Do More! We're an established company with over 20 years of experience, but now we're taking things to the next level. We're seeking someone who wants to impact the business and play a pivotal role in leading the charge for change. Responsibilities As our Application Security Engineer, you will: Collaborate daily with development and project teams, assisting developers and architects to ensure compliance with established security standards and secure design principles. Identify, prioritize, and mitigate vulnerabilities based on OWASP Top 10, SANS CWE Top 25, and industry best practices. Lead application security assessments and reviews for web, mobile, and API-based systems throughout the SDLC. Collaborate with internal DevOps and other Dev teams to integrate, manage, and report on automated vulnerability scanning, SAST, DAST, and SCA platforms both as stand-alone tools and within CI/CD pipelines. Partner with DevOps and engineering teams to embed security controls early in the development process (“shift left”). Conduct secure code reviews and support developers in understanding and remediating findings. Conduct and coordinate penetration tests for internal systems and web and mobile applications to validate vulnerability findings and assess real-world exploitability. Champion secure coding practices and deliver targeted security training and awareness to engineering teams. Perform threat modeling and risk assessments for new applications and system changes. Support and maintain PCI DSS compliance as it relates to application security and data protection. Collaborate with infrastructure and cloud security teams to ensure consistent protection across the technology stack. Contribute to continuous improvement of the organization's secure SDLC and AppSec frameworks. These duties must be performed with or without reasonable accommodation. We know experience comes in many forms and that many skills are transferable. If your experience is close to what we're looking for, consider applying. Diversity has made us the entrepreneurial and innovative company that we are today. Qualifications Requirements: 3-5 years of experience in Application Security, Secure Software Development, or related fields. Solid understanding of OWASP Top 10, secure coding standards, vulnerability management, penetration testing methodologies, and common web/mobile vulnerabilities. Hands-on experience with security testing tools (e.g. Sonarqube, Tenable WAS, Burp Suite, OWASP ZAP, Veracode, or similar). Experience integrating AppSec tools into DevOps pipelines (Azure DevOps, Git, etc.). Experience performing or managing web application penetration tests using tools such as Burp Suite, OWASP ZAP, or manual techniques aligned with OWASP Testing Guide. Strong familiarity with PCI DSS and other financial regulatory compliance frameworks. Practical knowledge of web technologies (REST, JavaScript, HTML5, CSS, JSON) and at least one modern programming language (e.g., Java, C#, Python, JavaScript, Swift). Experience securing mobile applications (iOS and Android) through static and dynamic analysis. Excellent communication skills and ability to work cross-functionally with engineering and compliance teams. What's In It For You: Medical, Dental and Vision insurance for you and your family Relax and recharge with Paid Time Off (PTO) 6 company-observed paid holidays, plus 3 paid floating holidays 401k (after 90 days) plus employer match up to 4% Pet Insurance for your furry family members Wellness perks including onsite fitness equipment at both locations, EAP, and access to the Headspace App We invest in your future through Tuition Reimbursement Save on taxes with Flexible Spending Accounts Peace of mind with Life and AD&D Insurance Protect yourself with company-paid Long-Term Disability and voluntary Short-Term Disability Concora Credit provides equal employment opportunities to all Team Members and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Employment-based visa sponsorship is not available for this role. Concora Credit is an equal opportunity employer (EEO). Please see the Concora Credit Privacy Policy for more information on how Concora Credit processes your personal information during the recruitment process and, if applicable, based on your location, how you can exercise your privacy rights. If you have questions about this privacy notice or need to contact us in connection with your personal data, including any requests to exercise your legal rights referred to at the end of this notice, please contact caprivacynotice@concoracredit.com.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

