Security architect jobs in Guaynabo, PR - 34 jobs

Our rapidly growing team specializes in threat hunting, analyzing indicators of compromise (IOCs), investigating security incidents, managing incident responses, and conducting digital forensics across IaaS, PaaS, and SaaS platforms. In this role, you will be part of a dedicated security operations team, leveraging data loss prevention, case management tools, and developing automation to detect and respond to security threats in real time. Additionally, you will play a critical role in designing and implementing data loss prevention strategies to proactively mitigate potential data security risks. As the last line of defense when security controls are breached, your expertise will be instrumental in securing Oracle's data and infrastructure. The ideal candidate is a proactive self-starter with a strong sense of ownership, accountability, and capable of delivering effective results under pressure. By bringing deep expertise in security engineering, you will help drive the strategic development of our enterprise security threat program. An acute attention to detail and a tenacious investigative and analytical approach will be key to success. **The Role** We are seeking a seasoned security engineering professional to join our T1/2 DLP operations team to investigate alerts through tooling and perform triage and response to DLP related events. Support build-out of advanced security tools, processes, and automation to identify and mitigate risks related to proprietary data across OCI and Oracle's broader enterprise. You will drive sensitive investigations, conduct thorough root cause analyses, and work collaboratively with partner teams-including SOC, digital forensics, incident response, physical security, and engineering-to respond effectively to diverse and sophisticated threats. **Responsibilities** **Key Responsibilities** + **Incident Investigation and Response:** Analyze DLP security alerts through DLP intake systems and escalated through DLP tools and case management, triage, investigate and respond to potential security incidents, and coordinate appropriate incident response actions. + **Advanced Threat Analysis:** Assess and triage complex DLP events (alerts) across OCI and the Oracle enterprise CSP environments using security monitoring tools, logs, and threat intelligence to identify indicators of compromise and recommend remediation steps. + **Monitor and Analyze User Activity:** Continuously monitor, analyze, and investigate user behaviors and activities across networks, applications, and endpoints to detect suspicious patterns or potential insider threats. + **Build and Maintain Detection and Response Systems:** Develop, implement, and manage tools, analytics, and automated detection systems specifically designed to identify potentially malicious activity. + **Data Loss Prevention (DLP):** Participate with the DLP team to enhance data loss prevention strategies, including deploying and tuning DLP technologies to prevent unauthorized access or transmission of sensitive proprietary data. + **Incident Investigations:** Conduct thorough investigations of security incidents related to potential or confirmed threats, collaborating closely with legal, HR, and compliance teams as needed. + **Case Management:** Document and manage cases from detection through to resolution, ensuring proper documentation and reporting processes are followed. + **Security Awareness and Training:** Support the development and delivery of targeted security awareness training at all levels of the company. Training to be focused on reducing data security risk and how to recognize and report suspicious behaviors. + **Collaboration and Coordination:** Work with cross-functional teams such as HR, legal, compliance, physical security and other engineering organizations to coordinate incident response and security policy and standards of enforcement. + **Threat Hunting:** Proactively hunt for evidence of threats by analyzing system logs, access records, and behavioral analytics. + **Tool and Process Enhancement:** Evaluate and recommend improvements to detection tools, response processes, and operational playbooks. + **Reporting and Analytics:** Prepare reports and metrics on insider threat trends, investigation outcomes, and security posture for management and leadership. **Preferred Qualifications** + Five years of experience in DLP (client/server/cloud), incident response and/or security operations center activities at a cloud service provider + Effective written and oral communications skills with the ability to deliver technical information to non-technical staff + Comfortable working in an ambiguous, fast-paced, unpredictable environment + Experience working in a highly collaborative, team centric, event driven operations team + Experience with variety of technologies and how they are used to exfiltrate data + Experience with a variety of DLP tools (data at rest, data in motion, data in use) + Experience with a wide variety of logs and telemetry including AV, web server, SIEM, etc. + Experience with sophisticated threat actors and complex security incidents + Understanding of insider threat actor tactics, techniques, and procedures (TTPs) and threat analysis models like MITRE ATT&CK Framework + Experience developing and hunting using DLP-related indicators of compromise (IOC's) + Experience performing open-source research on a variety of topics Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $82,200 to $178,100 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC3 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired by a collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizations unlock the value of technology and build a more sustainable, more inclusive world. The Senior Security Analyst supports the governance of service provider activities in the enterprise security program, monitoring and escalating problems and providing information on security issues. Undertakes security assurance and audit activities to ensure compliance and to identify risks and opportunities. Provides information to senior managers and executives to ensure that they are aware of any security-related risks or opportunities. Provides subject matter expertise, consultancy and training in security-related matters. Must be able to function in a fast-paced, multi-vendor outsourced environment, facilitating conference calls among other subject matter experts and the client. Your Responsibilities: Handles monthly reporting duties for the Information Risk Management team; Facilitates audit planning and audit remediation activities of the service providers, leading calls and documenting and reporting progress; Has familiarity with Security technologies and controls; Expertise not required, but ability to escalate to more senior subject matter experts is important. Develops work plans to structure solutions and communications; Able to involve client and vendor staff appropriately in resolving Security problems; Participates effectively within the business' Security governance framework; Tracks the corrective and preventive actions being taken to improve Security to closure. Possess strong communication skills to communicate technical and security risk information to management. Your Experience: Ability to self-manage with little interaction from other management staff. Flexible and able to adapt to manage a fast-changing environment. Ability to solve complex issues and provide recommendations and advice regarding remediations. Security architecture, security software, or security policy experience Ability to organize agendas, lead conference calls, and track action items to completion. Security and Audit certifications such as SSCP, CISSP, CISA, CISM, CGEIT, CRISC, Security + are preferred. Job Description - Grade Specific The base compensation range for this role in the posted location is: $65,586-121,980. Capgemini provides compensation range information in accordance with applicable national, state, provincial, and local pay transparency laws. The base compensation range listed for this position reflects the minimum and maximum target compensation Capgemini, in good faith, believes it may pay for the role at the time of this posting. This range may be subject to change as permitted by law. The actual compensation offered to any candidate may fall outside of the posted range and will be determined based on multiple factors legally permitted in the applicable jurisdiction. These may include, but are not limited to: Geographic location, Education and qualifications, Certifications and licenses, Relevant experience and skills, Seniority and performance, Market and business consideration, Internal pay equity. It is not typical for candidates to be hired at or near the top of the posted compensation range. In addition to base salary, this role may be eligible for additional compensation such as variable incentives, bonuses, or commissions, depending on the position and applicable laws. Capgemini offers a comprehensive, non-negotiable benefits package to all regular, full-time employees. In the U.S. and Canada, available benefits are determined by local policy and eligibility and may include: * Paid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave * Medical, dental, and vision coverage (or provincial healthcare coordination in Canada) * Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada) * Life and disability insurance * Employee assistance programs * Other benefits as provided by local policy and eligibility Important Notice: Compensation (including bonuses, commissions, or other forms of incentive pay) is not considered earned, vested, or payable until it becomes due under the terms of applicable plans or agreements and is subject to Capgemini's discretion, consistent with applicable laws. The Company reserves the right to amend or withdraw compensation programs at any time, within the limits of applicable legislation. Disclaimers Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. Capgemini also participates in the Partnership Accreditation in Indigenous Relations (PAIR) program which supports meaningful engagement with Indigenous communities across Canada by promoting fairness, accessibility, inclusion and respect. We value the rich cultural heritage and contributions of Indigenous Peoples and actively work to create a welcoming and respectful environment. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law. This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodation does not pose an undue hardship. Capgemini is committed to providing reasonable accommodation during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact. Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process. Click the following link for more information on your rights as an Applicant in the United States. ************************************************************************** Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

