Security engineer jobs in Cranston, RI - 372 jobs

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Basic Qualifications Requires a Bachelor's degree in Systems Engineering, or a related Science, Engineering, Technology or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package ***Please note you will be onsite 100%. Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $112,924.00 - USD $125,275.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you're a close but not exact match with the description, we hope you'll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny. As a Lead Security Engineer, you'll be a vital part of the Infrastructure Security Team, focusing on strengthening the security posture across Klaviyo's entire technology environment, developing security architectures and repeatable patterns and mentoring colleagues and junior security engineers. Unlike roles with a narrowly defined specialty, this position offers the opportunity to demonstrate your unique expertise-whether that's in cloud security, identity and access management, data protection, secure systems design, or other security domains. Your work will involve evaluating and hardening our infrastructure, collaborating with cross-functional teams, and leveraging AI to build scalable solutions to address emerging threats. We are looking for someone who is excited to bring their specialized skills to the team, shaping Klaviyo's security practices and helping us continue to raise the bar. How You Will Make a Difference Secure Klaviyo's infrastructure by designing, implementing, and maintaining scalable security controls across cloud, on-prem, and hybrid environments Evaluate and improve security configurations and policies across a range of technologies, using your domain expertise to reduce risk and enable secure-by-default architectures Collaborate with engineering and IT teams to embed security practices and develop repeatable security patterns across the development and deployment lifecycle Lead threat modeling, risk assessments, and architecture reviews in areas aligned with your specialty Develop automated solutions and infrastructure-as-code to drive consistent and reproducible security outcomes Stay ahead of the latest threats and advocate for innovative security solutions aligned with business needs Help define security standards and best practices at Klaviyo, championing their adoption across teams Who You Are Have 5+ years of experience in infrastructure or security engineering roles, with deep knowledge in one or more security focus areas (e.g., cloud security, IAM, endpoint security, data protection, detection engineering, compliance) Comfortable navigating ambiguity and defining priorities in a broad-scoped role Experienced working in modern cloud environments such as AWS, GCP, or Azure Familiar with infrastructure-as-code tools such as Terraform, CloudFormation, or Pulumi Proficient in secure systems design, threat modeling, and vulnerability management AI Agentic development and prompt engineering, MCP (AWS Bedrock, OpenAI, Anthropic) Able to clearly articulate complex security topics to technical and non-technical stakeholders Passionate about security, eager to learn from others and share your expertise Nice to have - certifications (e.g., CISSP, CKS, GCP/AWS Security certs) or equivalent practical experience We use Covey as part of our hiring and / or promotional process. For jobs or candidates in NYC, certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on April 3, 2025. Please see the independent bias audit report covering our use of Covey here Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Our salary range reflects the cost of labor across various U.S. geographic markets. The range displayed below reflects the minimum and maximum target salaries for the position across all our US locations. The base salary offered for this position is determined by several factors, including the applicant's job-related skills, relevant experience, education or training, and work location. In addition to base salary, our total compensation package may include participation in the company's annual cash bonus plan, variable compensation (OTE) for sales and customer success roles, equity, sign-on payments, and a comprehensive range of health, welfare, and wellbeing benefits based on eligibility. Your recruiter can provide more details about the specific salary/OTE range for your preferred location during the hiring process. Base Pay Range For US Locations:$175,200-$262,800 USD Get to Know Klaviyo We're Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we're developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators-ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you're ready to do the best work of your career, where you'll be welcomed as your whole self from day one and supported with generous benefits, we hope you'll join us. AI fluency at Klaviyo includes responsible use of AI (including privacy, security, bias awareness, and human-in-the-loop). We provide accommodations as needed. By participating in Klaviyo's interview process, you acknowledge that you have read, understood, and will adhere to our Guidelines for using AI in the Klaviyo interview Process. For more information about how we process your personal data, see our Job Applicant Privacy Notice. Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law. IMPORTANT NOTICE: Our company takes the security and privacy of job applicants very seriously. We will never ask for payment, bank details, or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com), instant messaging platforms, or unsolicited calls. By clicking "Submit Application" you consent to Klaviyo processing your Personal Data in accordance with our Job Applicant Privacy Notice. If you do not wish for Klaviyo to process your Personal Data, please do not submit an application. You can find our Job Applicant Privacy Notice here and here (FR).

Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Charlotte, North Carolina; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (*********************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the security resilience of the bank's applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. These individuals are expected to perform application security-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated source code. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior. + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing to identify high-value vulnerabilities/chained attacks. + Developing Proof-of-concepts for exploitation. + Perform assessments of the security, effectiveness, and practicality of multiple technology systems. + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications. + Provide clear and practical advice regarding managing risks. + Learn and develop advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills. + Respond to security incidents and provide technical assistance to leadership across the Information Security organization. Required Skills: + **Minimum of 5+ years of** **professional** **pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment** + Detailed technical knowledge in at least 5 of the following areas: + security engineering + application architecture + authentication and security protocols + application session management + applied cryptography + common communication protocols + mobile frameworks + single sign-on technologies + exploit automation platforms + Web APIs + Cloud environments + LLM security + Mobile application analysis + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with DAST and SAST tools to identify vulnerabilities + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques. + Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction + Threat Analysis, threat modelling and SBOM analysis + Innovative thinking, threat actor simulation + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/All Practitioner Certs [Port Swigger BSP Academy]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester Academy] + Strong programming/scripting skills + Frida + Binary analysis (disassembly skills) **Skills:** + Advisory + Innovative Thinking + Technical Documentation + Technology System Assessment + Threat Analysis + Adaptability + Collaboration + Scenario Planning and Analysis + Test Engineering + Written Communications + Attention to Detail + Information Systems Management + Issue Management + Presentation Skills + Prioritization This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Job DescriptionAt WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. WHOOP is seeking a Senior Information Security Engineer to serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users' biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies. RESPONSIBILITIES: Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness. Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role. Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements. Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling. Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance. Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance. Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows. Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization. Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies. Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes. QUALIFICATIONS: Bachelor's degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.). 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity. Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG). Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools. Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems. Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices. Demonstrated leadership in security incident response, investigations, and root cause analysis. Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences. Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment. Experience mentoring engineers and setting operational standards. Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws) is a plus. Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success. The U.S. base salary range for this full-time position is $150,000 - $190,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements. Learn more about WHOOP.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance Type: Secret - Current Security Clearance Status: Active and existing security clearance required on day 1 At Raytheon, the foundation of everything we do is rooted in our values and a higher calling - to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today's mission and stay ahead of tomorrow's threat. Our team solves tough, meaningful problems that create a safer, more secure world. Raytheon is seeking a well-qualified Systems Security Engineer II (P2) to join our elite Systems Security Engineering (SSE) team for the Systems Directorate in developing solutions to protect the Warfighter's technology advantage. Systems Security Engineering creates holistic security solutions leveraging Cyber Security, Software Assurance and Supply Chain Risk Management to support Program Protection Implementation on embedded weapons systems. Join our highly visible team and perform technically challenging assignments, which will directly contribute to protecting our nation and our Warfighters. This is an onsite position at Raytheon in Portsmouth, RI. What You Will Do Support the development of cybersecurity requirements, design and architecture artifacts, plans, and policies. Support security development and test efforts implementation of security controls of networking devices, databases, operating systems, and hardware and software component Implement proper cybersecurity controls Integrate cybersecurity development activities Qualifications You Must Have Typically requires a Bachelor's Degree in Science, Technology, Engineering or Mathematics (STEM) and 2 years of prior relevant experience Active and transferable U.S. government issued Secret security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Experience working in the Naval industry Qualifications We Prefer Experience in Cybersecurity Engineering Usage of information security toolsets including anti-virus, Vulnerability Assessment, HIDS/ NIDS. host-based or endpoint security solutions, Multi-Factor Authentication (MFA), and Security Incident and Event Management (SIEM) and centralized auditing tools familiarity with splunk is preferred Linux Bash scripting or Python scripting experience Experience with National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) DoDI 8570.01-M IAT Level-II Compliant Certification (e.g. Security+, CISSP, or equivalent) Security systems engineering involving various computer hardware and software S/W operating system and application solutions in both a stand-alone and in LAN/WAN configurations Experience with IT and/or network and system security administration, including operating system security configuration and account management best practices for UNIX, MS Windows, Red Hat Enterprise Linux, and CISCO systems What We Offer Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Trust, Respect, Accountability, Collaboration, and Innovation Relocation Eligible - Relocation assistance is available As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 68,900 USD - 131,100 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Information Security Data Analyst Large Banking Client Duration: 6+ month contract; Strong potential for extension / full time hire Our client in the banking industry is seeking a Data Analyst to join the Information Security & Risk team. This role will focus on data protection, compliance, and security analytics, ensuring sensitive information is safeguarded across systems and processes. The position offers an opportunity to contribute to risk mitigation, regulatory adherence, and the development of robust data security controls in a dynamic financial services environment. Responsibilities * Monitor, analyze, and report on data security events and potential data loss incidents * Collect, validate, and analyze data from multiple sources to ensure accuracy and integrity * Develop and maintain dashboards for security metrics using Power BI and AWS QuickSight * Execute queries to identify anomalies, trends, and potential vulnerabilities in data flows * Implement and enforce Data Loss Prevention (DLP) rules and policies across systems * Conduct testing and validation of DLP rules to ensure accuracy and effectiveness * Manage website whitelisting processes to support secure business operations * Support compliance with regulatory standards and internal security frameworks * Collaborate with security, risk, and IT teams to design and optimize data protection strategies * Communicate findings and actionable recommendations to leadership and stakeholders Required Experience * Minimum 3+ years of experience in data analytics with a focus on security or compliance * Strong understanding of data protection principles, DLP tools, and regulatory frameworks * Hands-on experience implementing and testing DLP rules and security controls * Proficiency in SQL Server for query writing and data validation * Dashboarding experience with Power BI and AWS QuickSight * Working knowledge of Python for automation and data analysis * Familiarity with security monitoring tools and incident response processes * Prior experience in financial services, preferably banking or fintech Desired Experience * Exposure to DLP solutions (e.g., Purview, Netskope) * Experience with identity and access management concepts * Understanding of data classification and encryption standards Soft Skills * Strong communication skills to engage leadership and cross-functional teams * Detail-oriented with a proactive approach to risk identification * Ability to work in a fast-paced, compliance-driven environment * Apex Benefits Overview * Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a retirement plan (401k or local country equivalent) program. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. * · EEO Employer * Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or ************. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click here for more details. Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. Employee Type: Contract Remote: Yes Location: Boston, MA, US Job Type: Date Posted: November 18, 2025 Pay Range: $45 - $60 per hour Similar Jobs * Information Systems Security Officer * Information Security Analyst - IAM / CyberArk * Information Systems Analyst * L2 Cyber Security Analyst * Network Security Analyst III

Job Description ! *This position must work out of Madison, WI or Boston, MA areas and be willing to work 10 days onsite per month Primary Responsibilities: • Develops, integrates, and tests cyber products. • Researches, engineers, and integrates new security solutions. Performs cyber defense incident triage, including determining scope, urgency, and potential impact, identifying the specific vulnerability. • Builds strong relationships with Peers across functions through collaborative engineering operations and initiatives. • Designs and implements automated solutions to enable security needs. • Designs and develops system-security measures to ensure cybersecurity is fully integrated. Validates current and future-state architectural models to assess impact across all cybersecurity technology systems. • Develops enterprise tools and applications to manage access to enterprise data, systems and resources. • Analyzes security access risk gaps and recommends mitigating and compensating security controls. Specialized Knowledge & Skills Requirements • Python programming with experience in audit/compliance • Interest in and experience with data analysis. • XSOAR experience desired. AE Business Solutions is an Equal Opportunity Employer