The Security Engineer will focus on hardening and isolating K3s clusters to minimize blast radius in the event of compromise. This includes enforcing Linux security modules (SELinux, AppArmor), leveraging TPM for secure boot and attestation, implementing least privilege across nodes and workloads, and ensuring multi-tenant isolation within hybrid Kubernetes environments (x86, ARM, accelerators). Responsibilities Security Architecture & Policy Enforcement Design and implement security-first cluster configurations for K3s nodes. Enforce mandatory access control (MAC) using SELinux and AppArmor profiles for pods and system services. Integrate TPM-based attestation and secure boot for cluster nodes to ensure trust in hardware and OS integrity. Establish node, pod, and namespace isolation strategies to reduce lateral movement risk. Harden cluster components (API server, etcd, kubelet) following CIS and NSA Kubernetes security benchmarks. Blast Radius Reduction Define and enforce workload sandboxing strategies (seccomp, AppArmor, SELinux contexts, gVisor/Kata if applicable). Configure minimal privilege policies (RBAC, PodSecurityStandards, NetworkPolicies) to ensure least-privilege execution. Implement namespace, node pool, and hardware partitioning to confine workloads and protect sensitive applications. Apply resource quotas, limits, and scheduling constraints to contain denial-of-service blast radius. Integration with Identity & Secrets Management Work with Security team to ensure strong identity, authentication, and authorization models. Integrate TPM-backed secrets storage and HSM/KMS systems for cryptographic operations. Ensure secure distribution of workload secrets with solutions like SealedSecrets, HashiCorp Vault, or SOPS. Runtime & Supply Chain Security Enforce image signing and verification with cosign or Notary. Integrate SBOM scanning and vulnerability management into CI/CD pipelines. Monitor workloads for runtime anomalies (Falco, Cilium Tetragon, or equivalent). Apply kernel hardening measures (seccomp-bpf, kernel lockdown, IMA/EVM with TPM). Monitoring & Incident Response Build observability hooks for security events (audit logs, syscall monitoring, TPM attestations). Define blast radius response runbooks for compromised pods or nodes. Work with SRE and Security teams to test chaos/security drills simulating breaches. Deliverables K3s cluster baseline hardened with SELinux and AppArmor profiles. TPM-enabled secure boot and node attestation pipeline. Enforced PodSecurityStandards and workload sandboxing (seccomp, gVisor/Kata optional). Documentation of isolation strategies (namespaces, node pools, network segmentation). Audit-ready evidence of compliance with CIS/NSA Kubernetes security benchmarks. Security runbooks for containment and blast radius reduction. Required Skills & Experience Strong knowledge of K3s/Kubernetes internals, especially security features. Hands-on experience with SELinux, AppArmor, seccomp, and Linux capabilities. Experience with TPM (Trusted Platform Module) for secure boot and attestation. Deep understanding of Pod Security (PodSecurityPolicies/Standards, OPA/Gatekeeper/Kyverno). Experience implementing RBAC, NetworkPolicies, and workload isolation at scale. Proficiency in Linux kernel security mechanisms and debugging. Familiarity with container runtimes (containerd, CRI-O, gVisor, Kata) and their security implications. Strong background in incident response, forensic data collection, and audit logging in Kubernetes. Nice to Have Contributions to Kubernetes SIG-Security or open-source security tooling. Experience with supply chain security frameworks (SLSA, NIST 800-190). Familiarity with confidential computing (TEE/SGX/SEV) for workload isolation. Hands-on with Cilium Tetragon, Falco, or other runtime security tools. Knowledge of air-gapped deployments and hardened Linux distributions (e.g., Flatcar, Bottlerocket).

