Security architect jobs in Idaho

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **To foster collaboration and team synergy, this position follows a hybrid model. Employees within a 50-mile radius of our Pittsburgh, Buffalo, or Camp Hill locations will be required to work from the office on Tuesdays, Wednesdays, and Thursdays.** Execute a process to develop a security architecture that processes information of various levels of sensitivity. The security architecture must be compliant with existing enterprise technical security control requirements models. Produce gap analysis documentation to identify any gaps between specific technical security requirements and the architecture of the system and provide detailed technical recommendations on appropriate mitigation measures. Advise and consult clients responsible for the architecture, design, implementation, and deployment of technical security controls on appropriate application of existing security services to solve their problems or enable new business opportunities. Research and evaluate new security technologies to be used as point solutions to gaps where the project is unable to take advantage of or needing greater functionality than reusable enterprise security services. The security architecture work will include network security, network defense, operating system security identity, authentication and authorization, data protection, application security, activity audit and monitoring, mobile computing security, and partner/vendor access to corporate systems/data. **ESSENTIAL RESPONSIBILITIES** + Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members. + Determine security requirements by evaluating business strategies and requirements; conducting system security and vulnerability analyses and risk assessments; identifying integration issues; preparing cost estimates. + Plan security systems by evaluating network and security technologies. + Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures. + Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments. + May begin to provide leadership and mentoring in the areas of expertise and architecture to peers, developers, management and business users including technical expertise, coaching, and ad-hoc training. + Support assurance compliance to required standards, procedures, guidelines and processes. + Other duties as assigned or requested. **REQUIRED EDUCATION** + Bachelor's degree in Information Systems, Computer Science, Information Security, or Engineering, or relevant experience and/or education as determined by the company in lieu of bachelor's degree **PREFERRED EDUCATION** + Master's degree in Computer Science, Information Security or related field **EXPERIENCE** **_Minimum:_** + 5 - 7 years' experience architecting solutions + 5 - 7 years' experience in Information Security + Experience communicating with business partners **_Preferred:_** + 7 - 10 years' experience architecting solutions **SKILLS** + Business communication skills, both written and verbal and able to solve unconventional problems + Understanding of the TCP/IP protocol stack, application protocols such as SNMP, SMTP, DNS, and DHCP; IPSec and SSL VPNs; SSL/TLS protocol knowledge + Understanding of the information technology and information security industries, their current developments, trends, issues, and fundamental concepts + In-depth expertise in analyzing a wide spectrum of technical systems and services robustness and needs, and making practical recommendations to address them + Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasures + Experience with common information security management frameworks, such as HITRUST, ISO 27001, CobiT, ITIL + Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.) + Participate in evaluations and recommend solutions to support enterprises security controls including: networking, firewalls, IDS/IPS, data loss prevention, application security, infrastructure security, and data security **REQUIRED LICENSURE** None **PREFERRED LICENSURE** Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), etc. **TRAVEL REQUIREMENT:** 0%- 25% **LANGUAGE REQUIREMENT (** **_other than English_** **)?** None **PHYSICAL, MENTAL DEMANDS AND WORKING CONDITIONS** ( _The physical, mental demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential function of their job. Reasonable accommodations will be made when necessary to enable individuals with disabilities to perform the essential duties of the position, to the extent that they do not cause undue hardship._ **_Position Type:_** Office-Based **_Office-Based Positions_** An employee in this position works in an office environment. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. Teaches/Trains others regularly Occasionally Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Never Physical Work Site Required Yes **_Most On-The-Road Positions_** An employee in this position may work in a home or company office environment but is also frequently driving to and from various locations to perform the work off-site. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. **_Non-Office-Based Positions_** An employee in this position is frequently required to move throughout the workplace, sit, stand and walk, use hands and fingers to hold objects, tools or controls, possess fine motor skills (e.g., to write and operate a computer or to steer transportation equipment), possess gross motor skills (e.g., to carry items), reach with hands and arms, climb stairs and ladders, balance, stoop, kneel crouch and crawl, communicate effectively, and talk and hear. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus. The employee must be able to work in a busy environment where decisions often must be made quickly, must attend work on a regular and reliable basis, must adhere to all workplace policies, and may be called upon to work outside regular business hours. This work occurs in a [example: warehouse, hospital or provider's office or mailroom]. Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **ADDITIONAL INFORMATION** **Changes Approved By:** Kathleen Thompson **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement:_** _This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies_ As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements. **Pay Range Minimum:** $78,900.00 **Pay Range Maximum:** $147,500.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272809

