Security engineer jobs in Duluth, MN

We are looking for a Security Engineer to join a growing team. You help protect cloud environments, tighten controls, and support daily security operations. The team handles core protection, detection, and response across the enterprise. The role calls for someone who can own work, guide others, stay calm under pressure, and partner with IT, app teams, and leadership to strengthen the cloud posture and reduce risk. Key Responsibilities Support daily security operations, including log review, incident response, and coordination with a vendor SOC. Lead and assist with security projects across the business, including cloud security, endpoint security, and network security efforts. Support SDWAN rollout efforts with Fortinet tools. Help mentor junior engineers and support team growth. Recommend tools and process improvements to strengthen the security posture. Required Skills 3+ years' experience with the Microsoft security stack, including Defender, Entra, and/or Sentinel. Hands-on experience with Windows 10/11 Enterprise and Intune. Understanding of conditional access and identity controls within EntraID. Experience with Fortinet technologies, including Fortigate and Fortigate SDWAN. Experience with vulnerability management tools. Ability to stay calm and effective during high pressure security events. Self-starter with strong collaboration habits. Preferred Skills Cisco Secure Workload or micro-segmentation experience, including Cisco ICE. Experience rolling out new security offerings or tools. Any Azure certifications such as AZ-900, AZ-200, or AZ-500. Exposure to OT security tooling. Team & Culture The team offers autonomy, trust, and room to grow. Engineers help shape tools, practices, and direction. The environment supports ownership and ongoing development without heavy bureaucracy. The organization follows security frameworks and guidelines with established processes, though not a rigid formal policy structure.

Company Information Founded in 2002, Jefferson Capital (NASDAQ: JCAP) is an analytically driven purchaser and servicer of delinquent consumer accounts. With over two decades of experience in the consumer finance industry, we partner with major banks, auto lenders, fintech platforms, credit card issuers, utilities, and telecommunication companies. Headquartered in Minneapolis, MN, with multiple offices in the U.S., Canada, Colombia, and the U.K., Jefferson Capital maintains a global presence focused on delivering compliant, data-backed solutions. Our commitment to integrity, respect, and fairness is central to how we operate, helping hundreds of thousands of consumers regain financial stability while protecting creditor interests. We are a solutions provider focused on innovative, compliant, and ethically grounded performance that focuses first on listening to the clients and consumers with whom we partner and serve. Job Summary Jefferson Capital Systems is seeking candidates for an Information Cybersecurity Manager. In today's ever-growing threat landscape, you will be an integral member of the IT Team providing security concepts and best practices throughout multiple Business Lines, IT, InfoSec, and DevOps across multiple locations/geographies. He/She will play a significant role in maintaining industry certifications and collaborating on new business or technology initiatives and ensuring the protection of the data entrusted to us. What does a typical day look like? Oversee and participate in day-to-day operations of the IT/Info Sec department by training, coaching, communicating expectations and developing personal growth of employees Work with senior and peer IT Management to develop short- and long-term plans consistent with company objectives Maintain and strengthen IT Security initiatives including ISO 27001, Risk Management, Cloud Security, GDPR, Business Continuity & Disaster Recovery, Asset and Data Classification, and System Hardening Leverage security tools such as SIEM, EDR, Vulnerability scanners to monitor and secure our environments Assist with the planning, execution, evidence gathering, and remediation of internal/external audits and compliance activities, such as Penetration Tests, Client Security Questionnaires, IT Compliance Audits Maintain internal/external compliance against information security policies and procedures by completing internal control reviews and risk assessments. This includes identifying and communicating control gaps, proposing action plans for remediation, and reporting on the completion of tasks Participate/ensure security controls and best practices are available and maintained in DevOps Facilitate internal phishing campaigns, security announcements, security awareness trainings, and security exception processes Assist in maturing the overall IT/Cyber Security programs while aligning with security frameworks What qualifications are required for this position? 5 plus years' experience in IT, Information Cybersecurity and/or related Technology fields Functional knowledge of Security Frameworks such as ISO 27001, PCI, SANS, NIST, CIS, GDPR, OWASP Top 10 Working experience of creating and maintaining operational effectiveness of IT Controls In-depth understanding of security tools such as vulnerability scanning, firewalls, IDS/IPS, patch management, EDR, and SIEM Hands-on experience with security tools, conducting security audits, and performing security investigations Strong communication skills and the ability to be influential through both written and verbal interactions with a variety of audiences Proven ability to work independently and as a member of a team Ability to maintain productivity while multi-tasking in a fast-paced environment Industry accepted Information Security Certifications are a plus! Why join us? At Jefferson Capital, we're committed to supporting your career growth every step of the way. We offer full support and career development resources to help you expand your skills, enhance your expertise, and reach your professional potential. You'll be part of a diverse and inclusive community where your voice is valued, and innovation is encouraged. Our generous rewards plan covers health, financial well-being, work/life balance, and career benefits, ensuring that you're supported both personally and professionally. Ready to lead with us? Apply now to be part of a team that's committed to making work better for everyone! Jefferson Capital is proud to be an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, political affiliation, or any other legally protected status. Final candidates will be subject to background checks, which may include criminal, credit, and professional reference verifications, in accordance with applicable laws and regulations. Jefferson Capital is committed to providing reasonable accommodation for individuals with disabilities throughout the recruitment process. If you require accommodation, please contact our Human Resources Team at **************. We thank all applicants for their interest in this opportunity. Please note that only those selected for an interview will be contacted.