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and JQuery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Job Description Statement of Work: Architect and assist in the development of the 4d-OR information system by doing the following: The skills necessary to do this work would include: Architects, designs, reviews, analyzes, and modifies programming systems including encoding, testing, debugging and installing to support an organization's application systems. Consults with users to identify current operating procedures and to clarify program objectives. May be expected to write documentation to describe program development, logic, coding, and corrections. Writes manuals for users to describe installation and operating procedures. Requires a bachelor's degree in a related area and at least 8 years of experience in the field or in a related area. Must have a working knowledge of distributed information systems, relational databases, client-server concepts, and web site development with responsive frameworks. Relies on experience and judgment to plan and accomplish goals. Performs a variety of complicated tasks. A wide degree of creativity and latitude is expected. Need GC CITIZENS ONLY. Additional Information Thanks and Regards, Isha Sharma 408-766-0000 ext 425

Project Description: Firmware architecture development for a low power System on a Chip that interacts with sensors and wireless communications protocols (Bluetooth LE). Architecture design involves translating low level hardware controls into a well-defined software architecture that will be used for firmware development. Work with both hardware specification and firmware implementation teams. Daily Responsibilities: Architect key blocks of firmware that interact with low level hardware SoC features. Interface with SoC architects to work through hardware design ambiguities and translates hardware architecture to firmware achitectures. Qualifications Necessary Skills (Must Have): Excellent documentation skills. Knowledge of Client architecture. Proven ability to understand low level hardware specifications. Embedded software, firmware and device driver development on a variety of platforms. Experience with standard dev tools: revision control, issue tracking, profilers, debugging, etc. Excellent communication skills Additional Information Thanks & Regards Praveen K. Paila ************

Details Information Department VP for Research (RIP) Position Title Officer-Compliance Job Title Export Control and Research Security Analyst Appointment Type Professional Faculty Job Location Corvallis Benefits Eligible Full-Time, benefits eligible Remote or Hybrid option? Yes Job Summary The Division of Research and Innovation is seeking an Export Control and Research Security Analyst. This is a full-time (1.00 FTE), 12-month, professional faculty position. The Oregon State University (OSU) Division of Research and Innovation is seeking an Export Control and Research Security Analyst (Analyst) to work under the direction of the Director of Export Controls and Research Security (Director) to ensure OSU's compliance with United States regulations and laws protecting national security, foreign policy, and economic interests. The Analyst will have an exciting opportunity to work within an important, evolving regulatory landscape, supporting the Export Control and Research Security operations, as well as others across the University, to support OSU's mission. The Analyst will assist with communication and dispensation of OSU's Export Control and Research Security programs, requiring the application of OSU policies and procedures while reviewing University activities such as international travel requests, foreign collaborations and visitors, Unmanned System research activities, contract reviews, Technology Control Plan (TCP) drafting and management, and required documentation in congruence with all applicable U.S. export control laws and regulations and research security policies and requirements. The Analyst will work cooperatively with colleagues in the Division of Research and Innovation, partnering with university administrative units, academic departments, and external stakeholders, including Federal partners, to promote compliance while being mindful of the impact on university activities. This is a full-time (1.00 FTE), 12-month professional faculty position. The Office of Research Integrity, within the Division of Research and Innovation, supports OSU's commitment to exceptional research by collaborating with faculty, staff, and students to help ensure that research is conducted ethically, to high professional standards, and in compliance with regulatory requirements. The Analyst will work alongside a team of compliance and regulatory experts in the Office of Research Integrity and will join our Export Control and Research Security programs. As one of only three land, sea, space, and sun grant universities in the nation, OSU serves Oregon and the world through our campuses in Corvallis and Bend, our marine research center in Newport, and our award-winning E-campus. With over $470 million in competitive research awards per year, OSU continues to lead the way with practical, impact-driven research that improves lives, protects natural resources, and generates economic growth to transform our future. The Export Control and Research Security Analyst reports to the Director, Export Controls and Research Security. Why OSU? Working for Oregon State University is so much more than a job! Oregon State University is a dynamic community of dreamers, doers, problem-solvers and change-makers. We don't wait for challenges to present themselves - we seek them out and take them on. We welcome students, faculty and staff from every background and perspective into a community where everyone feels seen and heard. We have deep-rooted