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

**About Us** **Since 1989, SHI International Corp. has helped organizations change the world through technology. We've grown every year since, and today we're proud to be a $16 billion global provider of IT solutions and services.** **Over 17,000 organizations worldwide rely on SHI's concierge approach to help them solve what's next. But the heartbeat of SHI is our employees - all 7,000 of them. If you join our team, you'll enjoy:** + **Our commitment to diversity, as the largest minority- and woman-owned enterprise in the U.S.** + **Continuous professional growth and leadership opportunities.** + **Health, wellness, and financial benefits to offer peace of mind to you and your family.** + **World-class facilities and the technology you need to thrive - in our offices or yours.** **Job Summary** The Chief Information Security Officer will develop and implement a comprehensive information security strategy that aligns with the organization's goals, ensuring the protection of information assets through effective policy enforcement and risk management. This role involves managing incident response, ensuring regulatory compliance, and overseeing security audits and technology investments to enhance the organization's security posture. The CISO will collaborate with various departments, conduct security awareness training, and provide regular updates to senior management and the board on security status, risks, and initiatives. **Role Description** + Develop and implement an information security strategy that aligns with the organization's goals and objectives to ensure comprehensive protection of information assets. + Oversee the development and enforcement of security policies to ensure that all security policies, procedures, and protocols are up-to-date and effectively implemented across the organization. + Lead risk management efforts by identifying, assessing, and mitigating information security risks to protect the organization from potential threats and vulnerabilities. + Manage incident response and recovery by developing and overseeing the execution of incident response plans to address security breaches and ensure timely recovery. + Ensure compliance with regulatory requirements by monitoring and enforcing compliance with relevant laws, regulations, and industry standards related to information security. + Collaborate with other departments such as IT, legal, HR, and others to integrate security measures into all aspects of the organization's operations. + Conduct security awareness training to educate employees on security best practices and promote a culture of security awareness throughout the organization. + Oversee security audits and assessments by regularly conducting internal and external audits to evaluate the effectiveness of security measures and identify areas for improvement. + Manage security technology investments by evaluating, selecting, and implementing security technologies and tools to enhance the organization's security posture. + Report to senior management and the board of directors by providing regular updates on the organization's security status, risks, and initiatives to ensure informed decision-making at the highest levels. **Behaviors and Competencies** + Technical Expertise: Can create new applications for technical knowledge and skills and can lead the development of technical standards and procedures. + Strategic Thinking: Can analyze complex situations, drive organizational transformation, and adapt strategies to changing market conditions. + Risk-Taking: Can inspire and encourage others to take calculated risks, fostering a culture of innovation and adaptability. + Decision-Making: Can lead organizational decision-making, mentor others in developing decision-making skills, and create frameworks that enhance the decision-making capabilities of the team. + Leadership: Can lead strategic team initiatives, inspire others to take leadership roles, and foster a culture of shared responsibility and continuous improvement. + Analytical Thinking: Can lead and innovate in the application of analytical thinking, solve complex problems, influence others, and contribute to best practices. + Communication: Can lead and model exceptional communication at all levels of the organization, develop and implement communication strategies, and coach others to improve their communication skills. + Adaptability: Can drive strategic transformations, inspire others to embrace change, and foster a culture of continuous adaptation. + Collaboration: Can lead complex team projects, inspire others to collaborate effectively, and foster a culture of mutual respect and shared purpose. + Ethics: Can lead strategic initiatives, inspire others to uphold ethical standards, and foster a culture of integrity and ethical conduct. **Skill Level Requirements** + Deep understanding of the security industry, best practices, emerging technologies, and leading solutions - Expert + Experience supporting various compliance and regulatory frameworks - Expert + Change Management, ability to manage, drive, and adapt to organizational change while maintaining team morale and productivity. - Expert + Continuous Improvement, identifying areas for improvement, implementing changes, and measuring results to enhance processes and performance. - Expert + Financial Awareness and understanding of financial concepts, budgeting, with the ability to make informed decisions based on financial data. - Expert + Forward Thinking, anticipating future trends and needs, and making decisions that position oneself or one's organization for success. - Expert + Innovation to generate, develop, and implement new and original ideas, challenging the status quo to improve processes and solutions. - Expert + Resilient, has the ability to recover quickly from difficulties and adapt in the face of challenging circumstances. - Expert + Influence, ability to persuade, lead, and influence others to achieve desired outcomes. - Expert + Willing to Learn, open to new ideas, and has a desire to continuously learn to stay current with the latest trends, threats, and technology. - Expert + Documentation involves creating, maintaining, and managing detailed and accurate records and documentation to support organizational processes and decisions. - Expert **Other Requirements** + Completed Bachelor's degree in computer science, information technology, cybersecurity, or a related field. Master's degree preferred. + 10+ years' experience in an enterprise information security role + 10+ years' experience in a leadership role + Advanced Certifications: CISSP, CRISC, GCEIT, CISM, GIAC The estimated annual pay range for this position is $275,000 - $350,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status

Key Role: Supports day-to-day technical aspects of product operational data to identify diagnostic issues in enough detail to determine if the root cause is hardware or software related. Applies specific functional, working, and general industry knowledge. Develops or contributes to solutions to a variety of problems of moderate scope and complexity. Works independently with some guidance. May review or guide the activities of more junior employees. Basic Qualifications: 5+ years of experience with cybersecurity projects and integrated systems 5+ years of experience with STIGs, NESSUS, and Vulnerability or application scanners for IA use 5+ years of experience with NIST 800-53 and RMF practices, including computer networking and operating systems administration Knowledge of NISPOM, JSIG, ICD, or eMASS Ability to generate RMF security documentation to support Interim Authorities to Test (IATTs), Authorizations to Operate (ATOs), Interconnection Security Agreements (ISAs), and Authorities to Connect (ATCs) Top Secret clearance Associate's degree Additional Qualifications: Experience with managing the authorization status of DoD RMF from step 1 through step 6 Knowledge of continuous monitoring, cyber security risk management, disaster recovery, FISMA compliance, information security architecture, information security auditing, security control assessment, threat modeling, threat management, vulnerability analysis, and vulnerability assessments DoD 8570 Security+ Certification Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $77,500.00 to $176,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