We are seeking a detail-oriented and highly skilled Security Analyst to join our team in Boston and shape the future of Cybersecurity. As a Security Analyst at 7AI, you will leverage your expertise of the security landscape to review and analyze AI Agent investigations, ensuring accuracy and completeness, ultimately helping to build our multi-agent platform. You will be integral in building and maintaining the reliability of our AI Agents, working in tandem with Engineering and Product to inform our roadmap as we build. If you want to build the next generation of Cybersecurity and put AI in the hands of defenders, please apply below. Key Responsibilities: Review and validate alerts and investigations completed by the AI Agents for accuracy and completeness. Collaborate with the Engineering and Product teams to provide feedback and assist in optimizing the AI platform. Develop internal playbooks, standard operating procedures and tools that will guide the AI Agents to perform quality investigations. Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks. Investigate flagged security incidents, analyzing potential threats and confirming the findings generated by AI. Recommend mitigation strategies and remediation steps to train the AI to reduce the threat surface. Correlate findings from multiple sources, including network logs, endpoint data, and threat intelligence, to validate AI-generated reports. Assist with ongoing threat monitoring, triage, and prioritization of security incidents. Required Qualifications: 4+ years of experience in a Security Analyst or similar role within the cybersecurity field. Hands-on experience with incident response for Cloud and Identity alerts, and at least two of Email, EDR, Threat Intel and Networking alerts. Strong understanding of security monitoring tools and techniques (SIEM, IDS/IPS, IDP, etc.). Experience analyzing and investigating security alerts from multiple sources, including intrusion detection systems, network monitoring tools, and endpoint protection platforms. Familiarity with the latest cybersecurity threats, attack vectors, and vulnerabilities. Strong analytical and problem-solving skills, with the ability to verify AI-driven analysis and make independent security decisions. Scripting experience with languages such as Python Data querying experience with SIEM technologies (SPL, KQL, FQL, SQL, etc).

Job Description At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care. One mission. One team. That's OneStudyTeam. We are seeking a Senior Security Compliance Analyst with expertise in Governance, Risk, and Compliance (GRC) to support and enhance our security and compliance programs within the healthcare industry. This role is critical in ensuring adherence to industry regulations, responding to customer audits, and maintaining compliance with ISO 27001, HIPAA, and other security frameworks. The ideal candidate will be a detail-oriented compliance expert who can navigate complex regulatory environments, assist with internal/external audits, and drive continuous improvement in security governance. The ideal candidate must be able to operate independently while delivering on the following duties. What You'll Be Working On: Lead and support customer security audits, responding to security questionnaires and demonstrating compliance with security frameworks. Prepare, coordinate, and manage ISO 27001 audits, including evidence collection, control implementation, and auditor engagement. Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory requirements applicable to healthcare data security. Develop and maintain policies, procedures, and security documentation to meet regulatory and contractual obligations. Perform gap analyses and risk assessments to identify and remediate compliance risks. Manage and improve security governance frameworks, ensuring alignment with industry best practices and business objectives. Conduct third-party vendor risk assessments, ensuring compliance with security policies and contractual obligations. Monitor security controls, ensuring effectiveness and continuous improvement in alignment with security frameworks. Support security awareness training initiatives, ensuring employees understand compliance responsibilities. Stay current on ISO 27001, HIPAA, NIST 800-53, and other relevant standards, translating them into actionable security controls. Assist in defining security metrics and reporting on compliance status and risk posture to leadership. Work closely with legal, security, IT, and business teams to align compliance requirements with security operations. What You'll Bring to OneStudyTeam: Bachelor's degree in Information Security, Computer Science, Risk Management, or related field (or equivalent experience). 8+ years of progressive experience in GRC, compliance, or security audit roles. Experience in healthcare or regulated industries strongly preferred. Certifications strongly preferred: ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CISA, HITRUST CCSFP, CRISC. Experience leading ISO 27001, SOC2, or HITRUST audits, including ISMS implementation and external audit coordination. Strong understanding of NIST CSF, SOC 2, GDPR, and other security frameworks. Hands-on experience with customer security audits, including responding to security questionnaires and managing security assessments. Ability to perform risk assessments, policy reviews, and compliance gap analyses. Strong written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders. Detail-oriented with excellent organizational and project management skills. Ability to work independently and collaboratively in a remote environment. Familiarity with GRC tools (e.g., OneTrust, LogicGate, Archer, Vanta, Drata) is a plus. We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status. Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization. As a condition of employment, you will abide by all organizational security and privacy policies. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).

Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. It's a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too. Foley & Lardner LLP is currently seeking a Senior Security Engineer to join the Architecture team in our Information Security department. The Senior Security Engineer is responsible for engineering and implementing solutions to enhance the Firm's security infrastructure, collaborating with the Information Security team, internal IT, and business units. This role focuses on securing cloud-based environments through initiatives such as Cloud Security Posture Management (CSPM), DevSecOps practices (e.g., automated security testing in CI/CD pipelines), Identity and Access Management (IAM/IDM) administration, and participation in Information Security Architecture reviews. Key responsibilities include implementing and maintaining robust security controls for technology infrastructure and cloud platforms, while ensuring secure integration of emerging technologies, including AI systems. The role also serves as an escalation resource for the Information Security Operations team, providing advanced expertise and support. As part of a small team, you will provide security guidance for the technology environment, aiming to mature the security control framework, develop tailored solutions for cloud workloads, and enhance overall security posture. You will act as a security advocate, advising key stakeholders on technology risk management and balancing security with business needs through effective mitigation strategies, ensuring safe adoption of cloud and related technologies. Responsibilities * Work in active partnership with key stakeholders to perform security architecture risk reviews. * Develop and implement advanced-level Cloud Security solutions. * Support and advance the overall Information Security technology roadmap. * Provide recommendations for advancing the Information Security program, security policies, and security control standards to enhance operational practices. * Create and maintain Information Security standards applicable to all technologies in the portfolio. * Provide requirement, guidance, and vision to the vendor community to cultivate the appropriate combination of technology and feature capabilities to meet current and future security requirements. * Execute on infrastructure threat and vulnerability management processes. * Ensure security systems are upgraded by monitoring security environment, identifying security gaps and evaluating and implementing enhancements. * Define, develop and maintain metrics and measurements for information security controls and processes. * Respond to security-related issues, problems, crises, and critical situations to support resolution and minimize downtime. * Act as a senior-level point of contact for incident investigations and minor security events (e.g., unauthorized access, non-compliance with Firm policies, fraud, service disruptions, etc.) to determine malfunctions, breaches, and remediation steps. * Responsible for Information Security technology selection process to include requirements consolidation into RFI/RFP/RFQ, testing, POC, selection and deployment. * Support audits against internal and industry process, quality, and security standards; drive initiatives and remediation efforts to correct non-conformance. * Provide Information Security consulting on security related issues. * Collaborate with peers to identify and implement improvement initiatives across the Firm, processes and toolsets. * Manage multiple, parallel projects using formal project planning techniques. * Ability to work evening and weekend hours as needed or directed. Some travel may be required. Qualifications * High School Diploma or equivalent required; Associate's Degree or Bachelor's Degree preferably in Engineering, Information Technology, Computer Science, or similar strongly preferred * Minimum of five (5) years in a professional technical Information Technology role required * Minimum of three (3) years of hands-on experience in Information Security with Cloud Security exposure required * Specialized Cloud Security certification(s), CISSP, Microsoft Azure AZ-104 & AZ-500, CCSP, CCSK, or CPT/CEH desired * SailPoint Identity and Access Management (IAM/IDM) vendor-specific certification(s) desired #LI-Hybrid In support of transparency and equity in the workplace, Foley provides salary ranges for all positions. The figures below represent the full compensation range of this position. The actual offered amount will be between the range minimum and midpoint based on the following factors: education, experience, geographic market, and internal pay equity at Foley.Chicago - $111,500 to $167,300

Winner of the Best and Brightest Companies to Work for in Boston and in the Nation by the National Association for Business Resources (NABR) for the third consecutive year. Own the Security. Protect the Mission. At HFI , security is core to the trust we earn every day. We're hiring an Information Systems Security Engineer (ISSE) to lead, strengthen, and continuously evolve our enterprise security program protecting sensitive healthcare data while enabling our business to move fast and safely. This is a hands-on, high-visibility role for a security leader who thrives at the intersection of cyber defense, healthcare compliance, and strategic influence . What You'll Do: Own and evolve HFI's information security strategy, aligning with business goals and industry best practices. Design, implement, and manage security operations across networks, systems, applications, and data. Lead incident response, threat detection, vulnerability management, and forensic investigations. Ensure compliance with HIPAA, HITECH, HITRUST, ISO 27001, SOC 2, and client security requirements. Evaluate and respond to client security assessments, audits, and contractual obligations. Manage third-party risk, penetration testing, and remediation efforts. Translate security risk into clear, actionable insights for executive leadership. Champion a culture of security through training, awareness, and accountability. Serve as a security advisor and thought leader across projects with privacy or risk implications. Collaborate with Infrastructure to mature and optimize cybersecurity tooling and controls. What You Bring Required Bachelor's degree or equivalent practical experience. 