Are you looking to work for a company that provides an innovative work environment, and your voice is heard? We are looking for a Network Engineer to work ONSITE role and preferred location is McConnellsburg, PA, but the selected candidate can also sit in Orlando, FL or Oshkosh, WI (corporate).This is a direct hire opportunity The Network Engineer will be responsible for service delivery support and project deliverables within the global infrastructure network environment supporting an $8 billion dollar Fortune 500 company. This role will identify gaps, needs, and lead improvement efforts to improve service delivery. This role will be considered a subject matter expert (SME) in one or more key technologies under the networking domain. It is expected that this role will operate independently, solve complex problems, and fulfill requests with minimal supervision. Within the technical analyst roles, team members will support a wide variety of departments and disciples which will include: Data Network (Cisco, Palo Alto, F5, SolarWinds) Server YOUR IMPACT These duties are not meant to be all-inclusive and other duties may be assigned. Responsible for supporting Palo-Alto technologies including Firewall, Panorama, Global Protect VPN, URL-Filtering, IoT Security, PRISMA, and others. Also responsible for supporting Cisco technologies including switching, routing (including SD-WAN), Cisco Client for 802.1X and TACACS, DNA Center, Wireless, ACI, and others. Responsible for supporting ongoing medium to high complexity maintenance, Run-the-Business (RTB) support, and Incident Service Requests of the assigned global infrastructure area. Provide solutions for both RTB and project efforts of medium to high complexity. Serve as a project resource on application and infrastructure project efforts representing functional capabilities. Assist with gathering requirements, creating recommendations, and implementing solutions to meet the project requirements. Provide knowledge sharing, as recognized SME, in efforts such as writing complex knowledge articles, relationship development with other Information Technology (IT) staff, mentoring, and job shadowing. Your Skills And Expertise Three (3) or more years of experience in Information Technology, or in a related area. Experience with supporting services like DNS and DHCP along with familiarity with Cisco technologies such as wireless routing and potentially Cisco ICE or DNA. Ability to travel 15% +/- Standout Qualifications Cisco, Palo Alto and/or cloud certifications related to network technologies (CCNA, CNNP, or CCIE), ITIL Foundation Certification, Network A+ Certification, or other industry-relevant certifications) Information Technology experience within the manufacturing industry. Demonstrated experience managing enterprise level networks. Documented experience developing network diagrams and drawings using Microsoft Visio Ability to effectively communicate. Ability to work in a team environment. Strong organizational skills with exceptional follow through and attention to detail. Strong time-management and prioritization skills, able to multi-task and prioritize competing requirements and meet deadlines. Ability to work in a fast-paced environment where requirements are constantly changing. Experience and proficiency with various web-based software applications including Microsoft Office Word, Excel, PowerPoint, SharePoint, etc.

The Lead Security Engineer position is part of the Information Technology team, reporting directly to the Manager, Information Security. The focus of this role is to design, implement, and maintain advanced security solutions that protect the confidentiality, integrity, and availability of Cirrus digital assets. This role requires deep technical expertise in Microsoft technologies, cybersecurity engineering, and enterprise security architecture, as well as the ability to mentor Security analysts and partner with IT teams on secure system design and operations. Duties and Responsibilities/Essential Functions * Design, implement, and maintain enterprise security controls across Microsoft environments, including Azure, Entra ID (Azure AD), Microsoft 365, Microsoft Defender, and Windows Server platforms. * Lead incident response activities, including investigation, containment, eradication, and recovery, as well as post-incident lessons learned. * Analyze security events and alerts from IDS/IPS, SIEM, EDR/XDR, vulnerability scanners, and Microsoft security tools to identify and mitigate threats. * Develop and implement security hardening baselines, patch management processes, and secure configuration standards for Microsoft platforms and hybrid environments. * Collaborate with IT and business stakeholders to design secure solutions, ensuring security requirements are integrated into Windows, Active Directory/Entra ID, Azure, and Microsoft 365 systems. * Conduct threat modeling and risk assessments, making recommendations for risk treatment and mitigation strategies. * Oversee vulnerability management program, including regular assessments, prioritization, and remediation validation. * Create strategies to mitigate risks and ensure compliance with relevant laws and regulations * Focus on continuous improvement to stay updated on cybersecurity trends and emerging threats to enhance security measures. * Provide mentorship and technical guidance to Information Security Analysts and IT staff. * Assist in the development and enforcement of security policies, standards, and procedures, with specific emphasis on Microsoft platforms. * Stay current with emerging threats, vulnerabilities, and security technologies; recommend improvements to strengthen the security posture * Regular, reliable, and predictable attendance Qualifications: To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. * Bachelor's degree in Information Security, Computer Science, Information Systems, or equivalent combination of education and experience. * 7+ years of progressive experience in information security, engineering, or related IT disciplines. * Advanced knowledge of Microsoft technologies, including Azure, Entra ID (Azure AD), Office 365, Microsoft Defender suite, and Windows Server. * Experience with SIEM, SOAR, EDR/XDR, vulnerability management, and forensic analysis tools, preferably integrated with Microsoft Sentinel and Defender. * Strong understanding of cloud platforms (Azure, AWS, Google Cloud) and securing hybrid infrastructures. * Relevant security certifications preferred: CISSP, CISM, OSCP, GIAC (GCIA, GCIH, GPEN), Microsoft Certified: Azure Security Engineer Associate, Microsoft 365 Security Administrator Associate, or equivalent. * Demonstrated expertise in incident response, malware analysis, and intrusion detection. * Proficiency with scripting/automation languages (PowerShell, Python, etc.) to enhance security operations. * In-depth knowledge of common frameworks and standards (NIST