**Job Requisition ID #** 25WD93305 At Autodesk, our Cyber Defense - IAM team is dedicated to securing and enhancing the organization's digital ecosystem We lead impactful initiatives, such as strengthening enterprise identity standards, implementing advanced tools to address risks proactively, and delivering scalable, secure solutions With a focus on innovation, collaboration, and inclusivity, we create a supportive environment where diverse perspectives contribute to meaningful outcomes Join us to be part of a high-performing team shaping the future of digital security and ensuring trusted experiences for Autodesk employees and customers worldwide **Responsibilities** + Act as a Subject Matter Expert (SME) for AWS Security and Identity & Access Management (IAM) platforms, supporting both enterprise and customer systems + Manage and support SailPoint Identity Security Cloud, Entra ID (Azure AD), AWS, and CyberArk platforms + Implement and uphold identity governance best practices for enterprise identities and service accounts + Oversee Privileged Account Management (PAM) and Access Management for critical systems + Maintain and enhance Multi-Factor Authentication (MFA) solutions, with a focus on evolving towards password less authentication + Lead initiatives related to Role-Based Access Control (RBAC) and service account governance + Mentor junior engineers, providing technical guidance and support for daily operations + Manage and oversee deliverables and day-to-day tasks for the junior engineering team + Participate in the on-call rotation to respond to incidents as needed **Minimum Qualifications** + Bachelor's degree in computer science or a related field + 8+ years of experience in Security Engineering, with a focus on Identity and Access Management (IAM) + 3+ years of experience leading a team, including managing and mentoring security engineers + Expertise in AWS Security, SailPoint Identity Security Cloud, Entra ID (Azure AD), Privileged Access Management (PAM), and Access Management solutions + Hands-on experience with service account management, RBAC, SSO, and MFA solutions + Strong problem-solving skills and the ability to work effectively in a fast-paced environment **The Ideal Candidate** + Advanced expert role, requiring deep subject-matter knowledge and sound business acumen to advise leaders + For jobs at this level, knowledge of the business starts to become as important as subject-matter knowledge + Incumbents translate specialized subject-matter requirements into business needs/requirements + Require depth of specialized expertise to interpret internal/external business issues and recommend best practices to address them + Solve complex problems that require in-depth evaluation of variable factors by taking a broad perspective to identify the best approach and innovative solutions + Work independently, with close guidance in only the most complex or unusual situations + Adapt communication style to persuade various stakeholders across the business and frequently interact with senior leaders to provide advice and SME + May lead functional teams or programs within own function (or closely related functions) **Learn More** **About Autodesk** Welcome to Autodesk! Amazing things are created every day with our software - from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made. We take great pride in our culture here at Autodesk - it's at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world. When you're an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us! **Benefits** From health and financial benefits to time away and everyday wellness, we give Autodeskers the best, so they can do their best work. Learn more about our benefits in the U.S. by visiting ****************************** **Salary transparency** Salary is one part of Autodesk's competitive compensation package. For U.S.-based roles, we expect a starting base salary between $142,200 and $229,900. Offers are based on the candidate's experience and geographic location, and may exceed this range. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package. **Equal Employment Opportunity** At Autodesk, we're building a diverse workplace and an inclusive culture to give more people the chance to imagine, design, and make a better world. Autodesk is proud to be an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender, gender identity, national origin, disability, veteran status or any other legally protected characteristic. We also consider for employment all qualified applicants regardless of criminal histories, consistent with applicable law. **Diversity & Belonging** We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: ******************************************************** **Are you an existing contractor or consultant with Autodesk?** Please search for open jobs and apply internally (not on this external site).

Cyber Palo Alto Networks Security Operations Senior Consultant Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success. Recruiting for this role ends on 12/31/25 The team Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions. Work You'll Do * Lead the design and deployment of Next-Generation SOC platforms, like Cortex XSIAM, including advanced detection rules and SOAR playbooks, and SIEM ingestion. * Integrate diverse log and telemetry sources, ensuring data quality and normalization. * Develop and optimize automated response workflows for incident containment and remediation. * Advise clients on advanced use cases, threat detection, and automation strategies. * Collaborate with cross-functional teams for solution enhancements and threat intelligence integration. * Present technical findings and recommendations to stakeholders. Required Qualifications * BA/BS degree in a technical field (e.g., Computer Science, Cyber Security) * 4-6 years of progressively responsible experience in cloud, network, or identity security domains, demonstrating increasing levels of responsibility, technical depth, and leadership over time * 3-4 years of experience with Security Operations tools and platforms including Cortex XSIAM, Cortex XDR, Splunk, or similar SIEM technologies * 3-4 years of Security Operations Center experience demonstrating expertise in detection engineering, automation and playbook development, or SOC maturity methodologies * 3-4 years of experience with one or more cloud service providers (AWS, GCP, Azure) and native security tools * 3-4 years of experience with management of log sources, data normalization, ingestion and manipulation of data * 3-4 years of experience working with detection and response platforms (EDR) like Microsoft Defender, Cortex XDR, CrowdStrike * 3-4 years of experience with governance, risk, or compliance initiatives involving common frameworks * Certifications including Palo Alto Networks' PCNSE or Certified Cybersecurity Associate or equivalent and/or similar cybersecurity certifications * Ability to travel up to 50%, on average, based on the work you perform and the clients and industries/sectors you serve. * Limited immigration sponsorship may be available Preferred Qualifications * Experience with Palo Alto Networks' platform of solutions including, but not limited to, next-generation firewalls, Cortex & Prisma Cloud, and Prisma Access, XDR, etc. * Strong understanding of vendor competitive analysis within Security Operations (e.g., competitive differences between competing SIEM solutions) * Proficiency with advanced scripting, playbook development within a SIEM, SOAR or Security platform * Basic proficiency with network routing protocols (e.g., BGP, ECMP) and network architecture concepts (e.g., network segmentation), in support of on-premise and secure cloud infrastructure use cases * Ability to communicate and advise on solution design based on client use-cases, requirements, or other success criteria * Previous consulting or "Big 4" experience * Relevant advanced cybersecurity or related network engineering certifications (e.g., CISSP, CEH, CCSP) Information for applicants with a need for accommodation: ************************************************************************************************************ The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $102,500 - $188,900. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte's purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more. Professional development From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. As used in this posting, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see ************************* for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Qualified applicants with criminal histories, including arrest or conviction records, will be considered for employment in accordance with the requirements of applicable state and local laws, including the Los Angeles County Fair Chance Ordinance for Employers, City of Los Angeles's Fair Chance Initiative for Hiring Ordinance, San Francisco Fair Chance Ordinance, and the California Fair Chance Act. See notices of various fair chance hiring and ban-the-box laws where available. Fair Chance Hiring and Ban-the-Box Notices | Deloitte US Careers Requisition code: 314097 Job ID 314097

The Microsoft Offensive Research & Security Engineering (MORSE) team is looking for a learn-it-all engineer that will help secure Microsoft products and devices. The MORSE team is responsible for securing Microsoft's operating systems, including Windows, cloud computing platforms, and virtualization technologies. These solutions support the daily needs of over one billion customers worldwide. This team performs security design reviews, code reviews, and vulnerability research on key features of Windows and Azure to make sure they meet the highest possible security standards. In this role, you will help a team of engineers tasked with building automation and tooling to streamline and scale detection of vulnerabilities. The ideal candidate will have hands-on experience with native code (C/C++), building security-focused developer-facing tools, a clear understanding of OS security fundamentals, solid computer science skills, and a passion for keeping Microsoft customers safe. Responsibilities * Equip Microsoft developers with powerful, easy-to-use security tools to catch security issues earlier * Improve existing processes and tools to help us deliver our goal of ubiquitous fuzzing * Collaborate with teams of security experts to understand their requirements and build tools to streamline or automate common tasks * Devise new methods to systematically detect vulnerabilities at scale Qualifications Required * Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field OR equivalent experience. Other Requirements: Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter. Preferred * Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in security or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 8+ years experience in security or related field OR equivalent experience. * Public track record of relevant security research, especially around vulnerability discovery * Experience exploiting bugs and bypassing security mitigations in Operating Systems * Familiarity with Microsoft Windows architecture * 5+ years of experience in a software engineering or security-related field * 3+ years of software engineering in a systems language such as C, C++, or Rust Penetration Testing IC4 - The typical base pay range for this role across the U.S. is USD $119,800 - $234,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $158,400 - $258,000 per year. Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: **************************************************** This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled. Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

