Security architect jobs in Tennessee - 137 jobs

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Principal Information Security Architect provides subject matter expertise for multiple, complex security systems, including developing security architectures and roadmaps, and evaluating, planning and designing security solutions. Additionally, the Principal Architect provides subject matter expertise to Product, IT, Network, and Security teams in the implementation of recommended solutions for identified technical security issues; ensures the implementation of security solutions utilizing advanced technical expertise; serves as architecture lead on major projects with the ability and expertise to develop overall architectural direction; initiates and executes advanced research and development activities of significance to future business security strategies. **The Main Responsibilities** + Drives beneficial security change into the business through the development or review of architectures to ensure that they fit business requirements for security, mitigate risks, conform to the relevant security standards, and balance information risk against the cost of appropriate countermeasures. + Develops and designs new security solutions to reduce risk and align business requirements with security standards. Supports vendor relationships; leads vendor reviews through RFx process, working with Procurement and appropriate business partners on requirements and success criteria. Supports development of business case and approval process. + Delivers guidelines, best practices, and direction on security standards/policies and roadmaps. Provides subject matter expertise, consultation, and escalation support. + Provides support to Security Review process by assisting with complex questions and projects. Work with business units and partners as needed. + Acts as liaison between the business and technology from a security perspective, maintains an overview of the environment as a whole and its security aspects, understands business strategy and how it relates to security strategy, acts as a liaison between appropriate regulatory bodies, IT auditors, and business stakeholders, educates IT and enterprise roles on the need for (and consequences of) reducing information-related risk, and ultimately drives organizational change at all levels of the business. **What We Look For in a Candidate** Required: + Bachelor's degree in computer science, engineering, or related field with 15+ years of relevant experience or + Master's degree in computer science, engineering, or related field with 12+ years of relevant experience. + Applicable professional/technical certifications must be in place, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA. + Knowledge of information security industry and regulatory obligations (ISO 27001/27002, NIST Framework, FISMA, FedRAMP, and GDPR). + Software development experience. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure \#LI-Remote **What to Expect Next** Requisition #: 340981 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name.

Datavant is a data platform company and the world's leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format. Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world's leading life sciences companies, government agencies, and those who deliver and pay for care. By joining Datavant today, you're stepping onto a high-performing, values-driven team. Together, we're rising to the challenge of tackling some of healthcare's most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare. **What We're Looking For** As a Staff AI Security Architect at Datavant, you will lead the design, evolution, and adoption of secure by design principles across our AI and Machine Learning (ML) systems. This role sits at the intersection of AI innovation and security architecture. You will define and operationalize AI security strategy, embed security into the AI/ML development lifecycle, and partner deeply with data science, engineering, product, legal, and compliance teams to ensure our AI systems are secure, trustworthy, and scalable. **What You Will Do** + Establish AI security architectural standards, design patterns, and best practices adopted across engineering teams. + Architect and advise on secure end-to-end AI systems, including data pipelines, model training, evaluation, deployment, runtime monitoring, and agentic workflows. + Lead threat modeling, architecture reviews, and risk assessments for AI-driven products, including LLMs, agent frameworks, and multi-agent systems. + Define and evolve a comprehensive AI/ML secure development lifecycle integrated into existing SDLC practices. + Develop reference architectures, documentation, and reusable security components to accelerate secure AI adoption. + Collaborate with legal, privacy, compliance, and responsible AI stakeholders to align security controls with regulatory and ethical requirements. + Act as a trusted advisor to senior leadership on AI security risks, trade-offs, and long-term strategy. **What You Need to Succeed** + 8+ years of experience in security architecture, application security, or product security, with meaningful focus on AI/ML systems. + Hands-on experience securing AI/ML or LLM-based systems, including familiarity with modern AI architectures and agentic workflows. + Strong understanding of AI threat models, including adversarial ML, prompt injection, data poisoning, model theft, and abuse scenarios. + Proven ability to design and influence security architectures for large-scale, distributed systems. + Strong communication skills with the ability to translate complex technical concepts to both technical and non-technical stakeholders. + Have a strong understanding of security controls, both those that exist in audit standards as well as practical controls that can help reduce risk and increase safety. **What Helps You Stand Out** + Hands-on experience building, testing, or tinkering with agentic AI workflows, with an understanding of the security risks they introduce. + Experience securing AI/ML workloads in Databricks, with a deep understanding of its platform-specific security risks. + You have experience with security in healthcare or other highly regulated space. Examples: HIPAA, HITRUST, SOC 2, PCI, FedRamp experience from an operational response standpoint. We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. At Datavant our total rewards strategy powers a high-growth, high-performance, health technology company that rewards our employees for transforming health care through creating industry-defining data logistics products and services. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated total cash compensation range for this role is: $224,000-$280,000 USD To ensure the safety of patients and staff, many of our clients require post-offer health screenings and proof and/or completion of various vaccinations such as the flu shot, Tdap, COVID-19, etc. Any requests to be exempted from these requirements will be reviewed by Datavant Human Resources and determined on a case-by-case basis. Depending on the state in which you will be working, exemptions may be available on the basis of disability, medical contraindications to the vaccine or any of its components, pregnancy or pregnancy-related medical conditions, and/or religion. This job is not eligible for employment sponsorship. Datavant is committed to a work environment free from job discrimination. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. To learn more about our commitment, please review our EEO Commitment Statement here (************************************************** . Know Your Rights (*********************************************************************** , explore the resources available through the EEOC for more information regarding your legal rights and protections. In addition, Datavant does not and will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your answers will be anonymous and will help us identify areas for improvement in our recruitment process. (We can only see aggregate responses, not individual ones. In fact, we aren't even able to see whether you've responded.) Responding is entirely optional and will not affect your application or hiring process in any way. Datavant is committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities. If you need an accommodation while seeking employment, please request it here, (************************************************************** Id=**********48790029&layout Id=**********48795462) by selecting the 'Interview Accommodation Request' category. You will need your requisition ID when submitting your request, you can find instructions for locating it here (******************************************************************************************************* . Requests for reasonable accommodations will be reviewed on a case-by-case basis. For more information about how we collect and use your data, please review our Privacy Policy (**************************************** .

