Security architect jobs in Lehi, UT

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

at our UT HQ We are seeking an experienced Director of Information Security to lead our comprehensive security program across our diverse technology portfolio. This role requires a strategic leader capable of managing security and compliance initiatives across cloud environments, on-premises data centers, unified communications platforms, and customer-deployed solutions. The ideal candidate will bring deep expertise in regulatory compliance frameworks and emerging AI governance while building and maintaining a security culture that enables business growth. This position will report to the Vice President of Operations & Security. Key Responsibilities Strategic Security Leadership Develop and execute a comprehensive information security strategy that addresses the unique requirements of cloud-based services, on-premises infrastructure, and customer-deployed solutions Establish security governance frameworks that scale across multiple deployment models while maintaining consistent security posture Partner with executive leadership to align security initiatives with business objectives and risk tolerance Lead security architecture reviews for new products and features across all platforms Multi-Environment Security Management Oversee security operations across hybrid cloud environments and proprietary data centers Implement and maintain security controls for unified communications platforms, including softphone applications and mobile/desktop clients Design security frameworks for products deployed within customer premises that balance security requirements with customer autonomy Manage vulnerability assessment and remediation programs across all infrastructure types Compliance and Risk Management Maintain and expand compliance certifications including SOC 2 Type 2, ISO 27001, HIPAA, PCI DSS, FedRAMP, and so on Lead annual audits and assessments, coordinating with internal teams and external auditors Develop and maintain comprehensive risk registers and treatment plans Ensure compliance with industry-specific regulations relevant to our diverse customer base Establish and maintain AI governance policies and ethical use frameworks for AI-enabled features Security Operations and Incident Response Develop incident response plans that address the unique challenges of distributed architectures Coordinate security incident response across cloud, on-premises, and customer-deployed environments Establish threat intelligence programs to proactively identify and mitigate emerging risks Team Development and Collaboration Guide, mentor, and retain a high-performing security team Foster security awareness and best practices across the organization through training and communication programs Collaborate with engineering, product, and operations teams to embed security into development lifecycles Serve as the primary security liaison with customers, partners, and regulatory bodies Required Qualifications Experience 5+ years of progressive experience in information security, with at least 2 years in a senior leadership role Proven track record managing security for organizations with hybrid cloud/on-premises architectures Direct experience securing unified communications platforms, VoIP systems, or similar real-time communication technologies Demonstrated success achieving and maintaining SOC 2 Type 2 and ISO 27001 certifications Experience developing and implementing AI governance policies and responsible AI frameworks Background in securing multi-tenant SaaS platforms and customer-deployed enterprise software Technical Expertise Deep understanding of cloud security architectures (AWS, Azure, GCP) Expertise in network security, identity and access management, and data protection Knowledge of secure software development practices and DevSecOps methodologies Familiarity with telecommunications security standards and unified communications protocols Understanding of zero-trust architectures and modern security frameworks Leadership and Communication Exceptional ability to communicate complex security concepts to technical and non-technical stakeholders Experience presenting to boards, executive committees, and external auditors Proven ability to influence and drive security initiatives across diverse teams Track record of building collaborative relationships with engineering and product organizations Preferred Qualifications Advanced degree in Computer Science, Information Security, or related field Professional certifications such as CISSP, CISM, or CRISC Experience with privacy regulations including GDPR, CCPA, and HIPAA Background in telecommunications or unified communications industry Experience with FedRAMP or other government compliance frameworks Knowledge of container security and microservices architectures

Our Company Changing the world through digital experiences is what Adobe's all about. We give everyone-from emerging artists to global brands-everything they need to design and deliver exceptional digital experiences! We're passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. We're on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours! Position summary: The Senior Security Engineer position will be part of the Enterprise Security organization consisting of IAM professionals across several technologies. This specific position will have a specialized role in directory services and SaaS applications! It will focus on large implementations of Entra ID with integrations with other directories, IDPs, applications, and automated workflows. We give technical direction, administer tools, and provide support for various security technologies. We participate in driving Enterprise Security projects that use our cloud directory