About Us Join us at WinCo Foods, where we're more than just a grocery retailer - we're a growing family of over 140 supermarkets in 10 states with over 22,000 employee owners. Our purpose is to make the lives of our customers and employee owners better by offering the lowest possible prices to feed their families. Currently, WinCo is the second largest Employee-Owned company in the United States. With more than 500 millionaire employee-owners in our Employee Stock Ownership Plan (ESOP). Our benefits, including top-tier medical plans and tuition support set us apart. In your role, you'll be instrumental in making a real impact in the communities we serve, embodying our purpose every day. Overview Job Summary Design, implement and maintain security measures to protect WinCo Foods' cloud environments and cloud applications (SaaS) from cyber security threats. Work with existing security tooling to extend those protections to SaaS and cloud environments. Identify, install and configure new security tools to expand security coverage in WinCo's cloud environments. Proactively evaluate the security posture and configuration, and manage remediations of vulnerabilities and misconfigurations. Respond to threat alerts and anomalous activity across cloud environments and SaaS. Typical Duties and Responsibilities Maintain an atmosphere of friendly, enthusiastic customer service with an emphasis on taking care of the customer. Provide exceptional customer service by telephone, email, and in person. Identify security gaps or weaknesses, and recommend solutions to reduce risk to the company. Work with other Information Technology (IT) teams to ensure logical and physical security of all systems and data. Lead initiatives to implement new security solutions. Identify vendors, evaluate tools and implement the solution(s). Establish vulnerability-scanning procedures and work with the necessary teams to prioritize and install patches and security fixes based upon risk and impact. Act as the subject matter expert for IT Security on company technology projects lead by other teams. Develop security protection goals, objectives and metrics consistent with enterprise best practices. Produce periodic reports on security metrics and incidents. Perform log and event analysis of systems and security technologies to identify anomalies and suspicious activity. Develop monitoring and alerting for security technologies including IDS/IPS, firewall, vulnerability scanning, security logging and event management. Respond to security incidents and coordinate response, containment, forensics and mitigation. Conduct information security investigations and threat assessments. Perform maintenance, configuration and support of IDS/IPS, firewall, web proxy, vulnerability scanning, SIEM, and other security technologies. Promote security awareness across the organization through end-user training, knowledge transfer, and documentation of threats and vulnerabilities. Actively research and communicate current threats and attack vectors to IT management. Develop, document and update IT security procedures and policies. Perform on-call support for security events. Perform other projects and duties as needed and assigned. Requirements Education: Associates degree in IT, Computer Science, or related field AND five (5) years of IT Security or Engineering experience OR equivalent combination (seven (7) years) of education, training, and/or experience demonstrating considerable knowledge of IT security. Experience: At least five (5) years direct experience working in an enterprise technology environment in a security or engineering role. Demonstrating technical working knowledge of design considerations for Firewall, LAN, WAN, WLAN, VPN, Windows Server, Active Directory, DMZs, Certificate (PKI) Infrastructure, Unix/Linux, Virtual Infrastructure, and network protocols. Implementing and managing enterprise security solutions such as antivirus, encryption methodologies, IPS/IDS, Web Content Filtering, Identity and Access Management, email security, and monitoring and alerting. Demonstrating familiarity with security tools used for penetration testing, vulnerability scanning and forensics. Implementing security best practices related to networks, servers, end-user devices and sensitive information. Hands-on with log aggregation or SIEM technologies including implementation and support. Understanding of cyber security concepts, principles and industry-recognized security frameworks such as ISO 27002, NIST, CIS CSC, etc. Hands-on hardware and software troubleshooting. Demonstrating knowledge of applicable data privacy practices and laws. Exhibiting excellent customer service skills, working well with others and demonstrating professionalism and courtesy in all customer interactions. Designing and implementing security measures across popular cloud platforms (such as GCP, AWS, and/or Azure) Assessing security gaps and risks on cloud platforms and SaaS implementations Providing security best practice and implementation recommendations for new cloud applications Aligning security design with common security frameworks Working in a team-oriented, collaborative environment. Ability to: Consistently provide friendly and engaging customer service to internal and external customers. Demonstrate strong organizational skills, initiative and self-direction to effectively manage time and perform tasks to meet timelines and work quality expectations. Effectively prioritize and execute tasks in a high-pressure environment. Continually assess WinCo's security posture, and design and implement solutions for gaps. Learn and apply new/emerging technologies and best practices. Conduct research into IT security issues, products and solutions. Demonstrate strong analytical and problem-solving abilities while always maintaining attention to detail. Exhibit strong written and oral communication skills. Be highly motivated with a passion for IT Security. Communicate complex, technical, information and ideas to all levels of audiences. Demonstrate excellent interpersonal skills. Be on call to respond to security incidents, including evenings, weekends and holidays as required. Travel up to 10% of the time. Machines and Equipment Operated: Office machines (computer terminal, copier/scanner, fax machine, telephone etc.). Preferred Education, Experience and/or Credentials: Five (5) years direct experience working with enterprise security tools, including at least 3 years of implementing and managing enterprise security tools. Experience with open-source operating systems and security related tools. One or more industry recognized security certification, such as CISSP, GIAC, Security+, etc. One or more industry recognized technology certification, such as MSCE, CCNA, CCNP, etc. Working knowledge of PCI DSS compliance framework. The above statements are intended to describe the general nature of work performed by the employees assigned to this job. All employees must comply with Company policies and applicable laws. The responsibilities, duties and qualifications required of personnel may vary. #Indeed EEO/Inclusivity As the WinCo Foods community continues to grow, our variety of perspectives and wide range of experiences are essential to our strategy and success. We are committed cultivating and celebrating an inclusive environment in which all employees are valued and respected.