**About Us** **Since 1989, SHI International Corp. has helped organizations change the world through technology. We've grown every year since, and today we're proud to be a $16 billion global provider of IT solutions and services.** **Over 17,000 organizations worldwide rely on SHI's concierge approach to help them solve what's next. But the heartbeat of SHI is our employees - all 7,000 of them. If you join our team, you'll enjoy:** + **Our commitment to diversity, as the largest minority- and woman-owned enterprise in the U.S.** + **Continuous professional growth and leadership opportunities.** + **Health, wellness, and financial benefits to offer peace of mind to you and your family.** + **World-class facilities and the technology you need to thrive - in our offices or yours.** **Job Summary** The Chief Information Security Officer will develop and implement a comprehensive information security strategy that aligns with the organization's goals, ensuring the protection of information assets through effective policy enforcement and risk management. This role involves managing incident response, ensuring regulatory compliance, and overseeing security audits and technology investments to enhance the organization's security posture. The CISO will collaborate with various departments, conduct security awareness training, and provide regular updates to senior management and the board on security status, risks, and initiatives. **Role Description** + Develop and implement an information security strategy that aligns with the organization's goals and objectives to ensure comprehensive protection of information assets. + Oversee the development and enforcement of security policies to ensure that all security policies, procedures, and protocols are up-to-date and effectively implemented across the organization. + Lead risk management efforts by identifying, assessing, and mitigating information security risks to protect the organization from potential threats and vulnerabilities. + Manage incident response and recovery by developing and overseeing the execution of incident response plans to address security breaches and ensure timely recovery. + Ensure compliance with regulatory requirements by monitoring and enforcing compliance with relevant laws, regulations, and industry standards related to information security. + Collaborate with other departments such as IT, legal, HR, and others to integrate security measures into all aspects of the organization's operations. + Conduct security awareness training to educate employees on security best practices and promote a culture of security awareness throughout the organization. + Oversee security audits and assessments by regularly conducting internal and external audits to evaluate the effectiveness of security measures and identify areas for improvement. + Manage security technology investments by evaluating, selecting, and implementing security technologies and tools to enhance the organization's security posture. + Report to senior management and the board of directors by providing regular updates on the organization's security status, risks, and initiatives to ensure informed decision-making at the highest levels. **Behaviors and Competencies** + Technical Expertise: Can create new applications for technical knowledge and skills and can lead the development of technical standards and procedures. + Strategic Thinking: Can analyze complex situations, drive organizational transformation, and adapt strategies to changing market conditions. + Risk-Taking: Can inspire and encourage others to take calculated risks, fostering a culture of innovation and adaptability. + Decision-Making: Can lead organizational decision-making, mentor others in developing decision-making skills, and create frameworks that enhance the decision-making capabilities of the team. + Leadership: Can lead strategic team initiatives, inspire others to take leadership roles, and foster a culture of shared responsibility and continuous improvement. + Analytical Thinking: Can lead and innovate in the application of analytical thinking, solve complex problems, influence others, and contribute to best practices. + Communication: Can lead and model exceptional communication at all levels of the organization, develop and implement communication strategies, and coach others to improve their communication skills. + Adaptability: Can drive strategic transformations, inspire others to embrace change, and foster a culture of continuous adaptation. + Collaboration: Can lead complex team projects, inspire others to collaborate effectively, and foster a culture of mutual respect and shared purpose. + Ethics: Can lead strategic initiatives, inspire others to uphold ethical standards, and foster a culture of integrity and ethical conduct. **Skill Level Requirements** + Deep understanding of the security industry, best practices, emerging technologies, and leading solutions - Expert + Experience supporting various compliance and regulatory frameworks - Expert + Change Management, ability to manage, drive, and adapt to organizational change while maintaining team morale and productivity. - Expert + Continuous Improvement, identifying areas for improvement, implementing changes, and measuring results to enhance processes and performance. - Expert + Financial Awareness and understanding of financial concepts, budgeting, with the ability to make informed decisions based on financial data. - Expert + Forward Thinking, anticipating future trends and needs, and making decisions that position oneself or one's organization for success. - Expert + Innovation to generate, develop, and implement new and original ideas, challenging the status quo to improve processes and solutions. - Expert + Resilient, has the ability to recover quickly from difficulties and adapt in the face of challenging circumstances. - Expert + Influence, ability to persuade, lead, and influence others to achieve desired outcomes. - Expert + Willing to Learn, open to new ideas, and has a desire to continuously learn to stay current with the latest trends, threats, and technology. - Expert + Documentation involves creating, maintaining, and managing detailed and accurate records and documentation to support organizational processes and decisions. - Expert **Other Requirements** + Completed Bachelor's degree in computer science, information technology, cybersecurity, or a related field. Master's degree preferred. + 10+ years' experience in an enterprise information security role + 10+ years' experience in a leadership role + Advanced Certifications: CISSP, CRISC, GCEIT, CISM, GIAC The estimated annual pay range for this position is $275,000 - $350,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

**Anywhere** **Type:** Contract **Category:** Security **Industry:** Financial Services **Workplace Type:** Remote **Reference ID:** JN -012026-105045 **Shortcut:** ********************************** + Description + Recommended Jobs **Description:** _Remote_ Our client is a large financial institution distinguished by its use of modern cloud technologies, mobile platforms, and agile delivery at enterprise scale. The organization promotes ownership, collaboration, and a balanced work environment while investing in continuous innovation. It seeks professionals who can navigate complex technology and business contexts and deliver secure, customer-centric solutions. _We can facilitate w2 and corp-to-corp consultants. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance._ Rate: $55.00 to $65.00/hr. w2 **Responsibilities:** + Participate or lead complex or high severity troubleshooting and incident problem resolutions with infrastructure teams or vendors. + Analyze, design, and implement PKI, certificate, and security solutions. + Translate business needs into technology solutions for internal customers. + Lead or contribute to projects involving PKI, certificates, and security. + Monitor the PKI and certificate incident queue and resolve issues of all levels. + Create, review, approve, and implement changes to PKI and certificate environments. + Analyze current PKI and certificate environments to identify challenges and develop improvements. + Act as PKI and certificate lead on complex incidents, changes, or upgrades. + Represent the crypto services team on global incident management calls with technical teams, customers, or vendors. + Analyze data, identify trends, and facilitate root cause analysis with service improvement opportunities. + Participate in capacity planning, performance monitoring, and maintenance to ensure high availability and proactive improvement. + Apply DevOps principles within PKI operations and engineering. + Lead periodic disaster recovery exercises for PKI and certificates. + Participate in an off-hours on-call rotation. + Communicate technical issues and challenges to technical and non-technical audiences. **Experience Requirements:** + At least 4 years of information technology experience. + At least 2 years of hands-on experience with PKI. + Experience with operational support and implementation of enterprise-level PKI and certificate solutions preferred. + Experience leading technical teams or projects preferred. + Strong understanding of DevOps principles preferred. + Python or other programming or scripting language experience preferred. + AWS Certification preferred. + 3+ years of PKI experience preferred. + Understanding of ITIL principles preferred. **Education Requirements:** + High School Diploma, GED, or equivalent certification. + Bachelor's degree in Computer Science, Information Systems, or Engineering preferred. + AWS Certification. + ITIL-related knowledge or certification preferred. **_Recruitment Transparency Notice_** **_Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team (_** **_noreply@eliassen.com_** **_, ************* inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group's use of these tools, including AI tools, as part of the application and hiring process._** _Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range._ _W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality._ _Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact_ _********************_ _._ _About Eliassen Group:_ _Eliassen Group is a leading strategic consulting company for human-powered solutions. For over 30 years, Eliassen has helped thousands of companies reach further and achieve more with their technology solutions, financial, risk & compliance, and advisory solutions, and clinical solutions. With offices from coast to coast and throughout Europe, Eliassen provides a local community presence, balanced with international reach. Eliassen Group strives to positively impact the lives of their employees, clients, consultants, and the communities in which they operate._ _Eliassen Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status._ _Don't miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!_