CSF, ISO 27001, CIS Controls, MITRE ATT&CK). * Proven ability to design and implement Zero Trust and defense-in-depth strategies. * Applies advanced knowledge of Microsoft security technologies and enterprise platforms to solve complex challenges. * Mentors and guides team members, builds trust, and fosters a culture of continuous improvement Competencies To perform the job successfully, an individual should demonstrate the following competencies: * Manages Complexity - Asks the right questions to accurately analyze situations, acquires data from multiple and diverse sources when solving problems, uncovers root causes to difficult problems, evaluates pros and cons, risks and benefits of different solution options. * Situational Adaptability - Picks up on situation cues and adjusts in the moment. Readily adapts personal, interpersonal, and leadership behavior. Understands that different situations may call for different approaches. Can act differently depending on the circumstance. * Optimizes Work Processes - Identifies and creates the processes necessary to get work done, Separates and combines activities into efficient workflow, Designs processes and procedures that allow managing from a distance, Seeks ways to improve processes, * Collaborates: Builds partnerships and works collaboratively with others to meet shared objectives. * Organizational Savvy: Maneuvers comfortably through complex policy, process, and people-related organizational dynamics. * Directs Work: Provides direction, delegates, and removes obstacles to get work done. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice. Work beyond 40 hours per week may be required. Cirrus is dedicated to a drug free work environment promoting equal employment opportunity. Qualified applicants will receive consideration for employment without regard to race, sex, national origin, color, age, disability, religion, pregnancy, veteran status, marital and family status, sexual orientation, receipt of public assistance, genetic information or any other characteristic protected by applicable law. Our Benefits: Cirrus provides a range of exciting benefits, including: * 401(k) Plan: Dollar-for-dollar match up to 5% after 90 days, with 100% vesting. * Employer-Paid Coverages: Group term life, short- and long-term disability insurance. * Comprehensive Health Coverage: Medical, vision, dental, with additional dependent coverage options. * Free Health Tracking: With rewards for meeting health goals. * Generous PTO: 120+ hours accrued within the first year. * Employee Referral Bonus: For referring talented candidates. * Career Development: Tuition reimbursement and professional growth opportunities. * Exclusive Discounts: Access to partner and marketplace discounts. * Community & Engagement: Company and employee clubs at various locations. These benefits are designed to support your well-being, growth, and enjoyment at Cirrus!

As the Cloud Security Engineer II, you will help define and implement what "secure" looks like across Best Buy's cloud environments. You'll partner closely with cloud operations and engineering teams to assess risk, develop controls, and enhance cloud security capabilities across the organization. This role is a great fit for someone with a strong technical foundation and a passion for security who's ready to make an impact in a highly collaborative environment. If you enjoy being on the front lines of cloud innovation and risk management, this opportunity will keep you challenged and engaged. This role is hybrid, which means you will be required to work some days on-site at the Best Buy location listed on this posting and some days virtually from home or other non-Best Buy location. The specific work arrangements vary by role and team. The recruiter or hiring manager will provide more details during the hiring process. What you'll do * Act as a subject matter expert in cloud security within Best Buy's Enterprise Risk and Compliance (ERC) Organization * Partner and collaborate with AWS, Azure, and GCP Cloud Platform Teams across multiple business units * Analyze cloud infrastructure changes to identify risks and propose mitigation strategies * Support large scale application migration and modernization into AWS by defining security requirements and cloud architecture patterns * Conduct penetration testing and security research on cloud and container platforms * Apply threat modeling techniques to assess and reduce security risks * Develop policy-as-code, infrastructure-as-code, and automation scripts to enhance cloud security operations * Document cloud security designs, processes, and standards for consistency * Gain experience and exposure multiple teams within Best Buy's cyber security organization to enhance all aspects of cyber security in our clouds * Be an active voice in the strategy and direction of cloud security at Best Buy Basic qualifications * Associate or bachelor's degree in a technical field * 2 or more years of hands-on experience with cloud platforms (AWS, GCP, or Azure) Preferred qualifications * 3 or more years of experience in information security (application, network, or related domain) * Experience with threat modeling and security risk analysis * Background in DevSecOps and infrastructure as code security * Ability to write automation scripts for Cloud Security Operations (Python, Bash, Ruby, Terraform) * Strong analytical and problem-solving abilities What's in it for you We're committed to helping our people thrive at work and at home. We offer generous benefits that address your total well-being and provide support as you need it, especially key moments in your life. Our benefits include: * Competitive pay * Generous employee discount * Physical and mental well-being support About us As part of the Best Buy team, you'll help us fulfill our purpose to enrich lives through technology. We bring that to life every day by humanizing and personalizing tech solutions for every stage of life - in our stores, online and in customers' homes. Our culture is built on deeply supporting and valuing our amazing employees who make it all possible. We're committed to being a great place to work, where you can unlock unique career possibilities. Above all, we aim to provide a place where you can bring your full, authentic self to work now and into the future. Tomorrow works here. Best Buy is an equal opportunity employer.Auto Req. ID987525BR Location Number 900010 Corporate 1 MN Address 7601 Penn Avenue South$84558 - $149583 /yr Pay Range $84558 - $149583 /yr