Role OverviewThe Principal Cloud Security Architect evaluates cloud architectures, identity models, permissions, and security controls across large-scale environments. This role focuses on identifying architectural risks, misconfigurations, and long-term security design gaps. What You'll Do- Assess cloud architectures (AWS, Azure, GCP) for security gaps - Review IAM configurations, network segmentation, and resource policies - Identify misconfigurations, privilege risks, and insecure patterns - Summarize architectural flaws and provide structured mitigation guidance - Validate alignment with security frameworks and best practices - Support recurring assessments of cloud environments and deployment patterns What You BringMust-Have:- Deep experience in cloud security architecture - Strong understanding of IAM, network design, and cloud service models - Ability to document complex architectures in clear, structured form Nice-to-Have:- Experience with multi-cloud, zero-trust, or high-compliance environments

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $184,000/year to $257,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

**Weekly Schedule:** Monday- Friday: 9am-5pm **Primary Responsibilities** + Manages solution design from conception, through ARB, to delivery + Primarily responsible for producingarchitecture documentation forsecurityapplications as assigned and as projects and programs of work dictate + Maintains First Horizon'sSecurityArchitecture Pattern Inventory (across identity, data, application, network, and cloud) as a member of the Core EnterpriseArchitecture Team + Leadssecuritydesign workshops and POC efforts for new (security) capabilities + Validates 3rd Party/Vendor Solutions forsecurityconcerns + Aligns InformationSecurityTechnology strategy and planning with First Horizon's business goals and objectives + Promotes the use of a shared infrastructure and application roadmap to reduce costs and improve how assets are secured + Builds and maintains technical trusted advisor relationships with influential technical decision makers within Technology + Works with engineers to ensure that technical solutions as delivered align with InformationSecurityStandards and Policies + Works with Portfolio technology leaders to include IT Risk and SecurityException initiatives in portfolio roadmap + Manage Encryption Standards: key management, tokenization for payments, DLP/classification/handling;architect PCI DSS segmentation boundaries and compensating controls. + Manage Network/Zero Trust Standards: microsegmentation across Azure and colocation; secure branch/office connectivity; define workload identity and continuous verification patterns; enforce least privilege. + Detection/telemetry: Publish Splunk logging schema, retention, and correlation strategies; onboard logs from Azure, Colo, API Gateways, IAM, CyberArk, MFaaS, and core platforms; drive ATT&CK‑aligned detections and forensic readiness. + Secure SDLC and supply chain: Operationalize threat modeling; collaboratively define CI/CD control overlays with DevOps; establish artifact signing/SBOM standards; ensure secrets handling and container/Kubernetes baselines where applicable. + Governance and risk: Maintain control overlays mapped to FFIEC/GLBA/PCI/NIST; lead design reviews; manage exceptions with remediation timelines; produce audit-ready decision records in partnership with the CISO team. + Payments and third-party/SaaS: Define intake andsecurityrequirements for MFaaS, Salesforce, ServiceNow, FIS/Fiserv/Bottomline integrations-identity, logging, data handling, and PCI scoping. + Physicalsecurityintegration: Align building access, video, and visitor systems with identity and logging patterns; coordinate incident playbooks with Corporate/PhysicalSecurity. + Enablement and influence: Mentor seniorarchitects and engineering associates; lead communities of practice; communicate strategy, benefits, and trade-offs to executives and delivery teams. **Requirements** + Bachelor's degree in Computer Science, Management Information Systems, or related field + (12+) years of InformationSecurityexperience + (7+) years of SecurityArchitecture + Experience in regulated financial services + Experience with Azuresecurityarchitecture across multi-tenant/region and hybrid environments; strong Zero Trust and network segmentation expertise + Regulatory fluency: FFIEC, GLBA, PCI DSS; practical NIST CSF/800-53 mapping; MITRE ATT&CK‑aligned detection design. + Experience with technical documentation like interaction diagrams, process diagrams, network topologies and otherarchitectural content + Experience with Agile/SAFe methodologies + Experience with EnterpriseArchitecture Governance: ARB/design councils, exception handling, and audit narratives; ability to set and harmonize enterprise standards. **Certifications/Licensures** + Strongly preferred: CISSP or CompTIASecurity+ Microsoft AzureSecurityEngineer or Azure SolutionsArchitectExpert + Preferred: CCSP; CISM or CRISC; SANS GCSA or GCLD; PCI Professional (PCIP) or equivalent GIAC enterprise defense/IR certifications **Skills And Competencies** + Ability to adapt to new technologies and learn quickly + Enterprisearchitectural leadership across identity, cloud, application, data, and networksecurity. + IAM for associates (Entra ID, Active Directory) and clients (TransmitSecurity, ForgeRock/Ping, or Okta); OAuth/OIDC; phishing-resistant MFA/passkeys; PAM integration and privileged pathway design. + IntegrationSecurity: FAPI, OAuth2.0, FDX, mTLS, rate limiting, schema validation, abuse/bot mitigation, CIAM integration, OWASP, and high-quality telemetry to Splunk. + Secure SDLC and supply chain: threat modeling, pipelinesecurity, artifact signing/SBOM, dependency hygiene, and secrets management. + Communication, influence, and enablement: ability to translate risk to business impact, drive adoption, and coach peers and engineers. + Ownership and execution: measurable risk reduction, pattern adoption, and cross‑team collaboration. **About Us** First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ******************** (https://urldefense.com/v3/\_\_https:/********************/\_\_;!!Cz2fjcuE!hpq9hPnrucZCPIAVPojVESItIq-FPzhurNdCrQ3JE8Rkx3gMd70nIk6\_kmPxl66\_oJCEsXs0gNunPowMAMHCmBYPOtUxUGI$) . **Benefit Highlights** - Medical with wellness incentives, dental, and vision - HSA with company match - Maternity and parental leave - Tuition reimbursement - Mentor program - 401(k) with 6% match - More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook (****************************************** X formerly Twitter LinkedIn (*************************************************** Instagram YouTube (********************************************************** Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.