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we're all a part of something bigger than ourselves. Are you ready to change the way the world moves? The Enterprise Cyber Security Cloud Security team is responsible for working with other security and cloud services teams to ensure alignment and collaboration in securing Ford's public cloud infrastructure. The teams work closely together to identify security gaps in the cloud environments and address them. The Cloud Security team is responsible for identifying, evaluating, and recommending cloud security tools and functions to enhance security around Ford's public cloud. The team is also responsible for developing and managing the following Security Services in Ford's public cloud environments: - Cloud Security Automation Development - GCP/Azure Security Compliance - GCP VPC Service Control - GCP Cloud Armor/ Azure WAF **What you'll do...** + Partner with other Cloud Security team members to identify and develop automation for security related workflows and audits (VPC SC, DLP, Exceptions, Org Policy, etc..). + Lead evaluation and develop an understanding of tools needed to address security gaps. + Lead/Collaborate with EPEO Services teams on security gap remediation. **You'll have...** + Bachelor's degree in Computer Science, Information Technology or related OR a combination of education and experience + 5+ years of scripting and automation experience + Proven experience in developing and implementing automation using scripting languages such as + Python, PowerShell, or Go, particularly for API integrations, security tool orchestration, and custom audit scripts. + Solid understanding and practical experience with Git and GitHub for version control, collaborative development, and security automation pipeline management. + Familiarity with CI/CD pipelines and automated deployment tools (e.g., Jenkins, Azure DevOps, GitHub Actions) to integrate security automation into the software development lifecycle. + Knowledge of Infrastructure-as-Code (IaC) principles and tools like Terraform. + Strong knowledge of security best practices and guidelines (at the enterprise-level) related to GCP and Azure Cloud deployments as well as common web application frameworks + Understand the functionality and secure usage of various GCP services: VPCs, IAM, security groups, compute engine, cloud storage, Security Command Center, VPC Service Control, Cloud DLP and Cloud Armor + Customer focused and strong team orientation + Self-starter and fast-learner + Strong communication and interpersonal skills + Strong problem solving and Analytical/Reasoning skills + Strong drive for results and ability to work independently + Demonstrated commitment to quality and project timing + Familiarity with the agile project planning process and use of Rally. + Document processes & procedures and developing other documentation. **Even better, you may have...** + Understand the functionality and secure usage of various Azure services: Virtual Machines, Virtual Networks, Azure Active Directory, App Services, Azure SQL Databases, Storage Accounts, Kubernetes, Containers, Key vaults. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including: - Immediate medical, dental, vision and prescription drug coverage - Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more - Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more - Vehicle discount program for employees and family members and management leases - Tuition assistance - Established and active employee resource groups - Paid time off for individual and team community service - A generous schedule of paid holidays, including the week between Christmas and New Year's Day - Paid time off and the option to purchase additional vacation time. For a detailed look at our benefits, click here: ******************************* This position is a range of salary grades 7-8. Visa sponsorship is not available for this position. SOUTHEAST MI RESIDENTS: This role is posted as remote unless you reside within 50 miles of Dearborn, MI-in which case we request on-site presence up to 4 days a week. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call **************. \#LI-Remote **Requisition ID** : 54783

About Zenus Zenus' mission is to facilitate banking beyond borders. Operating in over 150 countries, we enable people and businesses to open a US bank account online, without the need to be a US citizen, resident, or a company registered in the US - opening up the security, stability and freedom of US banking to the world. As a signatory of the UN's Principles for Responsible Banking, we are committed to making finance fair. Our state-of-the-art technology, exclusive partnerships and proprietary processes are now being made available via our embedded banking services to enable other businesses to create new financial service experiences for their customers. Headquartered in San Juan, Puerto Rico, we have a diverse and inclusive team. About the role The Application Security Engineer (AppSec) is responsible for ensuring the security of applications, APIs, and software components throughout the software development lifecycle. Operating within the SecOps domain and reporting to the Information Security Officer (ISO), the AppSec role focuses on secure design, code-level security, vulnerability identification, and controlled offensive testing, ensuring that applications meet organizational security standards before and after deployment. This role owns what is built securely, not cloud platform configuration or CI/CD automation. This position is hybrid, requiring on-site presence with a schedule of: 3 days on-site 2 days remote Responsibilities & duties: Perform application security testing, including SAST, SCA, and DAST analysis. Execute internal manual penetration testing of applications and APIs on a quarterly basis, within approved scope. Conduct threat modeling for new applications and significant changes. Identify, analyze, and document application-level vulnerabilities and security weaknesses. Work directly with development teams to support secure remediation and secure coding practices. Define and maintain secure coding standards aligned with OWASP Top 10 and OWASP API Top 10. Validate that security findings are properly remediated before release. Maintain vulnerability tracking and reporting in Archer or approved systems. Support ISO during audits and security assessments by providing application security evidence. What you need for this role: 3+ years of experience in application security, secure software development, or ethical hacking. Strong knowledge of secure coding principles and common application vulnerabilities. Hands-on experience with SAST, DAST, and SCA tools. Experience performing manual application and API penetration testing. Familiarity with REST APIs, authentication mechanisms, and authorization models. Understanding of CI/CD pipelines from a security testing perspective. Strong documentation and vulnerability reporting skills.

Optum Insight is improving the flow of health data and information to create a more connected system. We remove friction and drive alignment between care providers and payers, and ultimately consumers. Our deep expertise in the industry and innovative technology empower us to help organizations reduce costs while improving risk management, quality and revenue growth. Ready to help us deliver results that improve lives? Join us to start **Caring. Connecting. Growing together.** As an Epic Security Engineer within the Identity Access Operations team, you will play a critical role in managing user access across both Epic applications and enterprise systems. You will oversee automated and manual provisioning processes, ensure compliance with organizational and regulatory requirements, and collaborate with technical, clinical, and operational stakeholders to maintain a secure and efficient access environment. Your responsibilities will include administering Epic Security structures such as templates, roles, security classes, and provider records, while also supporting enterprise identity operations. **Primary Responsibilities:** + Work with Optum Connect/OITPS Leaders to understand and define the Manual Access Provisioning objectives, commitments, roadmaps specific to each client as well as under managed services (shared teams) + Review and process access requests from users and departments. Validate the accuracy and completeness of request information + Ensure compliance with access control policies and procedures. Coordinate with relevant stakeholders to obtain necessary approvals + Manage access rights and privileges, including role-based access control (RBAC) and attribute-based access control (ABAC) + Review, validate, and process Epic access requests, ensuring accuracy and alignment with clinical, operational, and technical workflows + Create, modify, and retire Epic user access leveraging EMP, SER, ECL, LRP, and department-level configurations + Apply and maintain Epic user templates, roles, and security classes to ensure consistent Least Privilege access across the organization + Collaborate with Epic application teams to understand module-specific access requirements. + Conduct Epic access audits to identify unused entitlements, access drift, or misaligned permissions + Ensure compliance with internal access control policies and external regulations. Identify and address potential security risks related to access provisioning. Provide guidance and training to users and departments on access management best practices + Collaborate with IT teams, business units, and security departments to understand their access requirements + Build and maintain positive relationships with stakeholders. Provide timely and accurate information on access provisioning activities + Mentor a team of analysts, providing guidance, support. Assign tasks, monitor progress, and ensure deadlines are met. Foster a collaborative and productive work environment + Conduct in-depth data analysis to uncover insights and support decision-making. Utilize advanced analytical techniques and tools to extract meaningful information from large datasets *****ENGLISH PROFICIENCY ASSESSMENT WILL BE REQUIRED AFTER APPLICATION***** You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. **Required Qualifications:** + 5+ years of IAM experience with hands-on Epic Security provisioning and administration + Proven solid understanding of IAM principles, especially in healthcare environments + Experience with Epic modules, security classes, roles, templates, SER/EMP management, and access troubleshooting + Experience with various identity and access management tools and systems + Proven excellent organizational and time management skills + Proven excellent problem-solving and analytical skills + Proven solid communication and interpersonal skills + Proficiency in data analysis tools and techniques (e.g., SQL, Python, R, Excel) + Fully Bilingual Spanish/English proficiency + Reside in Puerto Rico **Preferred Qualifications:** + Certifications in identity and access management or security + Experience with automated provisioning tools and workflows + Proven knowledge of industry standards and regulations related to access management (e.g., GDPR, HIPAA) _At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._ _UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations._ _UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment._