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive. Principal Enterprise Security Engineer Location: Remote Reports To: VP of Infrastructure and Security Department: Infrastructure and Security About the Role We are seeking a seasoned Principal Enterprise Security Engineer to design, implement, and manage enterprise-wide security solutions. You'll shape our security strategy across endpoint protection, network, SaaS, IAM, and observability, while aligning to NIST and CIS standards. This role reports to the Head of Enterprise Security, with close collaboration with the CISO, CISO staff, and cross-functional teams. Key Responsibilities Security Architecture & Governance Architect enterprise security solutions across endpoints (EDR/XDR), networks, SaaS, and identity/infrastructure. Ensure compliance with NIST SP 800-53, CIS benchmarks, and FedRAMP (Low/Moderate/High) standards. Design for DoD Impact Levels IL‑4 and IL‑5 environments, integrating enhanced controls beyond FedRAMP High IAM & Access Management Implement and manage IAM frameworks: RBAC, MFA, SAML, OAuth, SCIM. Regularly review and optimize privilege configurations. Endpoint & Network Security Deploy and manage endpoint security tools (e.g., CrowdStrike, SentinelOne). Define network security strategies including firewalls (e.g., Palo Alto), micro-segmentation, VPNs. Develop and maintain device health assessments and dashboards leveraging device telemetry from enterprise security tooling. Configure and maintain Data Loss Prevention (DLP) tooling & policies. Support security deployments and configurations across multiple operating systems - Windows 10/11, mac OS, Window Server, RHEL, Oracle, CentOS Experience with Security Service Edge and Software-Defined Perimeter enables ZTNA solutions such as NetSCOPE, Zscaler, and PAN SaaS Security & Cloud Compliance Secure SaaS applications using SSPM tools and integrate them into governance frameworks. Maintain compliance evidence for FedRAMP/DoD IL audits and ATO packages Incident Response & Threat Intelligence Lead incident response efforts: detection, triage, investigation, mitigation, and post-mortems. Coordinate with threat intel teams to feed strategic threat insights into detection logic and tools. Vulnerability Management & Observability Own vulnerability scanning, CVE tracking, patch-rollout, and POA&M development. Build and tune observability systems (SIEM, EDR, logging, telemetry) to support security posture. Automation & Scripting Automate security workflows using Python, PowerShell, Bash, or similar languages. Integrate automation into tooling for reporting, incident response, compliance, detection, and remediation. Collaboration & Communication Collaborate with the CISO and staff to align security initiatives with organizational strategy. Communicate technical concepts clearly to leadership, compliance, legal, and engineering teams. Develop and deliver security training and awareness for teams across the enterprise. Qualifications & Experience Education: Bachelor's degree in cybersecurity, computer science, engineering-or equivalent years of corporate security/SOC experience. Experience: 7+ years in enterprise or cloud security with hands-on background in IAM, endpoint/network/SaaS security, incident management, vulnerability management, and log analytics. Compliance Know-How: Solid understanding of FedRAMP security controls and audit frameworks. Experience with DoD IL‑4/IL‑5 programs-understand added encryption, personnel restrictions, and control overlays Technical Skills: Proficiency with tools like CrowdStrike, Palo Alto, F5, Splunk/ELK, and IAM platforms (Okta, Entra ID, etc.). Strong scripting/automation using Python, PowerShell, Bash, etc. Security Frameworks: NIST SP 800-53/171, CIS Benchmarks, FedRAMP, DoD CC SRG. Soft Skills: Strong verbal and written communication; ability to convey complex topics to executives; experience working with stakeholders across multiple time zones. Nice to have experience with F5 BigIP LTM Personality Traits: Strategic thinker, collaborative, proactive, with the ability to thrive in fast-moving environments. #LI-TL2 The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. The annual base pay for this position is: $152,000.00 - $228,000.00 F5 maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, geographic locations, and market conditions, as well as to reflect F5's differing products, industries, and lines of business. The pay range referenced is as of the time of the job posting and is subject to change. You may also be offered incentive compensation, bonus, restricted stock units, and benefits. More details about F5's benefits can be found at the following link: ******************************************* . F5 reserves the right to change or terminate any benefit plan without notice. Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com). Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.

• In depth hands-on experience in security products like Checkpoint MDM, PIX/ASA, Checkpoint provider 1, Cisco ACS, Cisco CSM, IDS/IPS, RSA envision / SIEM tools, Two-factor Authentication products • Design, implement, support & maintain Network security platforms I.E Firewall (Check Point and Cisco), IPD/IDS, Proxy, Crypto card, PKI etc. • Rich Experience in Implementation / upgrade / maintenance of Firewalls / Proxy / IPS • Experience in Site to Site and Client to Site VPN, High availability, Load Balancing, Antivirus and Content Filtering. • Deep knowledge of security architecture methodologies, Industry best practices and generally accepted information security principles • Highly skilled in Vulnerability assessment • Strong Knowledge of Switching / Routing • Knowledge of security architecture methodologies, BS7799, COBIT,ITIL • Advanced knowledge of HTTP(S), network protocols such as IP, TCP, UDP, DNS along with packet analysis • Perform security engineering, audit and regulatory compliance • Perform periodic reviews & Develop/implement automation ideas to validate audit compliance in all security platforms I.E Firewall, Proxy, IDM,SAP, NT etc. • Manage, develop and maintain documentation/Security procedures • Implement and perform appropriate controls and audits for access security to improve security matrix in SAP, NT and IDM Platforms • Work on Virus, Malware, Spyware and Vulnerability Management Platform • Support, Implement and Design new technologies K-C will implement in future I.E Web Application Firewall, Database Firewall, Threat Management, etc. • Adhere, recommend improve, participate in security policies/Standards and Risk Management plan Additional Information If you are comfortable with the position and location then please revert me back at the earliest with your updated resume and following details or I would really appreciate if you can call me back on my number. Full Name: Email: Skype id: Contact Nos.: Current Location: Open to relocate: Start Availability: Work Permit: Flexible time for INTERVIEW: Current Company: Current Rate: Expected Rate: Total IT Experience [Years]: Total US Experience [Years]: Key Skill Set: Best time to call: In case you are not interested, I will be very grateful if you can pass this position to your colleagues or friends who might be interested. All your information will be kept confidential according to EEO guidelines.