Job Requirements & Qualifications: •Designs, put into practice, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner. •Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services). •Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC. •Maintains knowledge of current and up-and-coming security, compliance, and technical developments. Identifies present and prospective future vulnerabilities and collaborates with suitable leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines. •Works with the information security management team to administer, maintain, and continuously improve HIPAA, PCI DSS, SOX, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans. •Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements. •Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security. •Guide and cross-train junior department team members lead meetings construct and uphold strong partnerships with multiple departments coordinate vendor support engagements etc. Knowledge, Skills, and Abilities •Knowledgeable with and ability to apply time-proven, generally-accepted security management concepts, techniques, and methodologies. •Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources. •Strong, efficient written and verbal communication skills that enables effective communications to multiple audiences. •Ability to occasionally work unscheduled shifts and in an on-call capacity and be available for occasional travel (up to 25%). •Strong internal (security recommendations) and external (vendor support) negotiation skills. •Ability to influence and encourage others. •Strong understanding of PCI, HIPAA, and SOC regulatory requirements. •Development/analysis proficiency in one or more scripting languages. •Development/analysis proficiency in TSQL. •Capability to learn and preserve new skills required to adapt to growing business and technical environments. •Strong perceptive of present and emergent information security technologies and trends. Qualifications Work Experience and/or Education •Bachelor's and/or Master's degree in information security or computer information systems. •6+ years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives. •Active CISA, CISSP, or CISM certification. •Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AS400, PAN OS, AIX, Cisco IOS, etc.) enterprise services (e.g. directory services, email, web publishing, database, virtualization, etc.) content management, client-server, and collaboration, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc. •Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management. Additional Information

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures. Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers. We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo. Unum is changing, and we're excited about what's next. Join us. General Summary:The Manager - Information Security Policy and Controls Governance is responsible for strategic enhancement and day-to-day operation of key governance, risk, and compliance capabilities, including policy and standards governance, enterprise and application-level risk assessments, and controls management and attestation programs. This role will oversee the full lifecycle of governing documents, manage policy exceptions, coordinate external and regulatory assessments, and ensure strong alignment between security controls and regulatory requirements. The manager will also drive consistent, timely issues management across all domains. This leader will partner closely with stakeholders across the organization to mature processes, strengthen compliance posture, and ensure effective, repeatable execution of GRC activities. They will manage a small to mid-size team of IT security and risk management professionals. Job Specifications Bachelors degree in computer science, or relevant technical experience Has 5+ years experience in an IT Risk Management field, or equivalent relevant work experience Has a security technology background with strong knowledge of relevant technical security disciplines Exhibits courage by taking smart risks and encouraging others to do so; empowers innovative approaches by motivating others to be proactive and resourceful Able to effectively coach, mentor, identify, and address skills needs and gaps Proficient in methods and techniques for running effective meetings and for understanding and influencing the roles played by participants Displays good interpersonal skills at all levels of contact and in a wide variety of situations, able to listen and influence, and to relate to customers in their own language Demonstrates the ability to champion change and support teams through change. Demonstrates the ability to think critically, challenge conventional thinking and generate and apply unique business insight to create competitive advantage for the organization Has solid knowledge of regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs Has in-depth knowledge of security and control frameworks such as the NIST Cyber Security Framework, NIST SP 800-53, ISO 17799/27001, CobIT, and ITIL CRISC, CISSP, CISM, CISA, and other security related certifications are a plus Principal Duties and Responsibilities Oversees and evaluates the delivery and effectiveness of the organizations policy governance, risk assessments, control attestation, and issues management capabilities, taking action to address performance or quality gaps as needed. Ensures the team maintains a well‑defined, risk‑aligned backlog of work that advances program maturity and meets regulatory, audit, and business needs. Guides team members in prioritizing assessments, policy lifecycle activities, and control-related work based on risk, business value, and regulatory timelines. Proactively removes obstacles and operational roadblocks that hinder timely completion of assessments, attestations, and governance processes. Partners with business and technology stakeholders to translate security, compliance, and risk management objectives into actionable work items. Ensures best‑practice execution, including structured assessment methodologies, clear control documentation, consistent issue tracking, adherence to policy standards, and high‑quality evidence collection. Encourages creativity and continuous improvement in maturing governance, assessment, and control processes; fosters a culture of innovation within the team. Uses operational metrics, assessment cycle data, and workflow insights to understand team performance and drive process efficiency. Partners with leadership to ensure strong talent is in place to support the organization's governance, risk and compliance obligations. Mentors, coaches, and motivates team members to elevate their GRC expertise, business partnership skills, and overall performance. Identifies skill gaps related to risk frameworks, regulatory requirements, control design, and assessment techniques, ensuring development plans address these needs. Promotes cross‑training and shared ownership of GRC functions to reduce single‑points‑of‑failure and increase team resilience. While accountable for the team's output, actively cultivates a self‑organizing, autonomous, and collaborative team that consistently demonstrates accountability and continuous improvement. Conducts regular 1:1s and development discussions to monitor progress, reinforce strengths, and close skill gaps. Collaborates with peers to evaluate the effectiveness of resourcing models, proposing enhancements to better support team operations. Maintains a strong understanding of emerging regulatory trends, risk frameworks (e.g., NIST CSF, HIPAA, SOC, ISO), and control expectations to inform program improvements. Reinforces disciplined prioritization by ensuring the team focuses on the highest‑value, highest‑risk activities and commitments. Designs and operates GRC processes with partner teams' knowledge and needs in mind, ensuring risk governance activities are clear, intuitive, and easy to complete. #LI-TO1 #LI-MULTI IN4 Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best - both inside and outside the office. Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status. The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience. $89,400.00-$183,500.00 Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans. Company: Unum