services for various internal and external Adobe services. We work with other specialists, architects, security teams, and software engineer teams across Adobe and collectively provide services, guidance, and strategies that protect services and data as well as adhere to various global government regulations. You will work with business customers, management teams, infrastructure teams, development teams, project managers, and other security teams to help implement the vision, structure, standards, and plan solutions that support the future architecture. At Adobe, you will be immersed in an exceptional work environment that is recognized throughout the world on Best Companies lists! You will also be surrounded by colleagues who are committed to helping each other grow through our Check-In approach where ongoing feedback flows freely. If you're looking to make an impact, Adobe is the place for you. Discover what our employees are saying about their career experiences on the Adobe Life blog and explore the meaningful benefits we offer. Adobe is an equal opportunity employer. We welcome and encourage diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability or veteran status. Primary Responsibilities May Include, but Are Not Limited To: * Managing deep and complex directory architectures and services span directories, IDPs, and federated environments. * Providing guidance and architecting solutions for directory service strategies across a variety of internal customers at Adobe. * We help test, implement, and support secure services used by end-users, devices, and application workflows to all of Adobe. * We engineer secure identity solutions for on-premises and cloud environments. * We are a team of Security Engineers that handle incoming requests, respond to issues, solve reported problems, and develop solutions. * We meet with teams to get business requirements, understand workflows, and devise solutions. * We help assess SaaS implementations for identity integrations and general security. * We generate useful metrics to help make decisions, identify issues, and manage our sevices. Requirements: * Possess a Bachelor's or advanced degree in MIS, Computer Science, Cybersecurity, or Engineering OR 10+ years in IT or Cybersecurity * Comfortable working on and leading different projects with many teams at one time * In-depth understanding of Windows, Mac and UNIX/Linux based systems, permissions, and interoperability. * Strong knowledge of machine to machine and application to machine connections using MFA, certificates, tokens, and other methods. * Strong understanding of the identity lifecycle, secure by design, least privileged and zero trust. * An in-depth knowledge and understanding of managing and securing cloud directories (e.g. Entra ID/AWS/Okta) and integrating with traditional directories (e.g. Active Directory/389DS/ LDAP based directories). * Proficient in written and verbal communications, skilled at working alongside differing viewpoints to accomplish shared objectives. * Able to work independently and as a team member. * Capable of conveying technical concepts to diverse audiences including non-technical users, architects, and senior leadership. * Professional written, verbal, and presentation communication skills to engage with senior leadership. * A deep understanding of Cloud Directories, especially Entra ID, and how to secure it, use conditional access policies, and apply/create automation. * Ability to teach and mentor others while fostering a collaborative environment. * Can model leadership behavior and help to grow other's leadership behavior. Preferred: * Understanding of Desktop operating systems including Windows, Linux, and Mac * Experience or knowledge of Public Key Infrastructure * Strong abilities in programming/scripting languages for automating repeatable tasks like Python, PowerShell, etc. * Experience and/or Knowledge of dashboarding and log correlation engines such as Grafana, Telegraph, Splunk, etc. * Experience with SaaS Security Posture Management technologies. * Experience with developing PowerBI dashboards. The Person Should: * Have strong social skills, ability to "win people over" and be a great teammate. * Be able to communicate, influence and mentor across business and executive leadership as well as partners while being able to explain the benefits for their teams. * Be neutral toward technology, vendor and product choices; more interested in results than in personal preferences. * Have the ability to think creatively and to solve complex tasks and problems with minimal direction. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $160,900 -- $297,400 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process. At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans. Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP). In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award. State-Specific Notices: California: Fair Chance Ordinances Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and "fair chance" ordinances. Colorado: Application Window Notice Nov 10 2025 12:00 AM If this role is open to hiring in Colorado (as listed on the job posting), the application window will remain open until at least the date and time stated above in Pacific Time, in compliance with Colorado pay transparency regulations. If this role does not have Colorado listed as a hiring location, no specific application window applies, and the posting may close at any time based on hiring needs. Massachusetts: Massachusetts Legal Notice It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Adobe is proud to be an Equal Employment Opportunity employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more. Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call **************.