The Lead Security Engineer position is part of the Information Technology team, reporting directly to the Manager, Information Security. The focus of this role is to design, implement, and maintain advanced security solutions that protect the confidentiality, integrity, and availability of Cirrus digital assets. This role requires deep technical expertise in Microsoft technologies, cybersecurity engineering, and enterprise security architecture, as well as the ability to mentor Security analysts and partner with IT teams on secure system design and operations. Duties and Responsibilities/Essential Functions Design, implement, and maintain enterprise security controls across Microsoft environments, including Azure, Entra ID (Azure AD), Microsoft 365, Microsoft Defender, and Windows Server platforms. Lead incident response activities, including investigation, containment, eradication, and recovery, as well as post-incident lessons learned. Analyze security events and alerts from IDS/IPS, SIEM, EDR/XDR, vulnerability scanners, and Microsoft security tools to identify and mitigate threats. Develop and implement security hardening baselines, patch management processes, and secure configuration standards for Microsoft platforms and hybrid environments. Collaborate with IT and business stakeholders to design secure solutions, ensuring security requirements are integrated into Windows, Active Directory/Entra ID, Azure, and Microsoft 365 systems. Conduct threat modeling and risk assessments, making recommendations for risk treatment and mitigation strategies. Oversee vulnerability management program, including regular assessments, prioritization, and remediation validation. Create strategies to mitigate risks and ensure compliance with relevant laws and regulations Focus on continuous improvement to stay updated on cybersecurity trends and emerging threats to enhance security measures. Provide mentorship and technical guidance to Information Security Analysts and IT staff. Assist in the development and enforcement of security policies, standards, and procedures, with specific emphasis on Microsoft platforms. Stay current with emerging threats, vulnerabilities, and security technologies; recommend improvements to strengthen the security posture Regular, reliable, and predictable attendance Qualifications: To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. Bachelor's degree in Information Security, Computer Science, Information Systems, or equivalent combination of education and experience. 7+ years of progressive experience in information security, engineering, or related IT disciplines. Advanced knowledge of Microsoft technologies, including Azure, Entra ID (Azure AD), Office 365, Microsoft Defender suite, and Windows Server. Experience with SIEM, SOAR, EDR/XDR, vulnerability management, and forensic analysis tools, preferably integrated with Microsoft Sentinel and Defender. Strong understanding of cloud platforms (Azure, AWS, Google Cloud) and securing hybrid infrastructures. Relevant security certifications preferred: CISSP, CISM, OSCP, GIAC (GCIA, GCIH, GPEN), Microsoft Certified: Azure Security Engineer Associate, Microsoft 365 Security Administrator Associate, or equivalent. Demonstrated expertise in incident response, malware analysis, and intrusion detection. Proficiency with scripting/automation languages (PowerShell, Python, etc.) to enhance security operations. In-depth knowledge of common frameworks and standards (NIST CSF, ISO 27001, CIS Controls, MITRE ATT&CK). Proven ability to design and implement Zero Trust and defense-in-depth strategies. Applies advanced knowledge of Microsoft security technologies and enterprise platforms to solve complex challenges. Mentors and guides team members, builds trust, and fosters a culture of continuous improvement Competencies To perform the job successfully, an individual should demonstrate the following competencies: Manages Complexity - Asks the right questions to accurately analyze situations, acquires data from multiple and diverse sources when solving problems, uncovers root causes to difficult problems, evaluates pros and cons, risks and benefits of different solution options. Situational Adaptability - Picks up on situation cues and adjusts in the moment. Readily adapts personal, interpersonal, and leadership behavior. Understands that different situations may call for different approaches. Can act differently depending on the circumstance. Optimizes Work Processes - Identifies and creates the processes necessary to get work done, Separates and combines activities into efficient workflow, Designs processes and procedures that allow managing from a distance, Seeks ways to improve processes, Collaborates: Builds partnerships and works collaboratively with others to meet shared objectives. Organizational Savvy: Maneuvers comfortably through complex policy, process, and people-related organizational dynamics. Directs Work: Provides direction, delegates, and removes obstacles to get work done. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice. Work beyond 40 hours per week may be required. Cirrus is dedicated to a drug free work environment promoting equal employment opportunity. Qualified applicants will receive consideration for employment without regard to race, sex, national origin, color, age, disability, religion, pregnancy, veteran status, marital and family status, sexual orientation, receipt of public assistance, genetic information or any other characteristic protected by applicable law. Our Benefits: Cirrus provides a range of exciting benefits, including: 401(k) Plan: Dollar-for-dollar match up to 5% after 90 days, with 100% vesting. Employer-Paid Coverages: Group term life, short- and long-term disability insurance. Comprehensive Health Coverage: Medical, vision, dental, with additional dependent coverage options. Free Health Tracking: With rewards for meeting health goals. Generous PTO: 120+ hours accrued within the first year. Employee Referral Bonus: For referring talented candidates. Career Development: Tuition reimbursement and professional growth opportunities. Exclusive Discounts: Access to partner and marketplace discounts. Community & Engagement: Company and employee clubs at various locations. These benefits are designed to support your well-being, growth, and enjoyment at Cirrus!