5+ years in IT Infrastructure and/or Information Security. 5+ years of hands-on cybersecurity experience (incident response, vulnerability management, cloud or application security, forensics, etc.). CISSP or equivalent security certification. Hands-on experience with Fortinet security solutions, including firewall configuration, monitoring, and policy management, is highly desirable. Proven experience building and managing enterprise-level security programs. Strong knowledge of: Network, application, cloud, and endpoint security. AWS, Microsoft 365, Active Directory, private cloud environments. Risk management frameworks and compliance standards. Experience leading security incidents end-to-end. Ability to clearly communicate complex security topics to both technical and non-technical audiences. Curiosity, adaptability, and a continuous-learning mindset. Nice to Have Threat intelligence, attack simulation, and red/blue team experience. IAM, PIM, and PAM implementation experience. Vulnerability management and remediation expertise. Familiarity with scripting and automation (Python, PowerShell). Experience analyzing network, application, and system telemetry. Strong documentation and reporting skills. Why HFI? Make a real impact protecting healthcare data and client trust. Own and shape a security program not just tickets and tools. Partner with engaged leadership who values security as a business enabler. Work in a collaborative, mission-driven environment that values expertise and accountability. At this time, HFI will not sponsor a new applicant for employment authorization or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, or another type of work authorization). Our Massachusetts based annual salary for this role ranges from $110,000-$120,000. The salary range does not reflect total compensation which includes base salary, benefits and other options. EEO Statement HFI is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. HFI is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions are based on business needs, job requirements and individual qualifications, without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. HFI will not tolerate discrimination or harassment based on any of these characteristics. HFI encourages applicants of all ages.

Title: Senior Security Engineer Type: Full‑time exempt, 50 hours per week Compensation: $112.5K-$155K* + 15% bonus + Full Benefits day one Who Are We We are fiercely disrupting the concept of automobile ownership. Flexcar is on a mission to replace car ownership for the majority of car owners. We are currently operational in 4 markets and continuing to grow. Our goal is to offer a flexible alternative to car ownership that puts our members in the driver's seat of their budget and their vehicle. Flexcar covers all maintenance costs, insurance costs, registration costs, and more, to provide the flexible ownership alternative that is simple and seamless for our members. Flexcar empowers all walks of life to have the flexibility of a car of their own without the hassles of traditional car ownership. Role Overview Flexcar is seeking a dedicated Security Engineer as an individual contributor responsible for safeguarding a broad attack surface that includes Flexcar's web and mobile applications, physical locations, and its remote team members. This is a highly collaborative role that will require working across all facets of the Flexcar organization. You will be expected to champion the development and implementation of proactive defense measures across the entire organization, collaborating across multiple teams to maintain our high security standards, and educating members of the organization in the realms of general security awareness as well as best practices when it comes to delivering software. This role requires a candidate who is a self‑starter and capable of managing multiple requests from various teams within the Flexcar organization. Key Requirements Web Application Security Hands‑on experience with managing a Web Application Firewall, including the creation of custom rules, rate limiting, and managing vendor rulesets. Must understand the current OWASP Top 10 and demonstrate the ability to educate others on how to identify and mitigate associated risks. Must have experience with deploying and managing defensive measures, aka “Blue Teaming”. Must have experience organizing and managing third‑party penetration tests and ensuring that all findings are addressed in a timely manner. Hands‑on experience with threat modeling. Experience leading tabletop sessions with members of the engineering team as well as non‑technical members of the organization. Demonstrated ability to conduct Open‑Source Intelligence (OSINT) against the organization and its resources. Demonstrated ability to conduct internal offensive security campaigns against Flexcar's web application and the organization itself. Secure Infrastructure & Tooling Experience creating CI/CD workflows and utilizing open‑source security tools. Experience with static analysis tools for code, dependencies, and container images. Familiarity with AWS security tools and resources. Familiarity with Terraform. Experience with hardening Microsoft Entra (Azure AD) and O365. Proven experience with Identity and Access Management. Experience with