IT Security Program Manager We are seeking a highly motivated and detail-oriented IT Security Program Manager to lead the organization's compliance and cybersecurity initiatives, ensuring alignment with CMMC and NIST standards. This role requires a strategic leader with hands-on capability to drive compliance programs, manage remediation efforts, and collaborate across diverse business units. The IT Security Program Manager will play a critical role in maintaining and enhancing our cybersecurity posture, ensuring that all processes, systems, and personnel meet the rigorous security program requirements. Key Responsibilities: Develop, implement, and oversee the organization's IT security compliance program. Lead and execute efforts to achieve and maintain compliance with NIST 800-53 and NIST 800-171 standards. Hands-on execution for CMMC readiness activities, including policy updates, control assessments, and remediation efforts. Collaborate and engage actively with cross-functional teams to secure buy-in and ensure program success. Own and deliver project timelines, deliverables, and reporting for compliance initiatives. Utilize GRC platforms for control tracking, risk management, and reporting. Conduct IT control assessments and ensure audit readiness. Support IT operations in a Windows environment and GCC-High configuration. Provide training and guidance to employees on security program requirements and best practices. Work with external auditors to facilitate assessments and certifications. Must Have Requirements: Minimum 7 years leading compliance programs in IT security. Proven ability to manage complex projects with exceptional organizational skills. Demonstrated experience performing tasks across the compliance program. Extensive experience collaborating with diverse business units and securing executive buy-in. Demonstrated success in achieving compliance program strategy for an organization. Extensive experience evaluating IT controls against NIST 800-53 and/or NIST 800-171 frameworks. Security Clearance: Must be able to pass a basic government suitability check (US Citizenship required). Preferred Requirements: CISSP and/or CISA certifications (or related certification) Experience with IT operations and administration in Windows environments. Experience with Microsoft GCC-High environments. Proficiency in GRC platforms for compliance management. Experience leading, tracking, and reporting on remediation efforts. Familiarity with DFARS and ITAR regulations and how they apply to CUI handling. Experience developing and overseeing CUI programs to ensure compliance with federal regulations. Knowledge of NIST Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), National Industrial Security Program Operating Manual (NISPOM), and NISP Enterprise Mission Assurance Support Service (eMASS). What's in it for You This role offers the opportunity to lead and shape the cybersecurity and compliance foundation of a federal-focused firm. You will work alongside experienced professionals, influence enterprise-wide security strategy, and play a key role in supporting the firm's mission-critical work with government clients. Castro Puerto Rico is a Professional Services Center headquartered in San Juan, Puerto Rico, delivering advisory, accounting, and audit support services to Federal Government clients. We are dedicated to assisting our clients to accomplish their strategic goals while providing our people with a diverse and inclusive environment to thrive and succeed. Castro Puerto Rico is an Equal Opportunity Employer and considers all qualified applicants without regard to color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability, and any other classification protected by law.

**At Kelly** ** ** **Science, Engineering, Technology & Telecom (SETT), we're passionate about helping you find a job that works for you. How about this one?** We're seeking for a Cyber Security Analyst to work in the north region, in PR. With us, it's all about finding the job that's just right. **This job might be an outstanding fit if you have:** + Bachelor's degree in Cybersecurity, Computer Science or Engineering. + Certifications such as CISSP, CISM, GICSP, CRISC, is a plus. + 6+ years of experience in cybersecurity, OT security, or cyber resiliency, with at least 3 years in a manufacturing or critical infrastructure setting. + Strong understanding of OT/ICS environments, pharmaceutical manufacturing systems, and automation technologies. Job summary: The Cyber Security Analyst will play a pivotal role in safeguarding company's operational technology (OT) and industrial control systems within manufacturing, focusing on risk assessment, threat monitoring, and incident response. Collaborate with cross-functional teams to implement security measures and ensure compliance with industry standards. Conduct vulnerability assessments and provide cybersecurity guidance to support secure deployment of new technologies. **What happens next** Once you apply, you'll proceed to next steps if your skills and experience look like a good fit. But don't worry-even if this position doesn't work out, you're still in our network. That means all our recruiters will have access to your profile, expanding your opportunities even more. Helping you discover what's next in your career is what we're all about, so let's get to work. Apply today! As part of our promise to talent, Kelly supports those who work with us through a variety of benefits, perks, and work-related resources. Kelly offers eligible employees voluntary benefit plans including medical, dental, vision, telemedicine, term life, whole life, accident insurance, critical illness, a legal plan, and short-term disability. As a Kelly employee, you will have access to a retirement savings plan, service bonus and holiday pay plans (earn up to eight paid holidays per benefit year), and a transit spending account. In addition, employees are entitled to earn paid sick leave under the applicable state or local plan. Click here (********************************************************************* for more information on benefits and perks that may be available to you as a member of the Kelly Talent Community. Why Kelly Technology? Looking to put your tech expertise to work on today's most intriguing, innovative, and high-visibility projects? By partnering with Kelly Technology, you'll gain direct connections to top companies around the globe. Our team creates expert talent solutions to solve the world's most critical challenges. In a world where change is the only constant, our extensive network of industry relationships and IT market expertise help you take your skills exactly where you want to go. We're here to help you gain experience, make an impact, and grow your tech career. About Kelly Work changes everything. And at Kelly, we're obsessed with where it can take you. To us, it's about more than simply accepting your next job opportunity. It's the fuel that powers every next step of your life. It's the ripple effect that changes and improves everything for your family, your community, and the world. Which is why, here at Kelly, we are dedicated to providing you with limitless opportunities to enrich your life-just ask the 300,000 people we employ each year. Kelly is committed to providing equal employment opportunities to all qualified employees and applicants regardless of race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or any other legally protected status, and we take affirmative action to recruit, employ, and advance qualified individuals with disabilities and protected veterans in the workforce. Requests for accommodation related to our application process can be directed to the Kelly Human Resource Knowledge Center. Kelly complies with the requirements of California's state and local Fair Chance laws. A conviction does not automatically bar individuals from employment. Kelly participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. Kelly Services is proud to be an Equal Employment Opportunity and Affirmative Action employer. We welcome, value, and embrace diversity at all levels and are committed to building a team that is inclusive of a variety of backgrounds, communities, perspectives, and abilities. At Kelly, we believe that the more inclusive we are, the better services we can provide. Requests for accommodation related to our application process can be directed to Kelly's Human Resource Knowledge Center. Kelly complies with the requirements of California's state and local Fair Chance laws. A conviction does not automatically bar individuals from employment.