Mainframe Security EngineerRemote - United StatesJR012476 **Requirements:** + U.S. Citizenship is required. + Must pass a Federal Background Check. **Key Responsibilities:** + Administer security for RACF, ACF2, and Top Secret logon IDs, datasets, and resource rules. + Provision user access in response to ServiceNow tickets within defined SLAs. + Monitor system security policies and investigate violations/incidents. + Perform and review daily, weekly, and monthly audit reports. + Liaise with business units and technical support teams. + Prepare ad hoc reports and deliver presentations for customer support. + Ensure adherence to security standards across the environment. + Provide 24×7 on-call support as required. + Utilize Vanguard and/or IBM zSecure security products. + iSeries security knowledge is a plus. + Manage and lead large projects or tasks as needed. + Project management skills are highly desired. **Technical Skills:** + Proficient in TSO, JCL, IBM Utilities, JES2, and ISPF. + Experience with REXX or other programming languages is desired. + CICS security administration experience preferred. + Experience with Vanguard and/or IBM zSecure security products is desired. + Familiarity with IAM (Identity Access Management), MFA (Multi-Factor Authentication), and PAM (Privileged Access Management) is desired. + Strong PC skills, including Microsoft Outlook, Word, Excel, and PowerPoint. **General Knowledge:** + z/OS experience is highly desired. + Knowledge of other mainframe security products is a plus. **Personal Skills:** + Strong written and verbal communication skills. + Excellent organizational skills with the ability to manage multiple concurrent projects and work as part of a global team. + Ability to work independently and take initiative. + Strong analytical and problem-solving skills. + Effective team player who can work independently in a fast-paced environment. + Self-starter, detail-oriented, and able to multitask. **Education & Certifications:** + Bachelor's or Master's degree preferred. + CISSP, CISA, CISM, or ITIL certification is a plus. **Why Ensono?** Ensono is a place to make better happen - for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: + Unlimited Paid Days Off + Three health plan options through Blue Cross Blue Shield + 401k with company match + Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts + Paid Maternity Leave, Paternity Leave, and Sabbatical Leave + Education Reimbursement, Student Loan Assistance or 529 College Funding + Enhanced fertility coverage + Wellness program + Depending on location, ability to take Flexible work schedule + Advantage of fitness centers As of the date of this posting, a good faith estimate of the current pay scale for this role is **$90,000 to $135,000** annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP's pay transparency policy can be found on OFCCP's website (*********************************************************************************************** . If you need accommodation at any point during the application or interview process, please let your recruiter know or email ****************************** . JR012476

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

**_Job Title:_** Lead Adversarial Security Engineer **About** **Trellix:** **Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.** Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at ************************ . **_Role Overview:_** Trellix is seeking an Adversarial Security Engineer to lead the evolution of its cybersecurity posture. This is a senior, hands-on, remote-first role for a red/blue/purple expert who possesses a valuable blend of offensive tradecraft and defensive-engineering skills. **Role Overview:** As a lead member of the security operations team, and reporting to the Deputy CISO the mission of this role is to bridge the gap between "what if" and "what is" to continuously test the organization's defenses, find gaps, and personally lead the engineering effort to close them. By collaborating with the Security Operations Center (SOC), Threat Intelligence, and infrastructure teams, this expert will act as a force multiplier, mentoring junior security operations staff and providing the technical leadership to measurably improve the ability to detect and respond to advanced threats. **About the role:** + Plan and execute sophisticated, end-to-end red team engagements against our on-premise and cloud infrastructure. + Develop and validate new detection logic, transforming the results of your own attacks into high-fidelity alerts. + Lead continuous purple team exercises, acting as the primary bridge between the SOC, Threat Intelligence, and Detection Engineering teams. + Leverage Attack Surface Management (ASM) data to find "Shadow IT" and prioritize your offensive operations based on the most likely and impactful attack vectors. + Act as a senior technical leader, mentoring SOC analysts and junior engineers on advanced attack chains, detection theory, and defensive best practices. + Communicate complex findings and remediation strategies to a wide range of stakeholders, from highly technical engineers to executive leadership. **About you:** + You have a blended career path of 7+ years, demonstrating experience in both offensive security (like Red Teaming) and defensive operations (like Detection Engineering or Threat Hunting). + You possess exceptional communication skills, with an ability to create reports and presentations for both highly technical and executive audiences. + You are a U.S. citizen. + Your technical expertise is built on a deep, practical understanding of frameworks like MITRE ATT&CK and the Diamond Model. + You have proficiency in modern offensive tools and C2 frameworks (e.g., Cobalt Strike, Metasploit) and/or experience developing custom attack methods to evade EDR and network controls. + You are proficient in writing, tuning, and validating detection logic in SIEM and EDR platforms. + Your knowledge of automation is clear from your proficiency in any scripting languages such as Python or PowerShell. + You have practical experience assessing and defending modern cloud environments. + You may hold advanced offensive (e.g., OSCP, OSEP, GXPN) or defensive (e.g., GCIH, GDAT) certifications. + You may contribute to the community through public-facing research, conference talks, or open-source tools. **_Company Benefits and Perks:_** We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. + Retirement Plans + Medical, Dental and Vision Coverage + Paid Time Off + Paid Parental Leave + Support for Community Involvement We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