Established in 1991, Collabera is one of the fastest growing end-to-end information technology services and solutions companies globally. As a half a billion dollar IT company, Collabera's client-centric business model, commitment to service excellence and Global Delivery Model enables its global 2000 and leading mid-market clients to deliver successfully in an increasingly competitive marketplace. With over 8200 IT professionals globally, Collabera provides value-added onsite, offsite and offshore technology services and solutions to premier corporations. Over the past few years, Collabera has been awarded numerous accolades and Industry recognitions including. Collabera awarded Best Staffing Company to work for in 2012 by SIA. (hyperlink here) Collabera listed in GS 100 - recognized for excellence and maturity Collabera named among the Top 500 Diversity Owned Businesses Collabera listed in GS 100 & ranked among top 10 service providers Collabera was ranked: 32 in the Top 100 Large Businesses in the U.S 18 in Top 500 Diversity Owned Businesses in the U.S 3 in the Top 100 Diversity Owned Businesses in New Jersey 3 in the Top 100 Privately-held Businesses in New Jersey 66th on FinTech 100 35th among top private companies in New Jersey *********************************************** Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Position Details: Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension) Location - Eagan , MN - 55123 Qualifications Primary Objective Perform in the delivery and development of processes and services which support best practices in information security and risk management for Client enterprise. Knowledge, Skills & Behaviors • 2+ years related information security risk management experience • 3+ years related information technology experience • Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL • Preferred exposure in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC • Demonstrate results in planning and delivering complex projects on time • Maintain focus and manage multiple efforts concurrently • Perform independently to expectations while being collaborative and maintaining alignment with the team • Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership • Strong written and verbal communication skills to include executive audiences • Apply tactical and strategic methods appropriately • Effective negotiation and influence • Focused on supporting the customer, the team, and the business • Strong collaboration and problem-solving skills Major Areas of Accountability • Operate as a key contributor to the Vendor Risk Management processes. • Interface with subject matter experts, peers and stakeholders; and business or technology leaders across the Client enterprise. • Demonstrate subject matter expertise on information security best practices and Client security posture focused on performing due diligence for vendor assurance inquiries and attestations. • Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress. • Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned. • Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership. • Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices. • Participate as a member of a team for Vendor Risk Management • Contribute to and achieve business and departmental goals and objectives • Deliver processes and services consistently and accurately • Accept feedback and flex to address tactical needs • Report on status of initiatives to all levels in the organization • Work across the organization to contribute to departmental initiatives and programs Education • Prefer 4 year (Bachelor's) Degree in a technology related field Additional Information To know more about this opportunity or to schedule an interview, Please Contact: Neha Kalia *************************** ************

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

As a Systems Engineer, you will perform discovery and analysis of business and contractual requirements to define systems and sub-systems architecture and technical design packages. This position works in conjunction with Systems Designers/Engineers and the Project Management team to determine technical requirements for project work and to ensure fit and suitability of our product offering within the client environment. Responsibilities: Prepare high level system designs in a thorough and professional manner during the pre-sales cycle. Design work may include conducting site surveys and device mark-ups, network architecture design, server loading, writing technical narratives and proposals, and preparing bills of materials Produce detailed design drawings and technical descriptions of physical security, other building technologies and the supporting networking, server and storage architectures in collaboration with owners and their representatives. Develop design documents that will guide the technical installation and configuration of systems Develop financial and logistics estimates, both independently and in collaboration with Paladin Technologies sales, marketing, and project management professionals Multi-task and manage time effectively to prioritize projects, tasks, and meetings as necessary Identify, establish, and document processes to support design efficiency and scalability Develop productive relationships with clients and key stakeholders which will build respect and confidence in the organization's capabilities. Understand and maintain an awareness of the productivity and profitability of work carried out by the organization Pursue and maintain education and professional development of technology systems related to the technical disciplines you will lead. Required Qualifications: A minimum of one year of design experience in the Security, AV, networking or instrumentation and controls. A strong understanding of the physical security, including an awareness of complimentary products, technologies, trends, and the general application of physical security technology Experience with the following technologies is required: Bluebeam Revu, IP networks, low voltage electronics, power and communications, Windows desktop operating system, Microsoft Office An understanding of and experience with fundamental concepts pertaining to IP networks, low voltage electronics, power, and communications A strong command of the English language supported by excellent written and verbal communication skills The ability to simultaneously handle multiple tasks and projects and be responsive to changing priorities in a fast-paced environment Preferred Qualification: Post-secondary education from an accredited college, university, or technical institution in Business, Construction Management, Electronics, Engineering, Information Technology, or a related field P.Eng, EIT, CET, or equivalent professional technical designation is preferred Highly developed analytical and problem solving skills Motivated self-starter with ambition to independently research new technologies as well as engineering and business methodologies/concept Field experience in a construction environment is an asset Physical Demands: In general, the following physical demands are representative of those that must be met by an employee to successfully perform the essential functions of the job. Must be able to effectively communicate, (i.e., see, hear, speak, and write clearly) in order to communicate with colleagues and/or customers; manual dexterity required for occasional reaching, lifting of light office objects, and operating office equipment Position is a desk job requiring the use of computer, keyboard, and phone Working Conditions: In general, the following conditions of the work environment are representative of those that an employee encounters while performing the essential functions of this job. The office is clean, orderly, properly lighted, and ventilated. Noise levels are considered low to moderate This is an office-based position COMPENSATION : $70,000 - $83,000k (DOE) Company Info: Paladin Technologies is a premier North American complex systems integrator for building technology solutions, including IP security, alarms & monitoring, audio visual, low-voltage infrastructure, and networking. As a leader in the design, deployment, optimization, management, and maintenance of communication and digital networks, Paladin can meet the needs of clients on a national scale, while providing local support. Our team is the best in the industry, with manufacturer trained technicians, PMP-certified project managers, CTS- and RCDD-certified design engineers, coordinators, and administrative resources. Paladin has offices coast to coast across the United States and Canada, and nearly 1,700 talented and committed professionals dedicated to custom-crafting and installing technology solutions for clients requiring Integrated Security, Network Infrastructure, Audio Visual, Fiber Optics/OSP, Structured Cabling, and more. We are always at the forefront of the changing technology landscape, and through continued training, complex client projects, and company support, we provide our colleagues with exciting challenges and a rewarding career as Paladin continues to grow. This company considers candidates regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Equal Opportunity Employer, including disability & veterans, or any other characteristic protected by law. If you need accommodation for any part of the application process, please send an email or call ************** to speak with Human Resources and let us know the nature of your request. We thank you for your application, however only those selected for an interview will be contacted.