Company: Island Finance With over 66 years of service, Island Finance LLC is the largest financial institution in Puerto Rico. It serves over 70,000 clients, with consumer loans and a variety of financial products and services. Also, it has a comprehensive distribution network with 46 branches, a call center, and an advanced Internet banking service available through ********************** Island Finance is not only a Financial Company committed to the future of Puerto Rico, but also works every day to offer the highest quality of service and is the one who has reached out to thousands of clients when they have needed it most, in addition to maintaining a positive and dynamic work environment with a team committed to offering the best. We are the Financial Company of the 21st century, with over five decades helping you realize your dreams. Because there is one thing that does not change and that is that sixty-five years later we are here... We deeply appreciate your support and reaffirm our commitment. That's why with us... ¡¡Yes, you can!! General Job Summary Accountable for defining, executing, and maturing the institution's enterprise cybersecurity program, protecting the confidentiality, integrity, and availability of information and critical services. Leads governance, risk, and compliance (GRC), cloud security (OCI/AWS), security operations (SIEM/EDR/DLP), identity and access management (IAM/PAM), incident response, and business continuity-ensuring financial‑sector regulatory compliance and safeguarding sensitive client and investor data. Essential functions: People, Strategy, Governance, and Risk (GRC) Manage the Information Security Unit, through defining the strategy, the team roles, responsibilities, development, performance objectives, and metrics for high-level execution. Define the cybersecurity strategy and roadmap based on NIST CSF / ISO 27001 / COBIT, with KPIs/OKRs, budget, and executive metrics. Establish and maintain policies, standards, and procedures (access, encryption, data classification/retention, secure SDLC, third parties, DR/BCP). Drive integrated risk management: risk register, periodic assessments, risk appetite, treatment plans, and reporting to Risk Committee/Executive leadership. Regulatory Compliance and Privacy - Financial Sector Ensure compliance with GLBA, FFIEC, PCI DSS, SOX‑ITGC, ISO 27001, OCIF/FDIC guidelines, and privacy frameworks (GDPR/CCPA, as applicable). Coordinate internal/external audits and regulatory exams; remediate findings and evidence controls, documentation, and metrics. Govern third parties and critical vendors (TPRM): due diligence, security/SLA clauses, SOC 1/2 reviews, escalations, and continuity. Security Architecture and Operations Design and implement Zero Trust architectures, segmentation, SASE/CASB, WAF, encryption in transit and at rest, KMS/HSM, and centralized telemetry. Govern the security stack (e.g., SIEM, EDR, DLP, EPP, Microsoft Defender, Fortinet, email security, MDM) and automation (SOAR) to reduce MTTR. Lead vulnerability and patch management (e.g., Qualys): continuous scanning, risk‑based prioritization (CVSS/EPSS), remediation SLAs, and validation. Coordinate penetration tests/Red Team and hardening aligned to CIS/NIST benchmarks. Cloud Security (OCI / AWS) Design and operate security in OCI and AWS: CSPM, cloud IAM, secure networks (VPC/VNet), container security, secrets/keys, logging, and alerting. Ensure VPN/SD‑WAN connectivity and edge controls, with event logging and detections centralized in the SIEM. Identity and Access (IAM/PAM) Govern SSO, MFA, RBAC/ABAC, the joiner‑mover‑leaver lifecycle, access reviews, and PAM (privileged accounts), integrating AD/Azure AD and cloud directories. Enforce segregation of duties (SoD) and least privilege across all critical systems. Incident Response, Continuity, and Resilience Maintain the IRP (Incident Response Plan) with playbooks and SOC runbooks; coordinate with Legal/Communications and regulatory notification as required. Lead digital forensics, root‑cause analysis, and lessons learned with improvement plans. Co‑lead BCP/DR with Technology and Operations: BIA, RTO/RPO, and periodic multi‑site/multi‑region exercises (on‑prem/cloud). Other important duties and responsibilities of the position Business Continuity Vendor & Cost Management Documentation & Continuous Improvement (BAU) Leadership, Team, and Vendors Requirements Bachelor's degree in engineering (Computer/Telecommunications/Electrical) or Computer Science, or equivalent experience. 7-10+ years in cybersecurity/GRC/architecture, with 3+ years leading security or SOC teams. Experience in financial services and regulated environments; direct interaction with auditors and regulators. Implementation of NIST CSF/ISO 27001, PCI DSS, and cloud‑security practices (OCI/AWS). Comprehensive and balanced knowledge base that spans technical expertise, business acumen, and leadership skills to manage the organization's strategic security posture effectively. Bilingual (Spanish and English). Customer-focused and service-oriented. Strong verbal, written, and negotiation skills to retain the existing customer base. SIEM, EDR, DLP, SOAR, IAM/PAM, data governance, encryption, WAF, CSPM, SASE/CASB, DevSecOps, and secure SDLC. Networks and perimeter controls; Zero Trust, segmentation, VPN/SD‑WAN. Incident handling and forensics; vulnerability platforms (e.g., Qualys). Fortinet NSE 4/7 or higher; Cisco CCNA/CCNP; CompTIA Network+/Security+; ITIL v4 Foundation. Cloud certifications with networking emphasis: AWS (Advanced Networking/SAA), OCI (Networking/Architecture). Certifications (preferred/strong) CISSP (strong), CISM/CRISC, ISO 27001 Lead Implementer/Lead Auditor, CCSP (cloud).PCI‑ISA/PCIP, GIAC (GCIH/GCIA/GPEN), AWS Security Specialty / OCI Architect/Professional, ITIL v4. Competency Executive communication and leadership; stakeholder management and cross‑functional influence.Critical thinking, risk‑based prioritization, results orientation; bilingual Spanish/English. Conditions Availability for on‑call duties and off‑hours incident handling; travel to branches as needed.Successful background check per internal and regulatory policies.Island Finance is an Equal Opportunity Employer Learn more about us at Island Finance and keep updated with our latest job postings at Island Finance Empleos Connect with us! Linkdnl | Facebook