BlueForce Inc is seeking Mission Planning Support (MPS) F-15 Information System Security Manager (ISSM) Support Specialists in support of the Combat Air Forces (CAF) Fighter Squadron (FS), United States Air Force Warfare Center (USAFWC) flying units, and Air Support Operations Squadrons (ASOS) in Air Combat Command (ACC). The MPS F-15 ISSM Support position will manage the security aspects of F-15 Training Systems and coordinate with designated stakeholders to ensure cybersecurity protocols of the F-15 Training Systems. Locations are Eglin AFB, FL, Mountain Home AFB, ID, Nellis AFB, NV and Seymour-Johnson AFB, NC. * Subject to Contract Award* Tasks the Contractor shall perform include, but are not limited to: * Manage the security aspects of F-15 Training Systems and support the Government with obtaining and maintaining Interim Authorities to Test (IATTs), Authorizations to Operate (ATOs), Interconnection Security Agreements (ISAs), Authorities to Connect (ATCs), and similar. * Coordinate with the F-15 Training Systems Program Office (TSPO), Air Force Life Cycle Management Center (AFLCMC) SPO Simulators Division (WNS) at Wright-Patterson Air Force Base (AFB), local Government personnel using the F-15 Training Systems, and the F-15 Training Systems prime contractor to ensure the cybersecurity of the F-15 Training Systems. * Ensure F-15 Training Systems are operated and maintained IAW security policies and procedures as required by the Joint Special Access Program (SAP) Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and F-15 Training Systems security policy. Support the Government in ensuring F-15 Training Systems and related equipment is disposed of IAW the JSIG, NISPOM, and F-15 Training Systems security policy. * Ensure all users of F-15 Training Systems have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before creating accounts and granting them access to the F-15 Training Systems. Perform validation transfers and user account terminations. * Monitor and report all security-related incidents to the local F-15 Training Devices lead, Security team, and the F-15 TSPO within 24 hours of identifying or being made aware of the incident(s). Perform necessary activities, including media control and proper storage, to prevent spillage/loss of F-15 Training Systems program information. Assist the Government in investigating the root cause incident(s) and developing Corrective Action Plan to prevent recurrence of the incident(s). * Monitor various systems in the vault to ensure connections with external systems are properly maintained, recovery processes properly restore security features, and all restored features function correctly. * Collect and review F-15 Training Systems audit, tools, and maintenance logs on a quarterly basis. Document and report any deficiencies in the logs to the F-15 TSPO. * Conduct quarterly reviews of user and equipment lists for accuracy and currency. Coordinate with the F-15 Training Systems prime contractor to rectify any discrepancies and ensure the lists accurately reflect authorized users and equipment. * Perform quarterly compliance and vulnerability scans and reviews of the F-15 Training Systems. Document all identified deficiencies and their associated system risks. Submit a report of these findings to the F-15 TSPO and the local government lead for F-15 Training Devices within five business days of completing the scan. * Perform an annual risk assessment for the F-15 Training Systems. This risk assessment shall be provided to the F-15 TSPO at least 60 calendar days prior to the end of each calendar year. * Perform an annual inventory of the F-15 Training Systems and associated sub-assemblies. Results of the inventory shall be submitted to the F-15 TSPO at least 30 calendar days prior to the end of the calendar year. * Conduct quarterly self-assessments/inspections and inform the F-15 TSPO when any authorizations/approvals are projected to expire within six months. Assist with the necessary activities to obtain new authorizations/approvals. If an expiration date is within six months of the F-15E MPS ISSM's start date, the F- 15 MPS ISSM shall inform the F-15 TSPO at least 90 calendar days prior to expiration and assist the Government in obtaining any necessary extensions and/or new authorizations/approvals. * Coordinate with the Government and the F-15 Training Systems prime contractor to support the creation, updating, and maintenance of authorization/approval packages required per the JSIG/Risk Management Framework (RMF) or the F-15 Training Systems. Ensure all information is accurate, current, complete, and submitted on time to avoid program disruptions. Conduct security surveys at subordinate facilities and gather pertinent security documentation for inclusion into system authorization/approval packages. These packages include, but are not limited to: * System Security Plan (SSP) * Plans of Actions and Milestones (POA&Ms) * Security Control Traceability Matrix (SCTM) * Continuous Monitoring Plan (CONMON) * Information Assurance Standard Operating Procedures (IASOP) * Hardware Lists * Software Lists * Support assessments of F-15 Training Systems and their locations by ensuring all necessary documentation, reports, and data are readily available to assessing officials. Assist in addressing any assessing official questions or comments. Report any identified deficiencies to the F-15 TSPO within 14 calendar days of the assessment. Work with the government to address these deficiencies and implement any required mitigation processes or procedures as directed by the assessing officials. * Review, prepare, track, and update AIS authorization packages and AIS inspections, reports, and responses. Notify the local Government F-15 Training Devices program and the F-15 TSPO (AFLCMC/WNS) when changes occur that might affect AIS authorization. Perform AIS self-inspections and provide security coordination and review of all system test plans. Identify any AIS vulnerabilities, recommend countermeasures, and support their implementation. * Review, track, and conduct AIS training. * Maintain AIS security records and prepare Co-Utilization Agreements for network nodes operating in government facilities. Ensure AIS and network nodes are operated, maintained, and disposed of IAW security policies and practices. * Prepare reports on the status of security safeguards applied to computer systems. * Support various technical review and inspection teams. * Assist Government and Contractor organizations with assessment and authorization (A&A) efforts. * Conduct vault opening or closing procedures as required.