Patterson isn't just a place to work, it's a partner that cares about your success. One of the distinguishing marks of our company is the talented people who embrace the people-first, always advancing, and results-driven culture. Professional growth abounds in this motivating environment. We value the diverse talents and experiences our employees bring to Patterson and believe that they build a stronger and successful organization. Job Description: The Application Senior Security Analyst leads the implementation and maintenance of network and application security systems to protect Patterson's information assets. This role drives technical support, incident response, and ensures alignment with security and project goals. The analyst develops and enhances the application security program using industry best practices and frameworks. Expertise in secure coding, static and dynamic code analysis, and vulnerability remediation is essential. The candidate integrates security controls into CI/CD pipelines using SecDevOps methodologies. Responsibilities include tool integration, policy enforcement, and continuous monitoring. Collaboration across DevOps, compliance, risk, and audit teams ensures enterprise-wide security alignment. A methodical approach to assessing and triaging security findings is critical for success. Essential Functions To perform this job successfully, an employee must be able to perform each essential function satisfactorily, with or without reasonable accommodation. To request a reasonable accommodation, notify Human Resources or the manager who oversees the position. Perform application security triage, oversee issue resolution, and track remediation metrics Oversees the maintenance, support, and delivery of associated security platforms Drives continuous improvements in acting on alerts, service requests, and incidents Integrates best practices to proactively analyze and monitor systems and applications for system and security related issues Considered subject matter expert in assigned platforms and keeps up-to-date knowledge to drive improvements Strong mentor with the ability to work with junior team members and provide leadership and training on new tools or projects Provide support and ongoing input in the evolution of the application security program Ensure the application security tool set is optimized, tuned, and maintained Collaborate with Devs and Ops teams to embed security into CI/CD pipelines and SecDevOps workflows Perform security testing to include SAST, DAST, SCA, Container, APIs, IaC, Secrets Interact with Infrastructure, DevOps, and application owners to ensure alignment with Patterson's roadmaps Prioritize workload depending on business direction, compliance, and / or security requirements Embedded in the SDLC process for all major applications, working with DevOps, SecDevOps, Developers, QA, Principal Architects, Security Champions, Actively participate and / or lead weekly meetings with application team leads and security champions Track and manage identified vulnerabilities through resolution, ensuring timely remediation and documentation. Oversee the planning, execution, and follow-up of penetration tests conducted by internal teams and external security partners. Additional functions In addition to the essential functions listed above, the incumbent may perform the following additional functions. Experience with .Net, C#, Javascript, Angular and related languages Familiarity with AzureDevOPs (ADO), Package Management, SBOM, TFS and / or VSTS Familiarity with major cloud platforms, including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP) General knowledge of Application Security frameworks such as BSIMM, OWASP SAMM / ASVS, NIST, etc Experience with Thick Clients, Web Apps, Cloud Solutions, SPA, Web Services, MVC, APIs, etc Familiar with Azure DevOps Pipelines for automated build, test and deployment workflows Ability to support and manage Azure services including Azure Container Apps (ACA), Azure Kubernetes Service (AKS), and Azure Artifacts Familiarity with software supply chain security processes, including vulnerability scanning, artifact integrity validation, and dependency risk management Experience implementing and maintaining gating workflows in CI/CD pipelines to enforce security and compliance checks prior to deployment Experience communicating security concerns and issues to non-technical audiences Proficient in assessing microservices and APIs for security flaws using automated and manual testing techniques. Familiar with key application security tools such as BurpSuite, HCL AppScan, Veracode, Qualsys WAS, Micro Focus WebInspect, Checkmarx, Mend.io (White Source), DevTools, Fiddler, Owasp Zap, Metasploit, BeeF, SQLMap, Postman, etc Experience with Swagger, SOAPUI, Visual Studio Required Qualifications Bachelor's Degree with an emphasis in security, technology, or engineering or equivalent work experience At least 4 years work experience in information technology, cyber security, or information security Preferred Qualifications Security industry certification desired This person must be located within a commutable distance to Mendota Heights, MN or Loveland, CO. This will be 2 days in the office hybrid model. What's In It For You We provide competitive benefits, unique incentive programs and rewards for our eligible employees: Full Medical, Dental, and Vision benefits and an integrated Wellness Program. 401(k) Match Retirement Savings Plan. Paid Time Off (PTO). Holiday Pay & Floating Holidays. Volunteer Time Off (VTO). Educational Assistance Program. Full Paid Parental and Adoption Leave. LifeWorks (Employee Assistance Program). Patterson Perks Program. The potential compensation range for this role is below. The final offer amount could exceed this range, based on various factors such as candidate location (geographical labor market), experience, and skills. $94,100.00 - $117,700.00EEO Statement Patterson provides equal employment opportunities to applicants and employees without regard to race; color; sex; gender identity; sexual orientation; religious practices and observances; national origin; pregnancy, childbirth, or other related medical conditions; status as a protected veteran or spouse/family member of a protected veteran; or disability.