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Location: This role requires associates to be in-office 1 day per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Ideal candidates will be able to report to one of our Pulse Point locations in Indianapolis, IN or Nashville, TN. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The Information Security Executive Advisor (Business Information Security Officer- BISO) develops strategic and tactical plans for a comprehensive enterprise-wide information security program. Leads the development of policies, technical standards, guidelines, procedures, and other elements of an infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls. Responsible for the selection and delivery of strategic network security, access control and secure transaction/messaging solutions. How you will make an impact: * Establishes architecture oversight and planning for information and network security technologies. * Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations. * Establishes strategic vendor relationships for security products and services. * Develops Enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements. * Provides advanced level engineering design functions. * Provides trouble resolution and serves as point of technical escalation on complex problems. * Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the Enterprise. * Provides technical guidance and leadership to the technical engineers within the organization. * Participates in the design of the Enterprise architecture. * Proposes opportunities to improve results based on targeted or continuous assessment. * Researches relevant trends and activities in healthcare, business, competition and regulatory environments. * Recommends strategy adjustments. * Participates in Enterprise planning activity, including vendor assessment, technology platform selection and retirement, prioritization and integration. * Serves as a technical merger and acquisition lead. * Acts as a subject matter expert for executive management. * Provides top-tier support for 6 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security. Minimum Requirements: Requires BS/BA in Information Technology or related field of study and a minimum of 10 years of experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background. Preferred Skills, Capabilities and Experiences: * Previous experience leading large security projects for individual business units highly preferred. * Expert Business Information Security Liaison experience highly preferred. * Ability to operate with ambiguous data to create a strategy and plan preferred. * Broad-based experience to plan and design highly complex systems preferred. * Expert knowledge and understanding of industry-accepted data processing controls and concepts preferred. * Security Certifications such as CISSP and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Systems Security Engineering Professional, Certification and Accreditation or equivalent certifications) preferred. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Job DescriptionOverview: East Tennessee R&D facility is currently seeking qualified applicants to serve as Junior Information Systems Security Officer (ISSO). The successful candidate should have a basic understanding of all aspects of cybersecurity. The candidate will collaborate with other teams across the lab, to include Information Technology, Physical Security, Classification Office, Cybersecurity, Lab Enterprise Risk, Lab Internal Audit, and others as appropriate. Primary Responsibilities: Provide assistance to the Information Systems Security Manager (ISSM) and Chief Information Security Officer (CISO) in the certification and accreditation (C&A) of systems/networks and implementation of cybersecurity requirements and procedures across the federal facility. Ensure systems are operated, maintained, and disposed of in accordance with DOE security policies and procedures and as outlined in applicable System Security Plans (SSPs). Establish and perform documented procedures for authorizing users to information systems Develop and maintain SSPs for system C&A. Identify, review, and provide analysis and recommendations to meet requirements of applicable laws, regulations, orders, and the contract, translate into policies, procedures, suggested control structures, analysis/white papers, aligning with business objectives Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls Identify, promote, and implement process improvements Qualifications Required: Experience in security control assessments, Master Plans, and Cybersecurity program plans Strong analytical and organizational skills as well as problem solving capabilities to understand Cybersecurity risk and exposure (legal, regulatory violations, etc.) Demonstrated experience implementing compliance frameworks (NIST, etc) Facilitation and project management knowledge, skills and abilities; lead program implementations Demonstrated excellent interpersonal, verbal, written and presentation communication skills and demonstrated ability to interact with all levels of internal and external stakeholders Strong customer service, networking, and teamwork skills with all levels of internal and external personnel, demonstrated ability to work with all levels of an organization Ability to work independently and meet deadlines High ethical standards and operates with integrity and professionalism Must be able to obtain and maintain a DOE Q security clearance Preferred Qualifications: Bachelor's degree in IT, Cybersecurity, Information Assurance, or related field and at least 5 years of experience in cybersecurity policy, risk management, governance, and compliance through a combination of education and experience may be considered for exceptional candidates. Minimum five years' experience working in an information security, information technology or information risk management related field Cybersecurity certifications (CISA, CISM, CRISC, CISSP, CCSP, SSCP) Incident Response Certification Privacy management, cybersecurity, evaluating security controls, identifying control gaps, and mitigating measures along with a strong understanding of business practices and technology concepts Thorough understanding of industry standards and regulations including PCI, HIPAA, Privacy Act, NIST 800-53, NIST Risk Management Framework, FAIR Working knowledge of privacy regulations and impacts Highly motivated individual with an enthusiasm for governance, risk and compliance who can communicate benefits and drive success Experience gaining an Authority to Operate (ATO) for a government system Proven track record of prioritizing tasking and meeting established deadlines Active DOE Q or TS clearance Special Requirement:This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

Recognized by Newsweek in 2024 and 2025 as one of America's Greatest Workplaces for Diversity Make Lives Better Including Your Own. If you want to work in an environment where you can become your best possible self, join us! You'll earn more than a paycheck; you can find opportunities to grow your career through professional development, as well as ongoing programs catered to your overall health and wellness. Full suite of health insurance, life insurance and retirement plans are available and vary by employment status. Part and Full Time Benefits Eligibility Medical, Dental, Vision insurance 401(k) Associate assistance program Employee discounts Referral program Early access to earned wages for hourly associates (outside of CA) Optional voluntary benefits including ID theft protection and pet insurance Full Time Only Benefits Eligibility Paid Time Off Paid holidays Company provided life insurance Adoption benefit Disability (short and long term) Flexible Spending Accounts Health Savings Account Optional life and dependent life insurance Optional voluntary benefits including accident, critical illness and hospital indemnity Insurance, and legal plan Tuition reimbursement Base pay in range will be determined by applicant's skills and experience. Role is also eligible for team based bonus opportunities. Temporary associates are not benefits eligible but may participate in the company's 401(k) program. Veterans, transitioning active duty military personnel, and military spouses are encouraged to apply. To support our associates in their journey to become a U.S. citizen, Brookdale offers to advance fees for naturalization (Form N-400) application costs, up to $725, less applicable taxes and withholding, for qualified associates who have been with us for at least a year. The application window is anticipated to close within 30 days of the date of the posting. Education and Experience Associate Degree in the field of Computer Science preferred. Minimum of 5 or more years of progressive experience in IT engineering. Certifications, Licenses, and Other Special Requirements None Management/Decision Making Uses limited independent judgment to make decisions based on precedents and established guidelines. Solves problems using standard procedures and precedents. Knows when to refer issues to supervisor and when to handle them personally. Knowledge and Skills Has a working knowledge of a skill or discipline that requires basic analytic ability. Has an overall understanding of the work environment and process. Has working knowledge of the organization. Well-rounded understanding of technology, operations and key business processes. Strong knowledge of hardware, software, database, operating system and networking technologies. Track record demonstrating maturity and responsibility with an ability to work with confidential situations. Strong problem solving and analytical capabilities. Excellent written and verbal communication skills. Ability to write reports, business correspondence, and procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers, and the general public. Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables. Ability to compute rate, ratio, and percent and to draw and interpret bar graphs. Physical Demands and Working Conditions Standing Requires interaction with co-workers, residents or vendors Walking Sitting Use hands and fingers to handle or feel On-Call on an as needed basis Reach with hands and arms Stoop, kneel, crouch, or crawl Talk or hear Ability to lift: Up to 25 pounds Vision Brookdale is an equal opportunity employer and a drug-free workplace. Responsible for working with network administrators, system administrators, developers, business managers, and end users to manage the security of the IT environment. The IT Security Engineer must stay abreast of evolving security issues and ensure the appropriate preventive and detective measures are in place. This role requires the ability to maintain the confidentiality of sensitive information. The role will oscillate, as needed, between supporting daily operational tasks (i.e. logs review, account management, AV threat management, etc.) and enterprise wide projects while keeping an eye toward reaching management goals for the organization-wide policies based on industry best practices. The role will require ongoing team building as well as information security administration. Administers security infrastructure, such as firewalls, anti-virus, intrusion prevention systems, VPNs, SMTP gateway, SEIM, etc Ensures that security configurations of key systems are properly implemented, monitored and reported. Investigates and resolves incident tickets. Provides technical support and consultation for enhancement of and change to network security configuration Performs active tests; discovers vulnerabilities in information systems Performs all security administration functions within Mission Critical maintenance of user profiles and roles Assists the business in achieving security certifications (e.g. external - SOX and HIPAA, internal - network, database, end user computing) and evaluates compliance of IT Policies Conducts risk assessments, compliance and control reviews for the organization Reviews security settings with business process owners to ensure they are in compliance with company standards for segregation of duties. This job description represents an overview of the responsibilities for the above referenced position. It is not intended to represent a comprehensive list of responsibilities. An associate should perform all duties as assigned by his/her supervisor.

The Security Engineer is responsible for ensuring that technical and procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices. The position works closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC. The Security Engineer will assist in managing Security Systems such as various endpoints, network logging, monitoring, physical access methods, and preventive systems as needed. The Security Engineer must focus on continuous improvement of response capabilities through automation and critical thinking. The professional is responsible for scrutinizing malware, targeted attacks, and intrusion detection. The Security Engineer will identify, investigate, and respond to information security alerts. They play an active role in searching through datasets, alerts, and notifications to detect any threats and anomalies. The security engineer will help resolve any issues related to network perimeter and security infrastructure devices. They must help resolve Windows and other security vulnerabilities. The Security Engineer must be able to dissect network, host, memory, and other artifacts that are originating from multiple operating systems and applications. The engineer will perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the security engineer to develop alerting and detection strategies to investigate any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics. The Security professional must be involved in incident response and investigations. The Information Security Engineer may suggest tools and techniques to achieve security goals. The Security Engineer may perform well-researched security enhancement suggestions to the ISO which meet security standards that protect the organization from possible security breaches. Essential Responsibilities * Security Alerts: Review, respond, and remediate where applicable; * Vulnerability remediation (may also be tasked with vulnerability administration, enhancements, scans, and automation development opportunities); * Phish campaign monitoring and resolution; * Analyze security systems and seek improvements on a continuous basis; * Report possible threats or software issues; * Research weaknesses and determine ways to counter them; * Understand software, hardware, and internet needs while adjusting them according to our business environment; * Assist fellow employees with cybersecurity, software, hardware, or IT needs; * Carry out and support information security plans and policies; * Respond to, investigate, and assist in recovery efforts related to a security breach; * Assist in Security Awareness training development and support; * Troubleshoot security and network problems; * Ensure the organization's data and infrastructure are protected by enabling and/or recommending appropriate security controls; * Participate and follow the change management process; * Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed or directed; * Administer, configure, and troubleshoot security infrastructure devices such as Varonis; * Test new software and firmware, as needed or directed. Operational Management * Work closely with IS Engineering, Security Engineers/Analysts, and other IS departments on corporate technology development to fully secure information, computer, network, and processing systems; * Recommend and implement changes, where appropriate, related to security policies and practices in accordance with changes in local and federal law; * Creatively provide resolution to security issues/problems in a cost-effective manner; * Collaborate with the Information Security Officer to establish and maintain systems for ensuring security and privacy policies are met. * Other security responsibilities as directed by the Information Security Officer Other Qualifications * Minimum of 1 - 3 years progressive experience in Cybersecurity technology development/engineering, with an emphasis on cybersecurity technology installations projects, administration, development, support, and related security tools/technology implementations; * Position requires a 4-year degree in Information Systems, Computer Science, Information Security or similar. An equivalent combination of education and experience will be considered; * For those not meeting the minimum education, additional work-related experience will be deemed equivalent; * CISSP or related certification is an advantage; * Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR [specifically Microsoft o365/E5], IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.; * Working knowledge and experience in the following areas: * Cloud computing security in Azure/Windows environments, security controls, security capabilities identification; * Experience in working on Microsoft products and can learn new systems quickly; * Experience with Nessus, Sentinel, Log Analytics, M365 Security stack, penetration testing, security patching, AppLocker, etc.; * Strong verbal and written communication skills required; * Must be able to handle multiple, simultaneous tasks effectively and efficiently while maintaining a professional, courteous manner; * Must be able to work well with others; * Must be detail oriented and organized; * High integrity, including maintenance of confidential information; * Must be able to exercise good judgement and positively influence others, including handling confrontations/conflict with poise and efficiency; * Focus on continuously improving skillset to meet security changes and challenges; * Based on business need, ability to work a flexible schedule, including some evenings and weekends as approved in advance or as required to support a security issue; * Regular and reliable attendance required.