Job Description Lightspeed is a leading provider of cloud-based software for dealerships and Original Equipment Manufacturers (OEMs), serving the Powersport, Marine, RV, Trailer, Outdoor Power Equipment, and Golf Cart industries. Lightspeed's Dealer Management Solution (DMS) enables dealerships to optimize their end-to-end business operations, including sales, parts, service, rentals, accounting, and Customer Relationship Management (CRM). When implemented into their daily operations, Lightspeed helps dealers increase their profitability by selling more units, service, and parts, all while creating a more streamlined experience for customers. For nearly 40 years, Lightspeed has been empowering 4,500+ dealers across North America with the tools and technology they need to manage their dealerships. The Senior Security Analyst is responsible for team lead activities, such as monitoring, analyzing, and responding to security incidents across enterprise systems, cloud environments, and networks. This role ensures the confidentiality, integrity, and availability of organizational information through proactive detection, incident response, and continuous improvement. The ideal candidate will have a strong technical background in leading threat analysis, SIEM integration and management, vulnerability management, and incident handling. What you'll do: Monitor and investigate security alerts and events across SIEM, EDR, and network systems. Conduct root cause analysis and coordinate remediation of security incidents. Lead vulnerability assessments and ensure timely patching and mitigation. Develop and maintain incident response playbooks and escalation procedures. Collaborate with IT, DevOps, and Development teams to strengthen overall security posture. Lead proactive threat hunting and continuous tuning of detection mechanisms. Support internal and external audits (e.g., SOC 2) and risk assessments by providing evidence and guidance. Perform firewall management, including rule changes, troubleshooting, and SOP development for hybrid cloud/on-prem environments. Lead to red/blue team exercises and implement findings to improve defenses. Coordinate and assist with enterprise pen-tests, risk assessments, and compliance initiatives. Serve as a lead security advisor to business and technical teams, providing guidance on secure design, risk mitigation, and compliance using industry frameworks and best practices. What you should have: Qualifications: Bachelor's degree in Cybersecurity, Information Technology, or a related field, or equivalent experience. 8+ years of experience in information security, incident response, or SOC operations. Proven hands-on experience with SIEM tools (Splunk, Sentinel, QRadar, etc.) and EDR/XDR platforms (CrowdStrike, Darktrace, Microsoft Defender). Strong experience securing and monitoring cloud environments (AWS, Azure). Deep knowledge of security frameworks (NIST CSF, ISO 27001, SOC 2). Advanced scripting and automation proficiency (Python, PowerShell, Terraform). Excellent analytical, problem-solving, and communication skills. Preferred Qualifications: Relevant certifications such as AWS Security, CISSP, GCIH, GCIA, GPEN, GWAPT preferred. Experience integrating AI and automation into security operations workflows. Hands-on experience performing dynamic application security testing and red team exercises across endpoint and cloud environments. Expert-level networking and firewall expertise with platforms such as Palo Alto, Cisco, or Checkpoint. Master's degree in Cybersecurity, Information Technology, or a related field. Inclusion and Diversity at Lightspeed: At Lightspeed, we celebrate the uniqueness of every individual and encourage diverse perspectives. We believe that inclusion drives innovation and fosters meaningful connections. We are committed to building an environment where everyone feels valued and empowered to make an impact. Equal Employment Opportunity Statement: Lightspeed is an Equal Opportunity Employer and is dedicated to building a diverse and inclusive workforce. All qualified applicants will be considered for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, religion, age, disability, veteran status, or any other protected category. Important Note: Applicants must be authorized to work in the U.S. Ready to apply? Take the next step in your career-apply today and join a team where your skills will make an impact!

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: * Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Build-time controls: Managing applications/products security controls and activities during development. * Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities * Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. * Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Support or develop components of the security analytics platform. * Contribute to investigations, threat hunting, and incident response activities in a supporting role. * Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. * Support the security operations team with the vulnerability management lifecycle for products and services under your purview. * Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities * Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. * Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. * Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. * Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). * Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. * Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. * Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. * Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. * Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. * Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. * Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. * Experience engaging with vendors in design partnerships. * Experience overseeing vulnerability and threat management at the platform and application levels. * Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. * Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. $146,000 - $170,000 a year In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

At Arctic Wolf, we're not just navigating the cybersecurity landscape - we're redefining it. Our global team of dedicated Pack members is driving innovation and setting new industry standards every day. Our impact speaks for itself: we've earned recognition on the Forbes Cloud 100, CNBC Disruptor 50, Fortune Future 50, and Fortune Cyber 60 lists, and we recently took home the 2024 CRN Products of the Year award. We're proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and earning a Customers' Choice distinction from Gartner Peer Insights. Our Aurora Platform also received CRN's Products of the Year award in the inaugural Security Operations Platform category. Join a company that's not only leading, but also shaping, the future of security operations. Our mission is simple: End Cyber Risk. We're looking for a Concierge Security Engineer 2 to be part of making that happen. About the Role: The Concierge Security Engineer 2 (CSE2) is a key member of the Concierge Security Team that delivers world-class Arctic Wolf security services. The CSE2 supports the technical relationship with their assigned customers and leverages their skills and expertise to fulfill key responsibilities. As a Concierge Security Engineer 2, you will: Create and maintain an outstanding partnership with