**About the role** You will design and govern security reference architectures, standards, and controls for cloud primitives (compute, network, storage), identity and access, data protection, container/Kubernetes platforms, AI/ML systems, and developer platforms. You will lead high-impact design reviews, threat modeling, and cryptographic strategy; guide zero-trust adoption; and drive detection, response, and resilience patterns at scale. You will collaborate with senior leaders and product teams, mentor engineers, and influence roadmaps through clear writing, principled prioritization, and metrics. Ideal candidates bring deep experience "building clouds," large-scale distributed systems, and security-by-design, with a track record of shipping secure platforms. You are practical, inclusive, and customer-obsessed, balancing rigor with velocity. If you thrive at the intersection of architecture, hands-on engineering, and incident leadership-and want to make a broad impact across Oracle's cloud-this role is for you. **About the business** Oracle's Secure Technology, Architecture and Safety (STAS) group sets the strategic technical direction for security across Oracle, shaping the future of secure cloud computing while partnering deeply with engineering and operations. We are seeking a Security Architect (Architect/Distinguished Engineer caliber) to define end-to-end security architecture for hyperscale cloud platforms and services, raise the security bar across the software lifecycle, and lead response to complex security incidents. **What you'll do** + Set strategy: Define multi-year security architecture strategy and roadmaps for cloud foundations, identity, data protection, platform security, AI/ML safety, and secure supply chain. + Authoritative design: Publish security reference architectures, control baselines, patterns, and design blueprints; lead cross-org design reviews and bar-raising architecture councils. + Build the cloud securely: Advise and co-design core cloud services (compute, networking, storage, virtualization, container/ orchestration, service mesh) with secure-by-default configurations. + Identity and zero trust: Advance strong identity, least privilege, policy-as-code, workload identity, and continuous verification aligned to zero-trust principles. + Cryptography and data protection: Drive KMS/HSM strategy, key lifecycle, envelope encryption, tokenization, privacy-enhancing technologies, and data governance at scale. + Secure SDLC: Embed threat modeling, secure coding, SAST/DAST/IAST, fuzzing, software provenance/SBOMs, signing, and deployment gates into developer platforms and CI/CD. + Detection and response: Partner with SOC and service teams on high-signal detection, telemetry standards, adversary emulation, incident response playbooks, and chaos/resilience testing. + Risk, compliance, and safety: Translate regulatory and customer requirements into engineering-ready controls and evidence; integrate safety-by-design for emerging technologies. + Incident leadership: Lead or advise on significant incidents; perform post-incident reviews, drive systemic fixes, and establish preventative guardrails and metrics. + Influence at scale: Produce clear design docs and RFCs; mentor senior engineers; run architecture reviews; build communities of practice; create learning pathways and reusable assets. **Responsibilities** **What you'll bring** + 12+ years in security architecture/engineering for large-scale distributed systems; significant experience "building clouds" (IaaS/PaaS) or platform engineering. + Expertise in at least three: identity and access management; network and micro segmentation; container/Kubernetes security; virtualization/compute; data protection/crypto; detection/response; supply chain security. + Hands-on depth with one or more: OCI, AWS, Azure, GCP; Kubernetes; service mesh; Terraform/Policy-as-Code; CI/CD; Linux hardening; observability stacks. + Demonstrated ability to lead cross-org initiatives, influence without authority, and deliver secure-by-default solutions at scale. + Strong written and verbal communication; ability to produce clear design docs, threat models, and executive narratives. + Commitment to inclusive collaboration and mentoring. **Preferred Qualifications:** + Experience designing KMS/HSM services, workload identity, confidential computing/TEE, or privacy-enhancing technologies. + Proven leadership in major incident response and post-incident systemic improvements. + Track record of published standards, OSS contributions, or patents in cloud security. + Advanced degree in Computer Science, Engineering, or related field (or equivalent experience). **Leadership competencies** + Performance, drive, and execution You'll deliver value and shape a performance-driven culture while ensuring accountability and communicating expectations. + Collaboration You understand and promote the value of collaboration and inclusivity and can align strategic aims with organizational goals. + Communicating for impact You inspire confidence by championing a clear understanding and support of organizational strategy and objectives. + Inspirational leadership You build a reputation for strategy by inspiring and empowering others while showing leadership internally and externally. + Competitive edge You anticipate changes in customer needs and seize opportunities to build value, encourage innovation, and meet objectives. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $136,600 to $338,500 per annum. May be eligible for bonus, equity, and compensation deferral. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC6 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

This job provides Information Security and Risk Management services for the Organization. Works with peers within security, HM Health Solutions customers and application teams to ensure alignment with current and future security needs. Manages activities of various Information Security personnel. Makes decisions on personnel actions (promotions, hiring, terminations, etc.). Develops talent, addresses resource management, cultivates capabilities of staff, planning and coordination of work, and managing performance. Conducts the oversight of security technology products for network, systems, and data. Controls expenses within the operating unit and is responsible for meeting budget goals. Actively contributes to the Information Security ans Risk Management (ISRM) strategic planning process by working with the Directors to develop and implement department strategic plans and action steps that support the corporate strategic objectives. Actively involved in the coordination, implementation, problem solving, communication, and training of new technologies and processes, as they are developed and moved into the environment. Develops and presents Information Security awareness and training programs. **ESSENTIAL RESPONSIBILITIES** + Perform management responsibilities including, but not limited to: involved in hiring and termination decisions; coaching and development; rewards and recognition; performance management and staff productivity. + Plan, organize, staff, direct and control the day-to-day operations of the department; develop and implement policies and programs as necessary; may have budgetary responsibility and authority. + Provide oversight of all aspects of project management to ensure continuous improvement of processes: negotiate and collaborate with leadership and staff to develop security solutions and options; develop and adhere to internal standards and strategies; ensure adherence to approved methodologies; coordinate resources, time, contingency plans and risk management. + Provide leadership to the department: lead and champion organizational change; encourage participation in activities that support relationship development; champion information security innovation; encourage and enforce proper training in regards to security issues. + Ensure compliance to Corporate and Information Security policies, standards and procedures. + Communicate effectively with all levels of the organization: facilitate meetings; plan, design and provide presentations; represent HM Health Solutions with outside entities; prepare divisional procedures, policies, reports and correspondence; spread awareness of new and existing security threats; provide oversight regarding metrics, funding, budgets and resources. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Information Security, Information Systems, Information Assurance, Computer Science or related field **Substitutions** + 6 years of relevant experience substitution for a Bachelor's Degree **Preferred** + Master's Degree in Computer Science, Information Security or related field **EXPERIENCE** **Required** + 7 - 10 years in Information Security and/or Information Risk Management and/or Information Technology + 7 - 10 years in developing, communicating and presenting Information Security and Risk Management concepts to varying audiences + 1 - 3 years in mentoring others in a leadership role + 1 - 3 years in Staff Management + 1 - 3 years in developing and executing strategic plans to realize business objectives **Preferred** + 10 - 15 years in Information Security and/or Information Risk Management and/or Information Technology + Experience managing an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework + Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits + Experience establishing budgets and meeting fiduciary goals + Security industry organization participation/leadership (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.) **LICENSES AND CERTIFICATIONS** **Required** + None **Preferred** + Certified Information Systems Security Professional (CISSP) **OR** + Certified Information Security Manager (CISM) **OR** + Certified in Risk and Information Systems Controls (CRISC) **OR** + Information Technology Infrastructure Library (ITIL) **SKILLS** + Knowledge of regulatory requirements such as Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry Data Security Standards (PCI DSS), and FIPS-140 + Strong teamwork and interpersonal skills + Experience in leading process improvement initiatives + Ability to motivate high performance, multi-discipline teams + Demonstrated competency in project execution + Demonstrated abilities in relationship management **Languages (Other than English)** None **Travel Requirement** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-Based Teaches/Trains others regularly Frequently Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Does Not Apply Physical Work Site Required Yes Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ **Pay Range Minimum:** $108,000.00 **Pay Range Maximum:** $201,800.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J269753