mindfulness for the natural world and all who depend on it, and together, we apply knowledge, tools and skills to build a better future for all. FACTS: * Top 1.4% university in the world * More research funding than all public universities in Oregon combined * 1 of 3 land, sea, space and sun grant universities in the U.S. * 2 campuses, 11 colleges, 12 experiment stations, and Extension programs in all 36 counties * 7 cultural resource centers that offer education, celebration and belonging for everyone * 100+ undergraduate degree programs, 80+ graduate degrees plus hundreds of minor options and certificates * 35k+ students including more than 2.3k international students and 10k students of color * 217k+ alumni worldwide * For more interesting facts about OSU visit: ***************************** Locations: Oregon State has a statewide presence with campuses in Corvallis and Bend, the OSU Portland Center and the Hatfield Marine Science Center on the Pacific Coast in Newport. Oregon State's beautiful, historic and state-of-the-art main campus is located in one of America's best college towns. Corvallis is located close to the Pacific Ocean, the Cascade mountains and Oregon wine country. Nestled in the heart of the Willamette Valley, this beautiful city offers miles of mountain biking and hiking trails, a river perfect for boating or kayaking and an eclectic downtown featuring local cuisine, popular events and performances. Total Rewards Package: Oregon State University offers a comprehensive benefits package with benefits eligible positions that is designed to meet the needs of employees and their families including: * Medical, Dental, Vision and Basic Life. OSU pays 95% of premiums for you and your eligible dependents. * Free confidential mental health and emotional support services, and counseling resources. * Retirement savings paid by the university. * A generous paid leave package, including holidays, vacation and sick leave. * Tuition reduction benefits for you or your qualifying dependents at OSU or the additional six Oregon Public Universities. * Robust Work Life programs including Dual Career assistance resources, flexible work arrangements, a Family Resource Center, Affinity Groups and an Employee Assistance Program. * Optional lifestyle benefits such as pet, accident, and critical illness insurance, giving you peace of mind and the support you need to thrive in all aspects of your life. Oregon State University is deeply committed to the principles of a Health Promoting University. This commitment drives a collaborative approach across OSU's safety and well-being programs, reducing silos and coordinating efforts to enhance employee safety and well-being. By prioritizing resources that support the health of both employees and students, OSU fosters a culture of care and a healthier campus environment where everyone can thrive. 2025 Best Place for Working Parents Designation! Future and current OSU employees can use the Benefits Calculator to learn more about the full value of the benefits provided at OSU. Key Responsibilities 45% - Export Compliance * Primary duties include conducting reviews of university activities for deemed exports, end-use and end-user restrictions, embargoes and sanctions, restricted party screenings, and anti-boycott restrictions in order to determine recommendations for the best course of action to minimize risk to the University, including requests for specific authorization or determinations from the U.S. Government, according to the regulatory requirements and best practices, included within but not limited to the International Traffic in Arms Regulations (ITAR), the Export Administration Regulations (EAR), the Foreign Assets Controls Regulations (FACR), and those administered by the Nuclear Regulatory Commission and Department of Energy. * Assist in implementing methods to ensure physical as well as deemed export controls are in place. In doing so, the Analyst must understand or be willing to learn a range of commodities controlled by the Commerce Control List and U.S. Munitions List, and how export control regulations and laws apply, etc. * Work with the Director and researchers to make accurate commodity classification determinations and requests for classification to external parties, including the Department of Commerce and the Department of State. * Work with the Director and OSU's international programs to ensure compliance with Federal requirements for the issuance and maintenance of visas for visiting scholars and international employees. * Review foreign travel requests involving OSU-owned equipment or business in order to make recommendations to ensure the safety and security of the faculty, staff, or students and the materials with which they are traveling. * Review proposals, awards, and agreements for concerns related to export compliance and identify potential risks or compliance issues, and prepare recommendations for the Director. * Maintain detailed records and the export control record-keeping systems. 25% Research Security Compliance * Support the Research Security program's outreach and training, including preparing materials, management, liaison with other departments, reviews, and tracking, as well as website maintenance. * Assist researchers in understanding and navigating reporting requirements, and mitigating risks and assisting in the development and monitoring of any necessary mitigation plans. * Conduct comprehensive reviews to ensure compliance with institutional and federal requirements, as outlined in National Security Presidential Memorandum No. 33 (NSPM-33) and the CHIPS + Science Act and make recommendations to the Director. 