customers; Support the direct delivery of Arctic Wolf network and endpoint security solutions to customers, including tasks such as investigating security events, and configuring, troubleshooting and verifying data sources; Action or escalate customer requests for guidance, information or support in a timely manner, including coordinating efforts with other teams, as needed. Proactively interact and communicate with internal and external stakeholders. The CSE2 role combines aspects of an IT Security Analyst, a Security Architect, and an Incident Response Consultant. A successful CSE2 possesses strong technical aptitude and an ability to communicate, educate, and share information effectively with non-technical people. Who You Are: You thrive in fast-paced environments and have a positive can-do attitude. You are a critical thinker that continually learns and can navigate uncertainty. You enjoy working with customers and in a team, are an excellent communicator, and are able to easily interact with a variety of people, personalities and technical skill levels. Above all, your passion for cybersecurity and partnering with customers shows in everything you do! Your experience could look like: 1-5 years of experience in a hands-on security role with a good knowledge of security architecture Degree or diploma in a relevant field, or certifications and experience equivalent Strong partnering and relationship building skills in a professional context Strong communication skills, both written and verbal Strong analytical and problem-solving skills Additional skills and experience: Security testing and forensics tools Malware analysis Scripting/Coding experience Incident response Authentication and identity management Risk management, assessment and common compliance frameworks Penetration testing and attack simulation On-Camera Policy To support a fair, transparent, and engaging interview experience, candidates interviewing remotely are expected to be on camera during all video interviews. Being on camera fosters authentic connection, improves communication, and allows for full engagement from both candidates and interviewers. We understand that technical, bandwidth, or location-related challenges may occasionally prevent video use. If this applies, candidates are required to notify us in advance so we can explore appropriate accommodations. About Arctic Wolf At Arctic Wolf, we foster a collaborative and inclusive work environment that thrives on diversity of thought, background, and culture. This is reflected in our multiple awards, including Top Workplace USA (2021-2024), Best Places to Work - USA (2021-2024), Great Place to Work - Canada (2021-2024), Great Place to Work - UK (2024), and Kununu Top Company - Germany (2024). Our commitment to bold growth and shaping the future of security operations is matched by our dedication to customer satisfaction, with over 7,000 customers worldwide and more than 2,000 channel partners globally. As we continue to expand globally and enhance our technology, Arctic Wolf remains the most trusted name in the industry. Our Values Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that-by protecting people's and organizations' sensitive data and seeking to end cyber risk- we get to work in an industry that is fundamental to the greater good. We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here. We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities. All wolves receive compelling compensation and benefits packages, including: · Equity for all employees · Flexible time off and paid volunteer days · RRSP and 401k match · Training and career development programs · Comprehensive private benefits plan including medical, mental health, dental, disability, life and AD&D, and value-added services · Robust Employee Assistance Program (EAP) with mental health services · Fertility support and paid parental leave Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing *************************. Security Requirements Conducts duties and responsibilities in accordance with AWN's Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies). Background checks are required for this position. This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations (“EAR”). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these laws and regulations.

The Information Security Engineer 2 is an intermediate level professional role that functions as an oversight engineer for the organization. This role works to improve and maintain security infrastructure while adhering to Church policy. This position may work on initiatives involving internal and external compliance, risk, vulnerability and threat monitoring and assessments. This position works under moderate supervision. This role ensures that information security controls are properly implemented, monitored and maintained to protect organizational data and systems. This individual assists the business in defining objectives, processes and measurements. This is an individual contributor role. This is a US-based hybrid role, but non-local exceptions may be approved under special circumstances. This individual works with divine guidance to provide or support technology that furthers the mission of the Church and reflects the eternal impact of the gospel. We value early, mid and late-career candidates and encourage all applicants with the posted skills and abilities to apply. Execute established security practices with consistency and discipline Lead tactical projects as assigned to clarify and respond to identified security risks across technical domains Mentor junior Information Security Engineers as assigned Research and correct new or unusual security configurations and implementations as identified by intelligence, analysts or monitoring Implement tools and processes that support information security initiatives Collaborate with engineers in other groups to implement standardized practices and follow routine process to promote secure systems Participate in the development and refinement of Information Security programs Participate in the evaluation, selection, testing and implementation of security-focused products and services Develop and maintain documentation for security systems and procedures * Bachelor's degree in related field or equivalent professional experience * Two years of related experience (can be an internship in Information Security, IT and/or Computer Science including expertise in one or more of the following areas: * Security, privacy, business continuity, compliance or related area(s), attacker tactics for both enterprise and web systems, cyber threat intelligence, incident handling, continuous monitoring, intrusion detection, advanced network forensics, host forensics, SIEM, SOC processes, and malware analysis * Proven ability to assist with the design and implementation of security controls that meet business operational needs * Ability to successfully collaborate with a team * Familiarity with programming and scripting * Good professional written and oral communication skills * This job operates in a professional office environment * To successfully perform the essential functions of the job there may be physical requirements which need to be met such as sitting for long periods of time and using computer monitors/equipment Preferred: * Relevant security certification from one or more of the following or equivalent certifying authorities: GIAC, CompTIA, ISC2, EC-Council, etc.