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role As a Physical Security Systems Engineer at xAI, you'll design, implement, and maintain advanced security systems to safeguard our facilities, assets, and personnel. Working onsite in Memphis, Tennessee, you'll tackle complex challenges, leveraging your deep expertise in security technologies to strengthen our infrastructure at a fast-scaling company. Expect to dive into system optimization, ensure robust protection, and travel regularly to xAI sites to support our mission of accelerating human scientific discovery through AI. This is an in-person role based in Memphis, Tennessee, with regular travel required to all xAI sites. Responsibilities Develop detailed design plans for the installation of physical security systems including access control, surveillance cameras, intrusion detection, and alarm systems. Collaborate with InfoSec, IT and facility management teams to integrate security hardware with existing systems across locations. Manage health and configuration of security network infrastructure Regularly assess the performance of installed security systems and make necessary adjustments or upgrades. Conduct preventive maintenance to ensure all security equipment is in optimal working condition. Diagnose and resolve hardware issues promptly to minimize downtime and security risks. Keep detailed records of all service and maintenance activities. Participate in or lead security audits to identify vulnerabilities in physical security measures. Recommend and implement solutions to address identified security gaps. Liaise with vendors for procurement of security hardware, ensuring compliance with organizational standards and budget constraints. Manage relationships with external contractors for installation and maintenance services. Train security and facility staff on the use of new security systems. Ensure all security hardware installations meet local, state, and federal regulations. Maintain up-to-date documentation on system configurations, maintenance schedules, and security incident responses. Required Qualifications Minimum of 5 years in a role focused on physical security systems design. Proven experience with CCTV, access control, and intrusion detection systems. Experience using CAD software and reading architectural drawings Experience using Bluebeam software Preferred Qualifications Bachelor's degree in Electrical Engineering, Computer Science, or related field; or equivalent experience in security systems. Ability to interpret security objectives, develop project schedules and manage adherence to established timetables. Familiarity with Genetec software is a plus. Proficiency in hardware troubleshooting and system diagnostics. Experience configuring security and network architecture in integrated security systems. Familiarity with current security technology trends and innovations. Certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly desirable. Excellent problem-solving abilities and attention to detail. Strong communication skills for effective collaboration with team members and stakeholders. Ability to work under pressure in a dynamic environment on highly condensed timelines. Regular sitting at a desk or computer for extended periods, typing and writing. Occasionally walking, around the facility and standing. xAI is an equal opportunity employer. For details on data processing, view our Recruitment Privacy Notice.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. Join the Slalom Cloud Team -a team of trailblazers ensuring we achieve our strategic goals through innovation and investment in the future. You'll collaborate with local market teams, niche experts, and global partners to drive cloud solution sales and empower clients on their cloud transformation journey. As a key member of Slalom's Google Cloud Center of Excellence, you'll leverage our award-winning partnerships and multidisciplinary teams to deliver business value and technical excellence for high-impact security and infrastructure solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired but not required, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. Slalom is committed to fair and equitable compensation practices. For this role, we are targeting the following levels and salary ranges: East Bay, San Francisco, Silicon Valley: * Senior Consultant: $131,000-$196,500 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Senior Consultant: $120,000-$180,000 All other locations: * Senior Consultant: $110,000-$165,000 In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process.

Weekly Schedule: Monday- Friday: 9am-5pm Primary Responsibilities * Manages solution design from conception, through ARB, to delivery * Primarily responsible for producing architecture documentation for security applications as assigned and as projects and programs of work dictate * Maintains First Horizon's Security Architecture Pattern Inventory (across identity, data, application, network, and cloud) as a member of the Core Enterprise Architecture Team * Leads security design workshops and POC efforts for new (security) capabilities * Validates 3rd Party/Vendor Solutions for security concerns * Aligns Information Security Technology strategy and planning with First Horizon's business goals and objectives * Promotes the use of a shared infrastructure and application roadmap to reduce costs and improve how assets are secured * Builds and maintains technical trusted advisor relationships with influential technical decision makers within Technology * Works with engineers to ensure that technical solutions as delivered align with Information Security Standards and Policies * Works with Portfolio technology leaders to include IT Risk and Security Exception initiatives in portfolio roadmap * Manage Encryption Standards: key management, tokenization for payments, DLP/classification/handling; architect PCI DSS segmentation boundaries and compensating controls. * Manage Network/Zero Trust Standards: microsegmentation across Azure and colocation; secure branch/office connectivity; define workload identity and continuous verification patterns; enforce least privilege. * Detection/telemetry: Publish Splunk logging schema, retention, and correlation strategies; onboard logs from Azure, Colo, API Gateways, IAM, CyberArk, MFaaS, and core platforms; drive ATT&CK‑aligned detections and forensic readiness. * Secure SDLC and supply chain: Operationalize threat modeling; collaboratively define CI/CD control overlays with DevOps; establish artifact signing/SBOM standards; ensure secrets handling and container/Kubernetes baselines where applicable. * Governance and risk: Maintain control overlays mapped to FFIEC/GLBA/PCI/NIST; lead design reviews; manage exceptions with remediation timelines; produce audit-ready decision records in partnership with the CISO team. * Payments and third-party/SaaS: Define intake and security requirements for MFaaS, Salesforce, ServiceNow, FIS/Fiserv/Bottomline integrations-identity, logging, data handling, and PCI scoping. * Physical security integration: Align building access, video, and visitor systems with identity and logging patterns; coordinate incident playbooks with Corporate/Physical Security. * Enablement and influence: Mentor senior architects and engineering associates; lead communities of practice; communicate strategy, benefits, and trade-offs to executives and delivery teams. Requirements * Bachelor's degree in Computer Science, Management Information Systems, or related field * (12+) years of Information Security experience * (7+) years of Security Architecture * Experience in regulated financial services * Experience with Azure security architecture across multi-tenant/region and hybrid environments; strong Zero Trust and network segmentation expertise * Regulatory fluency: FFIEC, GLBA, PCI DSS; practical NIST CSF/800-53 mapping; MITRE ATT&CK‑aligned detection design. * Experience with technical