Our **Information Security** organization serves as the eyes and ears of UMB's technology security and ensures controls, authentication and authorization are in place to keep UMB systems and applications safe. We monitor, discover and remediate any vulnerabilities while upholding and complying with all established corporate policies, standards and procedures. We work with UMB associates to help them be effective and be able to perform their jobs by granting the appropriate access. We collaborate with other technical teams to ensure base security metrics are being met. Best of all, we get to use cutting edge tools to make sure all systems and company devices are free from any potential threats. In today's digital world, our team plays a critical role in UMB's enterprise security plan. As a **Cloud Security Engineer** , you will serve as a cloud security subject matter expert and support UMB's Infrastructure team deliver secure solutions in the cloud. This will favor a cloud-native approach using solutions that are supportable, repeatable, and balance security versus risk. You will provide operational support for the Information Security owned solutions and for enterprise projects and design while serving as a subject matter expert on a diverse team of Information Security Engineers. This is a subset of the overall responsibilities which will include multiple initiatives as assigned by IT leadership. **This role is hybrid (Mon thru Thu on-site / Fri remote) for candidates in the Kansas City metropolitan area and open to qualified remote candidates outside of the Kansas City area but only within the US.** **_How you'll spend your time:_** + Define and execute public cloud-centric security controls and help design secure patterns for computing, storage, networking, operational, and security domains. This includes advising application, product, and cloud infrastructure teams on incorporating cloud infrastructure capabilities with an information security mindset, actively collaborating with cloud stakeholders to deliver best-fit secure solutions for UMB, and identifying emerging cloud infrastructure services and needs to meet business requirements. + Serve as a pragmatic, results-driven thought leader and consensus builder with a technology-savvy mindset capable of articulating complex IT concepts to all audiences, from technical contributors inside and outside the company. + Deploy, consult, and manage security controls leveraging solutions included but not limited to AWS multi-accounts structure, Organizational Units, Service Control Policies (SCP), IAM policies, Virtual Private Cloud (VPC), AWS Control Tower Guardrails and best practices. + Partner with application teams to support them in their design and implementation of infrastructure-as-code stacks that meet the needs of the applications leveraging technologies, included but not limited to Terraform, CloudFormation, CDK constructs, and Ansible. + Advise on all aspects of secure cloud infrastructure offerings and solution design. + Provide hands-on technical coaching to accelerate cloud security learnings across the organization. + Provide accurate and current information on AWS services and serve as a consultant to the IT Information Security organization to solve business use cases. **_We're excited to talk with you if you have:_** + Bachelor's Degree in Management Information Systems, Computer Science or related field OR equivalent work experience. + At least 4 years of experience designing and implementing secure solutions and securing public cloud workloads. + At least 2 years of experience with Metrics, Events, Logging, and Tracing solutions like Cloudtrail, CloudWatch, or Splunk. + Strong infrastructure-as-code (IaC) expertise and deployment experience with technologies such as Terraform or AWS CloudFormation. + In-depth experience with automation methodologies, processes improvement, and development of CI/CD pipelines. + Demonstrated knowledge/experience with at least 2 scripting languages like Python, PowerShell, AWS/Azure CLI, Ansible, Bash, and JSON. + Hands-on experience deploying and operating AWS computer instances (EC2), AWS Storage Services (EBS/S3/Glacier), AWS multi-accounts environment, IAM Policies, AWS Tower, AWS Config, and Service Control policies (SCP). + Demonstrated knowledge with configuration management and pipeline automation with AWS DevOps, Jenkins, Git or similar offering. + Knowledge with container technologies, such as Docker, Kubernetes, AWS EKS and ECS. + Collaborated with service providers and partners. + Working knowledge and expertise with common enterprise-grade security solutions. **_Bonus Points if you have:_** + Experience with Amazon GuardDuty, AWS Shield, and Amazon Inspector services. + Any of the following certifications: + AWS Solutions Architect Associate + AWS Certified Security - Specialty + CompTIA Cloud+ Certified Cloud Security Professional (CSSP) + Certificate of Cloud Security Knowledge (CCSK) + GIAC Cloud Security Automation (GCSA) + Previous experience working within the banking or financial industry. **Applicants must have legal authority to work in the United States. Work Visa sponsorship is not available for this position.** Deadline to apply: March 22, 2026 **Compensation Range:** $83,200.00 - $178,800.00 _The posted compensation range on this listing represents UMB's standard for this role, but the actual compensation may vary by geographic location, experience level, and other job-related factors. In addition, this range does not encompass the full earning potential for this role. Please see the description of benefits included with this job posting for additional information._ UMB offers competitive and varied benefits to eligible associates, such as Paid Time Off; a 401(k) matching program; annual incentive pay; paid holidays; a comprehensive company sponsored benefit plan including medical, dental, vision, and other insurance coverage; health savings, flexible spending, and dependent care accounts; adoption assistance; an employee assistance program; fitness reimbursement; tuition reimbursement; an associate wellbeing program; an associate emergency fund; and various associate banking benefits. Benefit offerings and eligibility requirements vary. **Are you ready to be part of something more?** You're more than a means to an end-a way to help us meet the bottom line. UMB isn't comprised of workers, but of people who care about their work, one another, and their community. Expect more than the status quo. At UMB, you can expect more heart. You'll be valued for exactly who you are and encouraged to support causes you care about. Expect more trust. We want you to do the right thing, no matter what. And, expect more opportunities. UMBers are known for having multiple careers here and having their voices heard. _UMB and its affiliates are committed to inclusion and diversity and provide employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including gender, pregnancy, sexual orientation, and gender identity), national origin, age, disability, military service, veteran status, genetic information, or any other status protected by applicable federal, state, or local law. If you need accommodation for any part of the employment process because of a disability, please send an e-mail to_ _*************************_ _to let us know the nature of your request._ _If you are a California resident, please visit our_ Privacy Notice for California Job Candidates (*********************************************************************************************************************************** _to understand how we collect and use your personal information when you apply for employment with UMB._ **_Who we are_** We are more than a company. We are advisors, consultants, problem solvers, friends, community members, experts, and we are here to help you make the best of every moment with a financial foundation that can help you succeed. Learn more about UMB's vision (****************************************************************************************************** Check out the road to a career at UMB

We may have a potential need for a Cyber Security Analyst. Education: Bachelor's degree in Cybersecurity, Computer Science, Engineering Certifications such as CISSP, CISM, GICSP, CRISC, is a plus Experience: 6+ years of experience in cybersecurity, OT security, or cyber resiliency, with at least 3 years in a manufacturing or critical infrastructure setting. Strong understanding of OT/ICS environments, pharmaceutical manufacturing systems, and automation technologies *Weil Group is proud to be an Equal Employment Opportunity Employer.*