Job Details 110 S. REGENT STREET SUITE 500 - SALT LAKE CITY, UTDescription Here at Priority Dispatch, we know that protecting lives starts with the right protocols, training, and ensuring systems are safe and reliable. We're looking to hire a full time Application Security Engineer to use their expertise to build and defend secure systems that support our mission of delivering life saving dispatch systems! This is your chance to join an award winning company while having your work contribute and make a direct impact for good in communities around the world. We offer benefits that include medical, dental, vision, legal, and pet insurance, 401K and company contributions, PTO, short and long term disability and life insurance, and more while having meaningful work at a company that's been voted as a top place to work in Utah for the past 5 years running! Come see why our teams love to work here! Job Summary We are seeking an experienced Application Security Engineer to secure our web and desktop applications by implementing and managing SAST, DAST, and SCA processes. This role partners with developers, QA, and DevOps to embed security into CI/CD pipelines, conduct code reviews, and promote secure coding practices. The ideal candidate has deep expertise in OWASP Top Ten risks, API security, and threat modeling, with experience addressing unique challenges in desktop applications where automation is limited. Familiarity with cloud-native and AI-driven systems is essential, along with knowledge of compliance frameworks such as ISO 27001, NIST, CMMC, and Cyber Essentials. This position reports to the Director of Enterprise Solutions and Technology and plays a critical role in strengthening the organization's overall security posture. This is a hybrid role based in Salt Lake City, Utah. Major Responsibilities Ensure all application code is thoroughly tested and scanned for risks, vulnerabilities, and third-party dependencies using SAST, DAST, and SCA tools. Provide additional attention to desktop applications where automated security tooling may be limited, developing custom solutions as needed. Conduct penetration testing on core products, as well as other web applications and public-facing websites. Design and implement security controls for APIs, including secure authentication, authorization, and protection against common threats such as cross-site request forgery (CSRF). Collaborate with development teams to integrate Identity and Access Management (IAM) solutions aligned with least privilege and zero trust principles. Serve as a key contributor to the security architecture and design of software systems, working closely with engineering teams to embed security into technical decisions. Participate in the internal Security Council, contributing to strategic decisions and security governance. Lead training initiatives for developers, QA, and DevOps teams to promote secure design principles and a security-first mindset. Collaborate with engineering teams to integrate security into the software development lifecycle (SDLC). Perform threat modeling and risk assessments to identify and mitigate potential vulnerabilities early in the development process. Stay current with evolving security regulations, compliance standards, and emerging threats, ensuring organizational alignment and readiness. Qualifications Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 3-5 years of experience in application security, software development, or related technical roles. Strong understanding of secure coding practices, OWASP Top Ten, and software security testing methodologies. Hands-on experience with SAST, DAST, and SCA tools and techniques. Ability to develop custom scripts and automation to support security scanning, especially for desktop applications where tooling may be limited. Familiarity with penetration testing, threat modeling, and secure architecture design. Knowledge of API security, IAM, authentication and authorization protocols, and common web vulnerabilities such as CSRF and XSS. Experience working with cloud-native applications and modern development environments. Familiarity with security regulations and compliance frameworks such as ISO 27001, SOC 2, and GDPR. CISSP or other relevant security certifications (e.g., OSCP, CSSLP) preferred. Excellent communication skills and ability to collaborate across engineering, QA, and DevOps teams. Physical Requirements/Essential Job Functions Design and implement security controls to ensure all application code is tested and up to security standards Conducting testing on core products, web applications, and other public facing websites to identify and reduce security threats Collaborate closely with development teams to provide security guidance into technical decisions Ability to multi-task technical problems efficiently Ability to communicate technical concepts to both users and programmers effectively. Problem-solving Frequent computer and telephone use Sitting for long periods of time Concentrating for long periods of time. Occasional travel of less than 10% may be required. Our Company: Priority Dispatch Corp. is an Equal Opportunity Employer. We are a small, fast-growing provider of consulting, training, and software products for the public safety market. Priority Dispatch is based in the U.S. in downtown Salt Lake City, Utah. We offer a comprehensive benefits package including medical, dental, and matching 401(k) programs, etc. Priority Dispatch Corp. (PDC) provides comprehensive, integrated solutions for Police, Fire, and Medical emergency dispatching. We incorporate the Priority Dispatch System approved by the International Academies of Emergency Dispatch in all our products. PDC offers multi-agency emergency dispatching ProQA software, as well as a card-set version, AQUA quality improvement software, training, consulting, and Academy accreditation support. ************************