15% - Coordination, Analysis and Communication * Work closely and collaborate with partners in the Division of Research and Innovation, Procurement, Contract Services, Office of General Counsel, University Information Technology, Office of International Services, and other units, including with researchers and faculty, to identify, understand, apply, and comply with export control and research security obligations to a wide variety of university activities that have implications for operations in international travel and collaborations, physical exports, research agreements, awards, and grants, fieldwork, and international visiting scholar or employee appointments. * Serve as an effective partner with all OSU units. Build rapport and relationships with key stakeholders as export control and research security compliance involves extensive and ongoing collaboration with internal and external partnerships and working collaboratively in a cross-functional approach on sensitive and complex issues. * Performs regular assessments of export compliance and research security. Identifies and researches potential compliance risks, gaps, and violations. Makes recommendations to the Director. 10% - Outreach and Training * Support export control and research security education and outreach for the OSU community, including preparation of materials, record keeping, and assisting with facilitation of the educational programs. * Assist with the maintenance of a comprehensive website, including up-to-date web-based materials. * Participate in regional and national organizations that include export controls or research security as a distinct component. Including continuing education and remaining current on issues, policies, regulations, and best practices. * Serves as the communications manager for the export and drone email accounts. 5% - Other Duties as Assigned by the Director, Export Control and Research Security * The percentage of time spent on each of the above duties is expected to vary over time and with the demands of the position. What You Will Need * Bachelor's degree from an accredited university in International Relations or Business, English, Law, or related field. * Ability to maintain confidentiality on sensitive subjects. * To ensure compliance with U.S. export control regulations, the applicant should be eligible for any required authorization from the U.S. Government. * Interpersonal skills and a collaborative problem solver who can navigate complex issues to completion. * Demonstrated commitment and ability to promote, enhance, and work with diverse, multi-national, multi-ethnic groups in respectful, productive, and collaborative ways. * Ability to conduct a comprehensive, detailed analysis of complex Federal regulations and policies. * Effective communicator; able to convey complex information to varied audiences, both verbally and in writing. This position is designated as a critical or security-sensitive position; therefore, the incumbent must successfully complete a criminal history check and be determined to be position qualified as per University Standard: 05-010 et seq. Incumbents are required to self-report convictions and those in youth programs may have additional criminal history checks every 24 months. What We Would Like You to Have * Self-motivated, life-long learner. * An advanced professional degree such as an M.S. in a field of Science, Engineering, Business, Law, International Relations, English, or an area of specialization or closely related field. * Relevant experience in a regulatory or compliance field, or a combination of education, training, and relevant experience, including working within higher education. * Knowledge of the EAR, ITAR, or OFAC regulations, with the NISP-OM or NIST, or NSPM-33 and the CHIPS + Science Act. * Experience with export controls, Federal agencies, Federal contractors, labs, universities, or a related area in industry. * Demonstrated ability to perform under time constraints and manage competing priorities. Working Conditions / Work Schedule Primarily based on the Corvallis campus, however, a remote or hybrid work arrangement may be considered for candidates with the appropriate background and experience, as agreed upon with the supervisor. Domestic and/or international travel may be required on occasion. Pay Method Salary Pay Period 1st through the last day of the month Pay Date Last working day of the month Recommended Full-Time Salary Range $66,032 - $85,740 Link to Position Description ********************************************************* Posting Detail Information Posting Number P09647UF Number of Vacancies 1 Anticipated Appointment Begin Date 03/01/2026 Anticipated Appointment End Date Posting Date 12/29/2025 Full Consideration Date Closing Date 01/25/2026 Indicate how you intend to recruit for this search Competitive / External - open to ALL qualified applicants Special Instructions to Applicants When applying you will be required to attach the following electronic documents: 1) A resume/CV; and 2) A cover letter indicating how your qualifications and experience have prepared you for this position. You will also be required to submit the names of at least three professional references, their e-mail addresses and telephone numbers as part of the application process. For additional information please contact: Gretchen Cuevas at ******************************* We are an Equal Opportunity Employer, including disability, protected veteran, and other protected status. OSU will conduct a review of the National Sex Offender Public website prior to hire. Starting salary within the salary range will be commensurate with skills, education, and experience. OSU is a fair chance employer committed to inclusive hiring. We encourage applications from candidates who bring a wide range of lived experience including involvement with the justice system. This job has "critical or security-sensitive" responsibilities. If you are selected as a finalist, your initial job offer will be contingent upon the results of a job-related pre-employment check (such as a background check, motor vehicle history check, sexual misconduct reference check, etc.). Background check results do not automatically disqualify a candidate. Take a look at our Background Checks website including the for candidates section for more details. If you have questions or concerns about the pre-employment check, please contact OSU's Employee and Labor Relations team at **********************************. Supplemental Questions