**About Us** **As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. We call it Digital Agility.** **To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com.** **Job Description Summary** The Senior Security Consultant - Penetration Testing is a critical role within Stratascale's Adversarial Operations team who will assist in leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. This position is remote with a Home Office setup as determined by Stratascale management. **Role Description** + Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements. + Consult and document attack surface, threats, and vulnerability improvements based on team's overall assessment of client's environment. + Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls. + Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations. + Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts. + Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling. + Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients their stakeholders. + Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems. + Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation. + Develop and deliver governance models, security frameworks, compliance reporting, and security assessments. + Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery. + Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement. + Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met. + Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions. + Participate in customer and internal meetings, providing technical guidance and facilitating discussions. + Stay educated on new product technologies, industry trends, and emerging capabilities within the practice. + Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants. **Behaviors and Competencies** + Communication: Can effectively communicate complex ideas and information to diverse audiences, facilitate effective communication between others, and mentor others in effective communication. + Relationship Building: Can take ownership of complex team initiatives, collaborate with diverse groups, and drive results through effective relationship management. + Self-Motivation: Can take ownership of complex personal or professional initiatives, collaborate with others when necessary, and drive results through self-motivation. + Negotiation: Can take ownership of complex negotiations, collaborate with others, and drive consensus. + Impact and Influence: Can rally a team or group towards a common goal, creating a positive and persuasive influence. + Business Development: Can take ownership of significant business initiatives, collaborate with various stakeholders, and drive business results. + Emotional Intelligence: Can use emotional information to guide thinking and behavior, manage and/or adjust emotions to adapt to environments or achieve one's goal(s), and help others do the same. + Detail-Oriented: Can oversee multiple projects, maintaining a high level of detail orientation, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks. + Follow-Up: Can take ownership of tasks, collaborate with others in managing follow-ups, and drive results through effective task completion. + Presenting: Can effectively use visual aids, storytelling, and persuasive techniques to enhance presentations and engage audiences. + Delegation: Can delegate responsibilities across a team, balancing workload, and ensuring all members understand their roles. + Analytical Thinking: Can use advanced analytical techniques to solve complex problems, draw insights, and communicate the solutions effectively. + Critical Thinking: Can integrate and synthesize information from various sources to inform strategic decision-making and problem-solving. + Technical Troubleshooting: Can take ownership of complex technical problems, collaborate with others to manage solutions, and drive results in problem resolution. **Skill Level Requirements** + Expertise in planning, executing, and leading penetration tests across networks, web and mobile applications, APIs, wireless, and cloud environments, including scoping, rules of engagement, and debriefs. - Intermediate + Proficiency with offensive security methodologies and frameworks such as PTES, OWASP (WSTG/MASVS/ASVS), MITRE ATT&CK, and threat modeling to drive risk-based testing. - Intermediate + Deep hands-on experience with common offensive tooling and techniques, including reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, and data exfiltration, along with strong operational security practices. - Intermediate + Ability to assess and attack cloud services (AWS, Azure, GCP) including IAM misconfigurations, storage, serverless, container/orchestration, and cloud networking, and communicate cloud-specific remediation guidance. - Intermediate + Strong web application testing skills including auth flows, access control, injection, deserialization, SSRF, XXE, business logic abuse, and modern app architectures (SPAs, microservices, GraphQL, WebSockets). - Intermediate + Working knowledge of Active Directory and Azure AD attack paths (Kerberoasting, constrained/unconstrained delegation, ACL abuses, LAPS/MAPS, certificate services), and the ability to simulate realistic enterprise attack chains. - Intermediate + Proficiency with social engineering and phishing engagements, including payload development, infrastructure setup, pretexting, and measurement aligned to customer policies and legal constraints. - Intermediate + Competence in scripting and automation to accelerate testing and proof-of-concept development using Python, PowerShell, Bash, and basic Go or JavaScript as needed. - Intermediate + Ability to develop clear exploit proofs-of-concept, reproduce vulnerabilities reliably, and validate fixes; familiarity with exploit development fundamentals is a plus. - Intermediate + Strong reporting and communication skills, including writing executive summaries and technical reports with reproducible steps, risk ratings, and actionable remediation, and presenting findings to both technical and non-technical stakeholders. - Intermediate + Experience collaborating in red/purple team exercises, working with blue teams, and translating findings into detection and hardening recommendations (e.g., SIEM detections, EDR tuning, hardening baselines). - Intermediate + Familiarity with vulnerability management workflows, responsible disclosure practices, and integration of pen test results into remediation programs and retesting cycles. - Intermediate + Proficiency with productivity and documentation tools such as Word, Excel, PowerPoint, and Outlook to efficiently produce statements of work, test plans, and final reports. - Intermediate **Other Requirements** + Completed Bachelor's Degree in a related field or relevant work experience required + 5-7 years of hands-on penetration testing/red team experience delivering engagements for mid-to-large enterprises, including leading complex assessments. + Ability to travel to SHI, Partner, Customer events, and on-site testing engagements as needed. + Advanced industry certifications preferred (e.g., OSCP, OSEP, OSWE, GXPN, GPEN, CRTO, CRTP, PNPT; CISSP or CSSLP a plus). + Demonstrated understanding of legal/ethical considerations, testing authorization, and safe handling of client data The estimated annual pay range for this position is $165,000 - $205,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status