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Meta Platforms, Inc. (Meta), formerly known as Facebook Inc., builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. To apply, click "Apply to Job" online on this web page. **Required Skills:** Security Engineer Responsibilities: 1. Build tools that enable connectivity to our infrastructure only from Meta owned and managed devices. 2. Build machine attestation and secure certificate storage solutions to enable strong client trust. 3. Deploy systems that help mitigate security risks by understanding and controlling what software is allowed to execute on our client devices. 4. Develop, validate, and enforce our client security policies. 5. Build and deploy tools and automation that proactively detect and respond to security risks and threats to internal corporate services. 6. Advise and collaborate with other teams. 7. Telecommuting from anywhere in the U.S. allowed. **Minimum Qualifications:** Minimum Qualifications: 8. Requires Bachelor's Degree (or foreign equivalent) in Computer Science, Engineering or a related field and 1 year of experience in the job offered or a computer-related occupation 9. Requires 12 months of experience involving the following: 10. PHP, Golang, Python, C/C++, Rush, or Ruby 11. Designing and deploying security infrastructure such as PKI, key management, and certificate management 12. Endpoint Security & Management 13. Certificate Lifecycle 14. Devices & OS hardening and security policies 15. Identity & Access Management (Authentication & Authorization, SSO) 16. Network Security and 17. Programming and Code Review **Public Compensation:** $178,041/year to $200,200/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Lightspeed is a leading provider of cloud-based software for dealerships and Original Equipment Manufacturers (OEMs), serving the Powersport, Marine, RV, Trailer, Outdoor Power Equipment, and Golf Cart industries. Lightspeed's Dealer Management Solution (DMS) enables dealerships to optimize their end-to-end business operations, including sales, parts, service, rentals, accounting, and Customer Relationship Management (CRM). When implemented into their daily operations, Lightspeed helps dealers increase their profitability by selling more units, service, and parts, all while creating a more streamlined experience for customers. For nearly 40 years, Lightspeed has been empowering 4,500+ dealers across North America with the tools and technology they need to manage their dealerships. The Senior Security Analyst is responsible for team lead activities, such as monitoring, analyzing, and responding to security incidents across enterprise systems, cloud environments, and networks. This role ensures the confidentiality, integrity, and availability of organizational information through proactive detection, incident response, and continuous improvement. The ideal candidate will have a strong technical background in leading threat analysis, SIEM integration and management, vulnerability management, and incident handling. What you'll do: Monitor and investigate security alerts and events across SIEM, EDR, and network systems. Conduct root cause analysis and coordinate remediation of security incidents. Lead vulnerability assessments and ensure timely patching and mitigation. Develop and maintain incident response playbooks and escalation procedures. Collaborate with IT, DevOps, and Development teams to strengthen overall security posture. Lead proactive threat hunting and continuous tuning of detection mechanisms. Support internal and external audits (e.g., SOC 2) and risk assessments by providing evidence and guidance. Perform firewall management, including rule changes, troubleshooting, and SOP development for hybrid cloud/on-prem environments. Lead to red/blue team exercises and implement findings to improve defenses. Coordinate and assist with enterprise pen-tests, risk assessments, and compliance initiatives. Serve as a lead security advisor to business and technical teams, providing guidance on secure design, risk mitigation, and compliance using industry frameworks and best practices. What you should have: Qualifications: Bachelor's degree in Cybersecurity, Information Technology, or a related field, or equivalent experience. 8+ years of experience in information security, incident response, or SOC operations. Proven hands-on experience with SIEM tools (Splunk, Sentinel, QRadar, etc.) and EDR/XDR platforms (CrowdStrike, Darktrace, Microsoft Defender). Strong experience securing and monitoring cloud environments (AWS, Azure). Deep knowledge of security frameworks (NIST CSF, ISO 27001, SOC 2). Advanced scripting and automation proficiency (Python, PowerShell, Terraform). Excellent analytical, problem-solving, and communication skills. Preferred Qualifications: Relevant certifications such as AWS Security, CISSP, GCIH, GCIA, GPEN, GWAPT preferred. Experience integrating AI and automation into security operations workflows. Hands-on experience performing dynamic application security testing and red team exercises across endpoint and cloud environments. Expert-level networking and firewall expertise with platforms such as Palo Alto, Cisco, or Checkpoint. Master's degree in Cybersecurity, Information Technology, or a related field. Inclusion and Diversity at Lightspeed: At Lightspeed, we celebrate the uniqueness of every individual and encourage diverse perspectives. We believe that inclusion drives innovation and fosters meaningful connections. We are committed to building an environment where everyone feels valued and empowered to make an impact. Equal Employment Opportunity Statement: Lightspeed is an Equal Opportunity Employer and is dedicated to building a diverse and inclusive workforce. All qualified applicants will be considered for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, religion, age, disability, veteran status, or any other protected category. Important Note: Applicants must be authorized to work in the U.S. Ready to apply? Take the next step in your career-apply today and join a team where your skills will make an impact!