Candidates can live within commutable distance to any Slalom office in the US. We have a hybrid and flexible environment. Who You'll Work With As a modern technology company, we've never met a technical challenge we didn't like. We enable our clients to learn from their data, create incredible digital experiences, and make the most of new technologies. We blend design, engineering, and analytics expertise to build the future. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are seeking an experienced AWS Security Architect with deep expertise in AWS cloud architecture, native & external security services, and regulatory compliance to provide advisory and delivery services aligned with the standards of a top-tier consulting firm. This role will partner with enterprise clients to design, assess, and implement secure AWS environments that meet business, compliance, and regulatory requirements. This role requires a strong blend of hands-on technical capabilities, architectural leadership, and client-facing advisory skills. As a trusted advisor, you will lead security strategy sessions, assess current cloud security postures, and deliver AWS-native and third-party solutions that align with best practices. You will work across multiple industry verticals, collaborating with engineering, security, risk, and compliance teams, and guiding clients through security transformation journeys and ensuring AWS adoption is secure, compliant, and resilient. This is a strategic technical consulting role suited for individuals who are passionate about cloud security, compliance, and helping clients adopt secure architectures in regulated environments. Key Responsibilities * Serve as a client-facing advisor, providing strategic guidance on cloud security transformation, governance, and operating models. * Lead cloud security assessments, maturity evaluations, and gap analyses, producing recommendations aligned with regulatory frameworks (e.g., NIST, ISO 27001, CIS, PCI DSS, HIPAA). * Design and implement AWS-native security architectures leveraging IAM, KMS, CloudTrail, Security Hub, GuardDuty, Macie, Detective, and Control Tower. * Establish governance, risk, and compliance (GRC) frameworks for AWS adoption, including policy-as-code and automated compliance monitoring. * Define and implement identity and access management (IAM) strategies, including federation, least privilege, and Zero Trust principles. * Guide clients in adopting secure application and data architectures, including encryption, data loss prevention, and secure API integrations. * Support incident response and forensics readiness through AWS-native logging, monitoring, and detection services. * Collaborate with DevOps and platform teams to integrate security into DevOps pipelines (DevSecOps) with automation for vulnerability management, code scanning, and compliance validation. * Collaborate with client executives to articulate cloud security roadmaps, business cases, and investment priorities. * Partner with internal teams to develop accelerators, templates, and reusable security patterns that improve time-to-value for clients. * Author client deliverables such as risk assessments, security architecture design documents, gap analyses, and roadmap plans. * Provide thought leadership via security workshops, executive briefings, and architecture reviews. * Stay current with AWS service releases, regulatory changes, and emerging cyber risks to inform recommendations. Core Qualifications * 8+ years of IT security experience with at least 4+ years focused on AWS security. * Proven consulting experience delivering security assessments, compliance programs, and cloud security roadmaps for enterprise clients. * Strong expertise in AWS security services (i.e. IAM, KMS, CloudTrail, GuardDuty, Macie, Security Hub, Detective, WAF, Shield). * Deep knowledge of cloud governance, risk management, and regulatory compliance frameworks (NIST, ISO, CIS Benchmarks, SOC 2, HIPAA, PCI DSS) and experience designing or assessing AWS environments aligned with these frameworks. * Hands-on experience embedding security into DevOps/DevSecOps pipelines and Infrastructure-as-Code (Terraform, CloudFormation, AWS CDK). * Experience designing ransomware detection, response, and business resilience strategies in AWS including backup, recovery, and isolation patterns. About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position, the target base salary pay range in the following locations: Boston, Houston, Los Angeles, Orange County, Seattle, San Diego, Washington DC, New York, New Jersey, for Consultant level is $119,000-$147,500 and for Senior Consultant level it is $136,500-$169,500 and for Principal level it is $151,000-$187,500. In all other markets, the target base salary pay range for Senior Consultant level it is $125,000-$155,500 and for Principal level it is $138,500-$172,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We will accept applications until 3/31/2026 or until the positions are filled. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to attracting, developing and retaining highly qualified talent who empower our innovative teams through unique perspectives and experiences. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team or contact ****************************** if you require accommodations during the interview process.