documentation like interaction diagrams, process diagrams, network topologies and other architectural content * Experience with Agile/SAFe methodologies * Experience with Enterprise Architecture Governance: ARB/design councils, exception handling, and audit narratives; ability to set and harmonize enterprise standards. Certifications/Licensures * Strongly preferred: CISSP or CompTIA Security+ * Microsoft Azure Security Engineer or Azure Solutions Architect Expert * Preferred: CCSP; CISM or CRISC; SANS GCSA or GCLD; PCI Professional (PCIP) or equivalent GIAC enterprise defense/IR certifications Skills And Competencies * Ability to adapt to new technologies and learn quickly * Enterprise architectural leadership across identity, cloud, application, data, and network security. * IAM for associates (Entra ID, Active Directory) and clients (Transmit Security, ForgeRock/Ping, or Okta); OAuth/OIDC; phishing-resistant MFA/passkeys; PAM integration and privileged pathway design. * Integration Security: FAPI, OAuth2.0, FDX, mTLS, rate limiting, schema validation, abuse/bot mitigation, CIAM integration, OWASP, and high-quality telemetry to Splunk. * Secure SDLC and supply chain: threat modeling, pipeline security, artifact signing/SBOM, dependency hygiene, and secrets management. * Communication, influence, and enablement: ability to translate risk to business impact, drive adoption, and coach peers and engineers. * Ownership and execution: measurable risk reduction, pattern adoption, and cross‑team collaboration. About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ********************* Benefit Highlights * Medical with wellness incentives, dental, and vision * HSA with company match * Maternity and parental leave * Tuition reimbursement * Mentor program * 401(k) with 6% match * More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook X formerly Twitter LinkedIn Instagram YouTube

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures. Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers. We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo. Unum is changing, and we're excited about what's next. Join us. **General Summary:** Senior Security Engineer Join a team where your expertise shapes enterprise-wide security strategy. We're seeking a Senior Security Engineer to lead the design and execution of cutting-edge security architecture and defense frameworks that protect critical assets across our global organization. In this role, you'll: Influence corporate-level security decisions Architect and operate a depth-in-defense security framework Drive Identity & Access Management and privileged access solutions Collaborate with IT and business leaders to integrate secure technologies Partner with internal and external audit teams to ensure compliance You'll be solving complex security challenges, building scalable solutions, and helping shape the future of cybersecurity at Unum. **Job Specifications** + Bachelor's or advanced degree in computer science or related discipline preferred or comparable work experience. + 6+ years of related work experience in information technology engineering, support or consulting experience. Preferred if two of those years was spent in networking, application development, system security or IT Audit related positions. Demonstrated ability and success in: + Working effectively in an ambiguous environment, functioning independently, and effectively working across geographical locations. + Detecting and analyzing hostile and other improper actions in such an environment. + Investigating and responding to security alerts, or new security threats with a sense of urgency. + Strong oral and written communications skills + Strong analytical and problem-solving skills and proactive thinking skills + Strong Knowledge of (at least one) UNIX, Windows, Mainframe, and/or Apple Operating System vulnerabilities and secure configuration settings + Strong Knowledge of threats and vulnerabilities associated with application and network security. + Strong Knowledge of the principles of implementation and operation and experience with security technology such as firewalls, multi-level security implementation, security assessment, monitoring and profiles tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.), and password crackers. + Mentor and support junior level security staff + Develops strong partnerships with client management, business clients, application developers, software vendors and other technical resources which includes, but not limited to, legal, compliance, and privacy + Maintain close relationships with the business to understand strategy, processes, plans and needs to help influence planning by advising on best practices, innovation/technology enablement opportunities + Communicates effectively with business partners, customers, brokers, third party suppliers/partners, and systems resources at all levels. + Delivers effective, high-quality solutions in a timely manner while balancing shifting priorities and, at times, accelerated timelines. + Facilitate matching business needs and services options by leveraging knowledge of business strategy, processes, and market offerings to assist in evaluating the most appropriate products and services to meet its requirements + Provide an overall perspective or point of clarification to partner on operational aspects of a service. Has a good overall understanding of infrastructure and application portfolios to provide guidance to service partner provider. **Technical Skills for Identity & Access Management** + Experience in implementing and supporting global Identity and Access Management solutions (Identi-ty Management, Access Management, Virtual Directory, SSO) + Knowledge and experience on Oracle OAM ,ForgeRock OpenAM and/or other Web Access Manage-ment systems (like CA SiteMinder), and API integration + Experience on ForgeRock OpenIDM, Oracle OIM and/or other Identity management systems + Experience on SSO (Single-Sign-On) technologies including Cloud, SAML and federation of identities (IdP initiated and SP initiated), multi-factor authentication + Experience on CyberArk, Enterprise Certificate Management and Enterprise Token Services technol-ogies. + Experience with LDAP/Directory Services including Active Directory and Radiant Logic + Experience with RACF, DB2, SQL + Experience with Azure, O365 and AWS + Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs + ISO 27001/27002 the NIST Cyber Security Framework + CISSP, CISM, SANS, and other security related certifications a plus **Technical Skills for Cyber Security** **Excellent working knowledge of one or more of the following security areas desired:** + Operating System Security (Windows, Apple, AIX, Linux, zOS) + Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509) + TCP/IP and networking (LAN/WAN/Wireless) + Intrusion Detection and Prevention products + Incident Response Management + Public Key Infrastructure technologies including encryption, Kerberos, certification authorities + Application and Network Security Assessments methodologies and tools + General Access Control Security (Active Directory, Linux, and Mainframe security) + IPSEC and remote access technologies + End Point Security products (i.e. Anti-virus, Malware, Hard Drive encryption) + Ethical Hacking, Incident Response and case management. + Forensic tools such as Oxygen, encase, Atola Forensic equipment + Experience in implementing and operating security technology such as firewalls, multi-level security implementation, security assessment scanners, and security monitoring tools (e.g. IDS/IPS, SEIM, AV, Qualys, etc.) + Experience in application and network security assessment methodologies, tools, and techniques + Experience in implementing and operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc.) + Security Coding Standards (e.g. OWASP) and Secure Software Development Lifecycles.SOX and HIPPA compliance requirements and related programs **Familiar with Regulations, including, GLPA, HIPAA, GDPR, CCPA, and other Cyber Security Regulatory compliance requirements and related programs** + ISO 27001/27002 the NIST Cyber Security Framework + CISSP, CISM, SANS, and other security related certifications a plus **Principal Duties and Responsibilities** Performing cyber security monitoring and security incident response, including: + Monitors for external threats and indicators of compromise + Responds to and leads incident response for threat alerts + Monitors for inappropriate utilization of computer resources + Assesses reported security threats and weaknesses. + Provides level II support for Operations + Participates in 24/7 on-call rotation. + Participates in ethical hacking red team/blue team exercises. + Performs day-to-day operations and technical support, including system upgrades, on the Unum security technology portfolio. + Consults on the security framework to IT/Business project teams, and in day-to-day business operations. + Consults with development and business partners on integration and security configuration for new or existing software or solutions + Participates in the evaluation of vendor's product strategies, technology roadmaps and software enhancements, and consults on the inclusion and rollout these recommendations in the corporate security roadmap. + Develops and consults on sound security policies and procedures. + Assists with application and network security assessments, as assigned. + Maintains expertise to function as subject matter expert in one or more security disciplines. + Develops strong partnerships with business clients, application developers, software vendors and other technical resources. + Performs other duties as assigned. \#LI-AD1 \#LI-MULTI ~IN1 Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best - both inside and outside the office. Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status. The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience. $98,340.00-$201,900.00 Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans. Company: Unum

Job DescriptionEast Tennessee company is seeking an ISSO to join their growing team. This position requires candidates to currently have or can obtain a federal security clearance so US citizenship is required. This position will be required to work onsite in Oak Ridge Tennessee. Duties and Responsibilities:The ISSO is a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization. The ISSO provides direction to IT and infrastructure support personnel on the application of security patches and secure configurations. Routine collaboration and consultation with the ISSM regarding the design, development, integration, and analysis of unclassified information systems. Under general supervision, the candidate is responsible for performing a full range of Information Assurance functions in support of the security needs of the ISSM.Primary Responsibilities: Provide assistance to the ISSM and CISO in the certification and accreditation (C&A) of systems/networks and implementation of cybersecurity requirements and procedures across the client site. Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures and as outlined in applicable System Security Plans (SSPs). Perform documented procedures for authorizing users to access information systems. Develop and maintain SSPs for system C&A. Manage Plans of Action and Milestones to closure for information systems under accreditation. Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices. Escalate questions/concerns/issues to more senior-level staff as required. Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls. Identify, promote, and make recommendations for process improvements. Assist with annual self-inspections, system certification testing, periodic security testing, and functional testing on systems/networks. Ensure compliance of all network equipment with applicable DOE and ORNL requirements Other duties as assigned for support within the program. Basic Qualifications: Bachelor's degree with 5-7 years of relevant experience (ex. cybersecurity assessments, risk management, cybersecurity policy, and compliance, etc.). An equivalent combination of education and experience may be considered. Ability to obtain and maintain a DOE Q security clearance or equivalent is required. Strong analytical and organizational skills as well as problem solving capabilities to understand Cybersecurity risk and exposure (legal, regulatory violations, etc.) to ORNL. Demonstrated experience implementing compliance frameworks (NIST, etc) Excellent interpersonal, verbal, written, and presentation communication skills. Thorough understanding of industry standards and regulations including NIST 800-53, NIST Risk Management Framework, and NIST Cybersecurity Framework (CSF). Working knowledge of privacy regulations and impacts. Ability to work independently, meet deadlines, and uphold high ethical standards. Preferred Qualifications: Active DOE Q or TS security clearance or equivalent. Master's degree in information assurance or related field with 4-6 years of relevant experience working in an information security, information technology or information risk management related field. Cybersecurity certifications (CISSP, CISA, CISM, CRISC, CCSP, SSCP) and Incident Response Certification Privacy management, cybersecurity, evaluating security controls, identifying control gaps, and mitigating measures along with a strong understanding of business practices and technology concepts. Highly motivated individual with an enthusiasm for governance, risk and compliance who can communicate benefits and drive success. Demonstrated background in governance, risk, and compliance. Experience in obtaining Authority to Operate (ATO) for DOE government systems.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role As a Physical Security Systems Engineer at xAI, you'll design, implement, and maintain advanced security systems to safeguard our facilities, assets, and personnel. Working onsite in Memphis, Tennessee, you'll tackle complex challenges, leveraging your deep expertise in security technologies to strengthen our infrastructure at a fast-scaling company. Expect to dive into system optimization, ensure robust protection, and travel regularly to xAI sites to support our mission of accelerating human scientific discovery through AI. This is an in-person role based in Memphis, Tennessee, with regular travel required to all xAI sites. Responsibilities Develop detailed design plans for the installation of physical security systems including access control, surveillance cameras, intrusion detection, and alarm systems. Collaborate with InfoSec, IT and facility management teams to integrate security hardware with existing systems across locations. Manage health and configuration of security network infrastructure Regularly assess the performance of installed security systems and make necessary adjustments or upgrades. Conduct preventive maintenance to ensure all security equipment is in optimal working condition. Diagnose and resolve hardware issues promptly to minimize downtime and security risks. Keep detailed records of all service and maintenance activities. Participate in or lead security audits to identify vulnerabilities in physical security measures. Recommend and implement solutions to address identified security gaps. Liaise with vendors for procurement of security hardware, ensuring compliance with organizational standards and budget constraints. Manage relationships with external contractors for installation and maintenance services. Train security and facility staff on the use of new security systems. Ensure all security hardware installations meet local, state, and federal regulations. Maintain up-to-date documentation on system configurations, maintenance schedules, and security incident responses. Required Qualifications Minimum of 5 years in a role focused on physical security systems design. Proven experience with CCTV, access control, and intrusion detection systems. Experience using CAD software and reading architectural drawings Experience using Bluebeam software Preferred Qualifications Bachelor's degree in Electrical Engineering, Computer Science, or related field; or equivalent experience in security systems. Ability to interpret security objectives, develop project schedules and manage adherence to established timetables. Familiarity with Genetec software is a plus. Proficiency in hardware troubleshooting and system diagnostics. Experience configuring security and network architecture in integrated security systems. Familiarity with current security technology trends and innovations. Certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly desirable. Excellent problem-solving abilities and attention to detail. Strong communication skills for effective collaboration with team members and stakeholders. Ability to work under pressure in a dynamic environment on highly condensed timelines. Regular sitting at a desk or computer for extended periods, typing and writing. Occasionally walking, around the facility and standing. xAI is an equal opportunity employer. For details on data processing, view our Recruitment Privacy Notice.