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Job Description We're looking for an Information Security Engineer to join our core security team helping deliver on security initiatives, audits & compliance, and infrastructure security & integrity. Core Responsibilities Security Operations & Implementation Evaluate, test, deploy and maintain security software and tools Develop, execute, and track the performance of security measures to protect information, network infrastructure, and computer systems Perform and document cybersecurity, vulnerability, and risk assessments and implement remediation plans Research security vulnerabilities and implement countermeasures Strategy & Planning Gather, analyze, and document security requirements for systems and applications Assist with developing security standards and best practices for the organization Recommend security solutions to management Develop cost-effective solutions to cybersecurity challenges Governance & Compliance Create comprehensive security reports and analysis for stakeholders Assist with internal compliance activities such as maintaining security certifications, driving access reviews, disaster recovery testing, pen test. Assist with external compliance requests such as responding to security questionnaires, responding to security RFPs. Training & Communication Educate and train staff in information security best practices Communicate security requirements and recommendations across the organization Collaborate with external security vendors to deliver projects, resolve issues, negotiate on requirements. Minimum Experience / Qualifications Bachelor's Degree in Information Security, Computer Science, or related field. 1-3 years of experience in areas of cybersecurity or related field. Experience with cybersecurity frameworks (SOC 2, ISO 27001, NIST, GDPR). Preferred Experience / Qualifications 5+ years of experience in areas of cybersecurity or related field. Professional certification such as CISSP, CISM, or CISA. Expertise in application security, including secure SDLC, SAST/DAST, and code review Expertise in network security, cryptography, and identity management Excellent understanding of technology infrastructures using Firewalls, VPN, Data Loss Prevention, and IDS/IPS Proficiency in at least one programming or scripting language (Python, Bash, Java, etc.) Ability to plan and deliver multi-week projects, including reporting status and reacting to changes of requirements. Experience in SaaS, Telecom, or in a regulated industry. Desired Skills, Competencies and Characteristics Passion: Strong internal motivation to deliver and develop in area of cybersecurity. Attention to Detail: Ability to consistently execute tasks with accuracy and thoroughness. Analytical Thinking: Capacity to evaluate complex scenarios and identify effective solutions. Collaboration: Ability to effectively partner and communicate across teams and departments. Adaptability: Flexibility to adjust quickly to changing priorities and evolving threats. Integrity: Unwavering commitment to ethical conduct, confidentiality, and reliability. Flexibility: Ability to accommodate occasional out of hours work to hit customer deadlines or respond to security incidents.

At Arctic Wolf, we're not just navigating the cybersecurity landscape - we're redefining it. Our global team of dedicated Pack members is driving innovation and setting new industry standards every day. Our impact speaks for itself: we've earned recognition on the Forbes Cloud 100, CNBC Disruptor 50, Fortune Future 50, and Fortune Cyber 60 lists, and we recently took home the 2024 CRN Products of the Year award. We're proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and earning a Customers' Choice distinction from Gartner Peer Insights. Our Aurora Platform also received CRN's Products of the Year award in the inaugural Security Operations Platform category. Join a company that's not only leading, but also shaping, the future of security operations. Our mission is simple: End Cyber Risk. We're looking for a Concierge Security Engineer 3 to be part of making that happen. About the Role: The Concierge Security Engineer supports the technical relationship with their assigned customers and leverages their skills and expertise to create and maintain an outstanding partnership with customers around the provision of security services. As a Concierge Security Engineer, you will: Creating and maintaining a partnership with our customers Analyze log and system data Interact with, and manage, internal and external stakeholders Communicate, educate, and share information with non-technical people Help our customers diagnose problems as well as support specific customer requests Primary technical point of contact for our customers Champion for our customers within the Arctic Wolf Team Mentoring junior analysts with their technical and soft skills This is a role that combines aspects of an IT Security Analyst, Security Architect, Incident Response Consultant, a Security Sales Engineer, and Technical Support. The CSE will be responsible for implementing, overseeing, managing, and supporting the network security infrastructure for multiple enterprises by leveraging Arctic Wolf's cloud infrastructure and their expertise in a wide variety of fields. The CSE works in a team along with an assigned Concierge Security Analyst and Customer Success Managers. Arctic Wolf CSEs develop strong working relationships with our customers and feel ownership over their security posture. We are looking for someone who has most of the following: 3+ years in Information Security, Network Security, or Cyber Security 3+ years additionally as a Network Admin, System Admin, Cloud Admin, or similar is strongly preferred Have a detailed understanding of Enterprise IT Security, including: Firewalls, Intrusion Detection, Antivirus, Content Filtering, and Proxies Have an understanding of Enterprise IT Operations, including: Networking, Active Directory, LDAP, Windows Server, and Cloud Infrastructures Analyze log and system data from the above list and other IT systems Know how to use one or more scripting tools and languages such as Python, Bash, and Power Shell Great writing and speaking skills Excellent relationship building skills in a professional context A positive “can-do” attitude A willingness to