administration of common Managed Detection and Response (MDR) solutions. Hands‑on experience with scripting languages like Python. Incident Management Proven ability to serve as a Security Incident Commander. Ability to use the tools available for leading forensic analyses and guiding investigative efforts. Demonstrated ability to conduct threat hunting based on new threats as they are discovered or disclosed by the larger security community. Governance, Risk, and Compliance Familiarity with maintaining compliance with frameworks such as PCI, CCPA, and US Data Privacy. Familiarity with compliance automation platforms. Experience creating and maintaining foundational security policies. Ability to manage Flexcar's third‑party vendor assessment process. Ability to create both general security awareness content for the organization as well as targeted training for a variety of individual teams. What Tops Off the Tank Rest & Relax! Flexible Paid Time Off and Sick Time Save for Your Future! 401(k) with company match from day one of hire Benefits: Excellent, low‑cost healthcare coverage including medical, dental, vision, eligibility day one Drive a Flexcar! Discounted employee rate on Flexcar products and no annual membership fee Weekly Pay and other amazing perks! *Actual compensation will vary depending on geographic location, job‑related knowledge, skills, experience, and market conditions. Disclaimer This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended at any time at the sole discretion of the Employer. Flexcar is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. Flexcar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. #J-18808-Ljbffr

Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Charlotte, North Carolina; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (**************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the vulnerability of the bank's applications to malicious hacking activity. This intermediate technical role is responsible for performing application security assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include performing research, understanding the bank's security policies, working with the appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing + Perform assessments of the security, effectiveness, and practicality of multiple technology systems + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications + Provide clear and practical advice regarding managed risks + Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills Required Skills: + **Minimum of 4 years of** **professional** **pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment** + Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services + SQL injection/XSS attack without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with SAST tools to identify vulnerabilities + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques + Solid programming/debugging skills + Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map + Threat Analysis + Innovative Thinking + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar + Strong programming/scripting skills + Mobile application analysis + Frida + Binary analysis (disassembly skills) **Skills:** + Advisory + Innovative Thinking + Technical Documentation + Technology System Assessment + Threat Analysis + Adaptability + Collaboration + Executive Presence + Scenario Planning and Analysis + Test Engineering + Controls Management + Information Systems Management + Issue Management + Mentoring + Presentation Skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Basic Qualifications RRequires a Bachelor's degree in Systems Engineering, or a related Science, Engineering, Technology or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibilityrequirements for access to classified information. Due to the nature of work performed within our facilities, U.S.citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package #CJ3 Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $124,397.00 - USD $138,003.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. WHOOP is seeking a Senior Information Security Engineer to serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users' biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies. RESPONSIBILITIES: Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness. Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role. Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements. Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling. Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance. Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance. Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows. Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization. Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies. Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes. QUALIFICATIONS: Bachelor's degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.). 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity. Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG). Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools. Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems. Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices. Demonstrated leadership in security incident response, investigations, and root cause analysis. Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences. Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment. Experience mentoring engineers and setting operational standards. Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws) is a plus. Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success. The U.S. base salary range for this full-time position is $150,000 - $190,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements. Learn more about WHOOP.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00