LS Technologies, a Tetra Tech Company is seeking a highly skilled Cloud Security Architect. This role will provide advanced technical leadership in the design, implementation, and oversight of secure cloud-based systems and architectures supporting FAA mission-critical applications. The candidate will apply deep expertise in cloud security engineering, system integration, and cybersecurity frameworks to ensure compliance with federal regulations and alignment with FAA enterprise architecture standards. The Systems Engineer will work closely with cross-functional teams to ensure the stability, scalability, and security of systems deployed on AWS, while adhering to FAA regulations and best practices. Responsibilities: * Apply senior-level engineering knowledge to analyze and solve engineering, scientific, or management problems. * Serve as the lead Cloud Security Architect, designing and implementing secure architectures for multi-cloud and hybrid environments supporting FAA systems. * Define and document cloud security reference architectures, patterns, and standards consistent with NIST, FedRAMP, DHS CDM, and FAA-specific security requirements. * Develop, track, and manage Plans of Action and Milestones (POA&Ms) to ensure timely remediation of security findings. * Perform and support of IRAT (Information Risk Assessment Tool) testing, validation, and reporting for FAA systems. * Prepare, review, and maintain security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and continuous monitoring deliverables. * Conduct system engineering analyses to identify risks, vulnerabilities, and mitigation strategies for cloud-based solutions. * Support the development of security controls, continuous monitoring strategies, and compliance documentation for FAA cloud systems. * Collaborate with cross-functional engineering, cybersecurity, and operations teams to ensure seamless integration of security into all phases of the system lifecycle. * Lead technical reviews, risk assessments, and trade-off analyses to inform FAA cloud adoption and modernization initiatives. * Provide subject matter expertise on Identity and Access Management (IAM), Zero Trust Architecture, data encryption, container security, and secure DevSecOps practices. * Mentor and guide junior engineers, ensuring knowledge transfer and capability development within FAA technical teams. * Interface with FAA leadership and external stakeholders to present cloud security strategies, risks, and mitigation plans. Required Qualifications: * 10+ years of progressive systems engineering experience, including at least 5 years focused on cloud security architecture and engineering. * Strong knowledge of NIST risk management framework, FedRAMP, FISMA, Zero Trust, and federal cybersecurity standards. * Demonstrated experience with AWS, Azure, or GCP cloud environments, including security design and compliance. * Hands-on experience with POA&M management, IRAT Testing, and development of security documentation. * Expertise with IAM, PKI, data protection, logging/monitoring, and cloud-native security services. * Hands-on experience with DevSecOps, CI/CD pipelines, and container/orchestration security (Docker, Kubernetes, OpenShift). * Familiarity with vulnerability management tools (e.g., Tenable, Qualys), SIEM solutions (e.g., Splunk, ELK), and endpoint/cloud security platforms. * Strong analytical, communication, and documentation skills, with proven ability to interact with senior government stakeholders. Education: Bachelor's degree in Computer Science, Information Systems, Engineering, or related field (Master's degree preferred). Technical Skills: * AWS Cloud Services - Expertise in AWS infrastructure, security, and automation services. * Scripting & Automation - Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation tasks. * Operating Systems - Experience with Linux and Windows operating systems. * Virtualization & Containerization - Knowledge of container platforms like Docker and Kubernetes. * Networking - Understanding of cloud networking concepts such as VPC, subnets, load balancing, and VPN configurations. * CI/CD & DevOps - Familiarity with CI/CD pipelines and DevOps tools such as Jenkins, Git, or AWS CodePipeline. * Zero Trust and Cybersecurity - Knowledge of Zscaler platform Preferred: * Cybersecurity Leadership / General: * CISSP (Certified Information Systems Security Professional) * CISM (Certified Information Security Manager) * CISA (Certified Information Systems Auditor) * Cloud-Specific Security: * CCSP (Certified Cloud Security Professional) * AWS Certified Security - Specialty * Microsoft Certified: Azure Security Engineer Associate * Google Professional Cloud Security Engineer Work Requirements: Work location: USA Position is: Completely remote Work Hours: 9-5 Travel: 10% Physical requirements: * Extended Computer Use: Regular and prolonged periods of working at a computer terminal. * Mobility: Ability to move around the office environment to access computer hardware, networking equipment, and server rooms. * Dexterity: Manual dexterity and visual acuity to operate computer equipment, troubleshoot issues, and perform tasks requiring precision. * Sitting/Standing: Both prolonged sitting and occasional standing may be required for troubleshooting and attending to system issues. * Background check: Must have ability to obtain and maintain a Public Trust. About LS Technologies At LS Technologies, a Tetra Tech Company, we're enhancing our nation's critical infrastructure by providing engineering, technical, and professional services to Federal Government agencies. The quality of our work, deep technical expertise, and genuine passion for public service sets us apart. As a growing organization we are expanding our benefits and communication with our employees, offering add-ons that speak to our growing employees' needs. Join us in delivering high-quality solutions and shaping the future of safety and innovation for our government partners. In 2024 we joined Tetra Tech, enabling us to combine our expertise with the reach and resources of a prestigious global organization. EEO Commitment LS Technologies, a Tetra Tech Company, is proud to be an Equal Opportunity Employer. All qualified candidates will be considered without regard to race, color, religion, national origin, age, disability, sex, marital or familial status, status as a protected veteran, or any other characteristic protected by law. Tetra Tech is a VEVRAA federal contractor, and we request priority referral of veterans. We invite applications from all interested parties. Requesting an Accommodation LS Technologies is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by LS Technologies and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired. If you would like to be considered for employment opportunities with LS Technologies and have accommodation needs for a disability or religious observance, please send us an email **************** or speak with your recruiter. Compensation (Pay Bands) Salary at LST is determined by a wide array of factors, such as (but not limited to) education, certifications, knowledge, skills, competencies, and experience, location, and clearance level, as well as contract-specific affordability and organizational requirements and applicable employment laws. Please note that the salary information is a general guideline only. The projected compensation range for this position is provided within the posting and is based on full-time, 40 hour/week status. Part-time staff receive compensation at an hourly rate. The estimated minimum and maximum displayed represents the broadest range for this position (inclusive of high geographic and high clearance requirements) and is just one component of LSTs total compensation package for employees. In compliance with local laws, LS Technologies presents this reasonable compensation range as a guideline for roles in California, Colorado, New York, or Washington D.C." Benefits offered to all employees who work 30+ hours per week: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Annual Leave, and Holidays. Life at Tetra Tech: * The perks of working at Tetra Tech include: * Comprehensive and market-competitive benefits. * Merit-based financial rewards. * Flexibility and company-wide commitment to work/life balance. * Collaborative team atmosphere that values the contributions of all employees. * Learning and development opportunities for ongoing professional growth. About Tetra Tech: Tetra Tech is the leader in water, environment, and sustainable infrastructure, providing high-end consulting and engineering services for projects worldwide. With 30,000 employees working together, Tetra Tech provides clear solutions to complex problems by Leading with Science to address the entire water cycle, protect and restore the environment, design sustainable and resilient infrastructure, and support the clean energy transition. Explore our open positions at ********************************** Follow us on social media to learn more about our people, culture, and opportunities: LinkedIn: TetraTechCareers; X (Twitter): @TetraTechJobs Additional Information * Organization: 230 LST

Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures. **Responsibilities** Responsible for advanced planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures. Provides technical advice and direction to support the design and development of secure architectures. May participate in an incident management team, bringing advanced-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander of serious incidents. Develops new methods, and playbooks, as well as sophisticated scripts, applications, and tools, and trains others in their use. May participate in an incident management team, responding to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as incident commander of serious incidents. Participates in developing new methods, playbooks throughout Oracle. Evaluates existing and proposed technical architectures for security risk, provides technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling. Brings advanced-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, and where computer programming/scripting knowledge is required. Work with Senior management to develop and implement a multi-year security roadmap Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** Oracle uses Artificial Intelligence in our recruiting process. Read more about it in our Recruiting Privacy Policy (**************************************************************** . **Range and benefit information provided in this posting are specific to the stated locations only** CA: Hiring Range in CAD from: $90,300 to $140,300 per annum. US: Hiring Range in USD from: $106,300 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 Vacancy Type - New Position This role will be working on a regular basis with colleagues around the world. To support this collaboration, knowledge of English is required for this role. Proficiency in French is required for candidates residing in Quebec, otherwise it is considered an asset. **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

**About Us** **As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. We call it Digital Agility.** **To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com.** **Job Description Summary** The Senior Security Consultant - Penetration Testing is a critical role within Stratascale's Adversarial Operations team who will assist in leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. This position is remote with a Home Office setup as determined by Stratascale management. **Role Description** + Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements. + Consult and document attack surface, threats, and vulnerability improvements based on team's overall assessment of client's environment. + Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls. + Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations. + Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts. + Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling. + Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients their stakeholders. + Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems. + Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation. + Develop and deliver governance models, security frameworks, compliance reporting, and security assessments. + Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery. + Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement. + Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met. + Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions. + Participate in customer and internal meetings, providing technical guidance and facilitating discussions. + Stay educated on new product technologies, industry trends, and emerging capabilities within the practice. + Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants. **Behaviors and Competencies** + Communication: Can effectively communicate complex ideas and information to diverse audiences, facilitate effective communication between others, and mentor others in effective communication. + Relationship Building: Can take ownership of complex team initiatives, collaborate with diverse groups, and drive results through effective relationship management. + Self-Motivation: Can take ownership of complex personal or professional initiatives, collaborate with others when necessary, and drive results through self-motivation. + Negotiation: Can take ownership of complex negotiations, collaborate with others, and drive consensus. + Impact and Influence: Can rally a team or group towards a common goal, creating a positive and persuasive influence. + Business Development: Can take ownership of significant business initiatives, collaborate with various stakeholders, and drive business results. + Emotional Intelligence: Can use emotional information to guide thinking and behavior, manage and/or adjust emotions to adapt to environments or achieve one's goal(s), and help others do the same. + Detail-Oriented: Can oversee multiple projects, maintaining a high level of detail orientation, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks. + Follow-Up: Can take ownership of tasks, collaborate with others in managing follow-ups, and drive results through effective task completion. + Presenting: Can effectively use visual aids, storytelling, and persuasive techniques to enhance presentations and engage audiences. + Delegation: Can delegate responsibilities across a team, balancing workload, and ensuring all members understand their roles. + Analytical Thinking: Can use advanced analytical techniques to solve complex problems, draw insights, and communicate the solutions effectively. + Critical Thinking: Can integrate and synthesize information from various sources to inform strategic decision-making and problem-solving. + Technical Troubleshooting: Can take ownership of complex technical problems, collaborate with others to manage solutions, and drive results in problem resolution. **Skill Level Requirements** + Expertise in planning, executing, and leading penetration tests across networks, web and mobile applications, APIs, wireless, and cloud environments, including scoping, rules of engagement, and debriefs. - Intermediate + Proficiency with offensive security methodologies and frameworks such as PTES, OWASP (WSTG/MASVS/ASVS), MITRE ATT&CK, and threat modeling to drive risk-based testing. - Intermediate + Deep hands-on experience with common offensive tooling and techniques, including reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, and data exfiltration, along with strong operational security practices. - Intermediate + Ability to assess and attack cloud services (AWS, Azure, GCP) including IAM misconfigurations, storage, serverless, container/orchestration, and cloud networking, and communicate cloud-specific remediation guidance. - Intermediate + Strong web application testing skills including auth flows, access control, injection, deserialization, SSRF, XXE, business logic abuse, and modern app architectures (SPAs, microservices, GraphQL, WebSockets). - Intermediate + Working knowledge of Active Directory and Azure AD attack paths (Kerberoasting, constrained/unconstrained delegation, ACL abuses, LAPS/MAPS, certificate services), and the ability to simulate realistic enterprise attack chains. - Intermediate + Proficiency with social engineering and phishing engagements, including payload development, infrastructure setup, pretexting, and measurement aligned to customer policies and legal constraints. - Intermediate + Competence in scripting and automation to accelerate testing and proof-of-concept development using Python, PowerShell, Bash, and basic Go or JavaScript as needed. - Intermediate + Ability to develop clear exploit proofs-of-concept, reproduce vulnerabilities reliably, and validate fixes; familiarity with exploit development fundamentals is a plus. - Intermediate + Strong reporting and communication skills, including writing executive summaries and technical reports with reproducible steps, risk ratings, and actionable remediation, and presenting findings to both technical and non-technical stakeholders. - Intermediate + Experience collaborating in red/purple team exercises, working with blue teams, and translating findings into detection and hardening recommendations (e.g., SIEM detections, EDR tuning, hardening baselines). - Intermediate + Familiarity with vulnerability management workflows, responsible disclosure practices, and integration of pen test results into remediation programs and retesting cycles. - Intermediate + Proficiency with productivity and documentation tools such as Word, Excel, PowerPoint, and Outlook to efficiently produce statements of work, test plans, and final reports. - Intermediate **Other Requirements** + Completed Bachelor's Degree in a related field or relevant work experience required + 5-7 years of hands-on penetration testing/red team experience delivering engagements for mid-to-large enterprises, including leading complex assessments. + Ability to travel to SHI, Partner, Customer events, and on-site testing engagements as needed. + Advanced industry certifications preferred (e.g., OSCP, OSEP, OSWE, GXPN, GPEN, CRTO, CRTP, PNPT; CISSP or CSSLP a plus). + Demonstrated understanding of legal/ethical considerations, testing authorization, and safe handling of client data The estimated annual pay range for this position is $165,000 - $205,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Optum Insight is improving the flow of health data and information to create a more connected system. We remove friction and drive alignment between care providers and payers, and ultimately consumers. Our deep expertise in the industry and innovative technology empower us to help organizations reduce costs while improving risk management, quality and revenue growth. Ready to help us deliver results that improve lives? Join us to start Caring. Connecting. Growing together. As an Epic Security Engineer within the Identity Access Operations team, you will play a critical role in managing user access across both Epic applications and enterprise systems. You will oversee automated and manual provisioning processes, ensure compliance with organizational and regulatory requirements, and collaborate with technical, clinical, and operational stakeholders to maintain a secure and efficient access environment. Your responsibilities will include administering Epic Security structures such as templates, roles, security classes, and provider records, while also supporting enterprise identity operations. Primary Responsibilities: * Work with Optum Connect/OITPS Leaders to understand and define the Manual Access Provisioning objectives, commitments, roadmaps specific to each client as well as under managed services (shared teams) * Review and process access requests from users and departments. Validate the accuracy and completeness of request information * Ensure compliance with access control policies and procedures. Coordinate with relevant stakeholders to obtain necessary approvals * Manage access rights and privileges, including role-based access control (RBAC) and attribute-based access control (ABAC) * Review, validate, and process Epic access requests, ensuring accuracy and alignment with clinical, operational, and technical workflows * Create, modify, and retire Epic user access leveraging EMP, SER, ECL, LRP, and department-level configurations * Apply and maintain Epic user templates, roles, and security classes to ensure consistent Least Privilege access across the organization * Collaborate with Epic application teams to understand module-specific access requirements. * Conduct Epic access audits to identify unused entitlements, access drift, or misaligned permissions * Ensure compliance with internal access control policies and external regulations. Identify and address potential security risks related to access provisioning. Provide guidance and training to users and departments on access management best practices * Collaborate with IT teams, business units, and security departments to understand their access requirements * Build and maintain positive relationships with stakeholders. Provide timely and accurate information on access provisioning activities * Mentor a team of analysts, providing guidance, support. Assign tasks, monitor progress, and ensure deadlines are met. Foster a collaborative and productive work environment * Conduct in-depth data analysis to uncover insights and support decision-making. Utilize advanced analytical techniques and tools to extract meaningful information from large datasets * ENGLISH PROFICIENCY ASSESSMENT WILL BE REQUIRED AFTER APPLICATION* You'll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in. Required Qualifications: * 5+ years of IAM experience with hands-on Epic Security provisioning and administration * Proven solid understanding of IAM principles, especially in healthcare environments * Experience with Epic modules, security classes, roles, templates, SER/EMP management, and access troubleshooting * Experience with various identity and access management tools and systems * Proven excellent organizational and time management skills * Proven excellent problem-solving and analytical skills * Proven solid communication and interpersonal skills * Proficiency in data analysis tools and techniques (e.g., SQL, Python, R, Excel) * Fully Bilingual Spanish/English proficiency * Reside in Puerto Rico Preferred Qualifications: * Certifications in identity and access management or security * Experience with automated provisioning tools and workflows * Proven knowledge of industry standards and regulations related to access management (e.g., GDPR, HIPAA) At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. UnitedHealth Group is a drug - free workplace. Candidates are required to pass a drug test before beginning employment.

1. Nashville, TN 2. Austin, TX 3. Ireland 4. United Kingdom Security Architecture is comprised of security experts who are focused and specialized in securing all aspects of OCI Cloud. As security experts, we are sought out by our partner engineering organizations to provide guidance on designing their products, services and features. We set OCI wide security standards and hold a high security requirement bar for all services to ensure the highest level of security to our customers. We are currently looking for a highly motivated security engineer with expertise in Cloud security to join our team. This candidate would be involved in architecture, design, prototyping and development of the security aspects of Oracle Cloud's products and services. You should be a security-minded leader who can work with architects and/or a development team as they design new capabilities to ensure that security requirements are set and the design implements the necessary controls to increase security posture for the service. As a member of the Security Architecture team, you will be required to have a firm grasp on security technologies, trends in cloud security practices, and ability to communicate complex technical security requirements clearly to the development teams, risk assessment, risk mitigation and security tools/automation. **Responsibilities** Key responsibilities: + Conduct threat modeling, security architecture reviews, risk assessment and provide guidance on mitigating the identified issues. + Create and maintain technical security standards and patterns and set the benchmark for AI security requirement bar at OCI. + Stay up-to-date on the latest advancements in AI technologies and apply them to improve OCI's security posture. + Provide expert security guidance to service teams to ensure their products, services and feature are secure by default. + Lead OCI-wide cloud security initiatives to enhance overall cloud security posture. + Provide mentorship to junior engineers on the team. Qualifications: + A minimum of 8+ years of experience with at least 5+ years in Cloud Security required and 2+ years in AI and ML is good to have. + Or a BS or MS in Computer Science/Engineering with a focus on AI/Security, or a related field with a minimum of 8 years of experience in the field is required. + Experience in architecture, design, deployment, and handling of standard security practices and policies is required. Preferred qualifications includes, + A strong background in AI, machine learning, and deep learning. + Experience in applying AI technology to security domain. + Experience as a security leader for a cloud product or set of cloud services, with expertise in IaaS, PaaS. + Experience with architecture security reviews for products or services operating in a cloud environment, especially those which are reliant on homegrown or third-party LLMs and APIs is a plus. + Expertise in concepts of Multi-tenancy, Cloud Security and Virtualization, Access Management, OAuth, Cloud SSO, Identity Provisioning, Identity Governance etc. + Expertise in Encryption, Key management, Cybersecurity fundamentals (e.g., access controls, common software vulnerabilities, and security best practices), Deployment Methodologies, and Security Standards Compliance Certification (STIG, FedRAMP, PCI-DSS), etc. + Very good understanding of concepts related to Docker, Container, Serverless Computing, and Kubernetes. + Ability to design large scalable systems for cloud customers with focus on security. + Network security, VPN/Firewalls and software-defined networking experience is a plus. + Experience operating within and supporting a security assurance and assessment program + Excellent written and verbal communication skills, strong analytical and problem-solving skills. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $106,300 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.