learn and continuous self-improvement There are no specific degree or certification requirements but degrees in engineering or technology are a plus. Any security or IT certification such as CISSP is also positive. Additional skills and experience: Security forensics Malware analysis E-discovery Threat containment Firewall and IDS provisioning Proxy and content filtering provisioning Authentication and identify management Risk and vulnerability Assessment Network and security Auditing Network troubleshooting Penetration testing Attack simulation PowerPoint presentation skills On-Camera Policy To support a fair, transparent, and engaging interview experience, candidates interviewing remotely are expected to be on camera during all video interviews. Being on camera fosters authentic connection, improves communication, and allows for full engagement from both candidates and interviewers. We understand that technical, bandwidth, or location-related challenges may occasionally prevent video use. If this applies, candidates are required to notify us in advance so we can explore appropriate accommodations. About Arctic Wolf At Arctic Wolf, we foster a collaborative and inclusive work environment that thrives on diversity of thought, background, and culture. This is reflected in our multiple awards, including Top Workplace USA (2021-2024), Best Places to Work - USA (2021-2024), Great Place to Work - Canada (2021-2024), Great Place to Work - UK (2024), and Kununu Top Company - Germany (2024). Our commitment to bold growth and shaping the future of security operations is matched by our dedication to customer satisfaction, with over 7,000 customers worldwide and more than 2,000 channel partners globally. As we continue to expand globally and enhance our technology, Arctic Wolf remains the most trusted name in the industry. Our Values Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that-by protecting people's and organizations' sensitive data and seeking to end cyber risk- we get to work in an industry that is fundamental to the greater good. We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here. We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities. All wolves receive compelling compensation and benefits packages, including: · Equity for all employees · Flexible time off and paid volunteer days · RRSP and 401k match · Training and career development programs · Comprehensive private benefits plan including medical, mental health, dental, disability, life and AD&D, and value-added services · Robust Employee Assistance Program (EAP) with mental health services · Fertility support and paid parental leave Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing *************************. Security Requirements Conducts duties and responsibilities in accordance with AWN's Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies). Background checks are required for this position. This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations (“EAR”). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these laws and regulations.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

We're looking for an Information Security Engineer to join our core security team helping deliver on security initiatives, audits & compliance, and infrastructure security & integrity. Core Responsibilities Security Operations & Implementation Evaluate, test, deploy and maintain security software and tools Develop, execute, and track the performance of security measures to protect information, network infrastructure, and computer systems Perform and document cybersecurity, vulnerability, and risk assessments and implement remediation plans Research security vulnerabilities and implement countermeasures Strategy & Planning Gather, analyze, and document security requirements for systems and applications Assist with developing security standards and best practices for the organization Recommend security solutions to management Develop cost-effective solutions to cybersecurity challenges Governance & Compliance Create comprehensive security reports and analysis for stakeholders Assist with internal compliance activities such as maintaining security certifications, driving access reviews, disaster recovery testing, pen test. Assist with external compliance requests such as responding to security questionnaires, responding to security RFPs. Training & Communication Educate and train staff in information security best practices Communicate security requirements and recommendations across the organization Collaborate with external security vendors to deliver projects, resolve issues, negotiate on requirements. Minimum Experience / Qualifications Bachelor's Degree in Information Security, Computer Science, or related field. 1-3 years of experience in areas of cybersecurity or related field. Experience with cybersecurity frameworks (SOC 2, ISO 27001, NIST, GDPR). Preferred Experience / Qualifications 5+ years of experience in areas of cybersecurity or related field. Professional certification such as CISSP, CISM, or CISA. Expertise in application security, including secure SDLC, SAST/DAST, and code review Expertise in network security, cryptography, and identity management Excellent understanding of technology infrastructures using Firewalls, VPN, Data Loss Prevention, and IDS/IPS Proficiency in at least one programming or scripting language (Python, Bash, Java, etc.) Ability to plan and deliver multi-week projects, including reporting status and reacting to changes of requirements. Experience in SaaS, Telecom, or in a regulated industry. Desired Skills, Competencies and Characteristics Passion: Strong internal motivation to deliver and develop in area of cybersecurity. Attention to Detail: Ability to consistently execute tasks with accuracy and thoroughness. Analytical Thinking: Capacity to evaluate complex scenarios and identify effective solutions. Collaboration: Ability to effectively partner and communicate across teams and departments. Adaptability: Flexibility to adjust quickly to changing priorities and evolving threats. Integrity: Unwavering commitment to ethical conduct, confidentiality, and reliability. Flexibility: Ability to accommodate occasional out of hours work to hit customer deadlines or respond to security incidents.

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.