Job Description This is a hybrid position requiring 3 days in office at our Middleton, WI office location. #LI-Hybrid At CapSpecialty, we are a specialty underwriting company being driven by well-informed, entrepreneurial and proactive employees. Come join our exciting company where you can really make an impact, and each individual's unique skills and talents are recognized and valued. You will find an accessible leadership team that welcomes opinions and ideas. We owe much of our success to our collaborative environment and set of three guiding principles rooted in customer-centricity, employee excellence and corporate culture. We offer competitive compensation and benefits packages - including an innovative open vacation plan, generous paid sick and parental leave, fully vested matching 401k, company-paid group term life insurance and short- & long-term disability plans, professional and educational growth opportunities, flexible and casual work environment, and recognition for exceptional performance. Please see our full list of Total Rewards here. CapSpecialty is seeking an Information Security Analyst who will support our organization's cybersecurity operations. The analyst will assist in monitoring systems, investigating alerts, managing access controls, and supporting compliance efforts. This role includes exposure to Identity & Access Management (“IAM”) and other key areas of information security. Duties/Responsibilities: Conduct investigations into and properly document security incidents, including evaluating incident impact and recommending corrective actions to management. Collate security metrics and generate reports from the security systems as needed. Support managing accounts and permissions in IAM systems, including recommending improvements to identity governance where appropriate. Perform tasks as assigned to meet any audit requests. Help maintain IAM documentation and workflows. Help maintain and promote security policies, procedures, and training materials. Oversee assigned components of the security awareness programs, and track employee participation including following up on training completion. This may include reporting compliance metrics to leadership. Manage the physical security program, providing recommendations for updates as needed. Keep up to date and current on security trends. Other related duties and initiatives, as assigned. Supervisory Responsibilities: None. Core Competencies: Proven ability to deal well with ambiguity, prioritize tasks, resolve issues and deliver measurable results in an agile, fast-paced environment. Excellent oral and written communication skills. Ability to manage difficult customer situations, elicit customer feedback, analyze and resolve customer issues. Excellent analytical, problem solving, collaboration and time-management skills. A high level of integrity and commitment to confidentiality. Must be highly self-motivated requiring minimal direction. Have a passion for Information Security and a desire to advance personal growth through continuing professional education, self-study, and pursuit of technical certifications. Education and Experience: Associate's degree in computer science or equivalent. 1+ years of relevant experience in IT with exposure to cybersecurity practices, technologies, and methodologies is preferred. Basic understanding of security principles, threats, and controls is desirable. Familiarity with IAM concepts and tools (i.e. Active Directory, Okta, Azure AD) is a plus but not required. Familiarity with security controls and technologies desired (i.e. firewall, SIEM, DLP, WAF, and IPS.). Physical Demands Prolonged periods of sitting at a desk and working on a computer. May be required to lift up to 15 pounds at times. CapSpecialty is a leading provider of specialty insurance and bonds for small- to mid-sized businesses in the U.S., offering casualty, professional liability, surety and fidelity products in all 50 states and the District of Columbia. By working with select partners through a limited distribution model, CapSpecialty's creative, hard-working team provides personalized service and cultivates mutually successful partnerships to deliver positive results. CapSpecialty is an operating subsidiary of Berkshire Hathaway, and its carriers have an A ("Excellent") rating from A.M. Best, writing both admitted and non-admitted policies. For more information, please visit CapSpecialty.com. Apply today! Equal Employment Opportunity Employer Powered by ExactHire:184950

The Information Security Analyst Identifies security risks and exposures, determine the causes of security violations, and configuring systems to optimize notification of future incidents. The Security Analyst Integrates appropriate systems and logs into the enterprise security incident and event management system to effectively monitor and detect various people and enterprise asset activity. The Information Security Analyst works under the direction of the Information Security Director on the IT Security Operations Team. **Responsibilities** - Investigates and analyzes security events to evaluate risk, prioritizing findings based on internal and external information. - Configures and maintains SIEM platform, including areas such as source feeds, alerts, alarms, and API integrations. - Configures and maintains EDR/antivirus. - Configures and maintains vulnerability management platform, including areas such as vulnerability scanning, remediation, and mitigation as well as impact and risk analysis. - Communicates security concerns to the business stakeholders to collectively develop and execute an appropriate remediation/mitigation plan. - Interacts with security risk and compliance group, adjacent IT departments, and business units as needed to ensure compliance with IT Security goals and policies. - When needed, assists in administration of other security tools (Data Loss Prevention, Email Security/Spam Filter, End User Training, Mobile Device Management). - Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and evolving attacks and threat vectors. General Job Responsibilities: - Ability to work in a team environment and independently as required - Contributes to project planning and scheduling. - Normally receives minimal instructions on routine work and detailed instructions on new assignments. - Participate in Architecture design reviews and other technical governance forums across the organization representing the security team across multiple projects. - Be on call and available after business hours, would require working Holidays and weekends if major security incident occurs. - Establish and maintain pertinent policies, standards, and procedures - Perform duties in compliance with applicable regulations and standards such as Sarbanes Oxley Act, FDA Quality System, and ISO (International Organization for Standardization) Works on routine assignments per written procedures, where ability to recognize deviation from accepted practice is required. - Contributes to the overall operations and to the achievement of departmental goals - Perform job specific tasks in compliance with applicable Regulations, International Standards, and WuXi AppTec Policies and Standard Operating Procedures. - Understanding of Good Laboratory Practices and Good Manufacturing Practices - Other duties as assigned **Qualifications** - Degree in Cyber Security, Management Information Systems, Information Security or equivalent work experience o Minimum 2 years prior experience in a Cyber Security - In depth knowledge of LogRhythm SIEM platform or other SIEM platforms, which includes configuring and maintaining API integrations and source feeds, alerts and alarms - In depth knowledge in Qualys Vulnerability Management System, which includes configuring and maintaining - In depth knowledge in Cisco AMP Anti-Virus software, which includes configuring and maintaining - Knowledge of ISO/IEC 27001 standards. - Strong technical acumen with a solid understanding of security technologies and network architecture - Strong verbal and written communication skills - Independent driver of self-development and continuous learning - Knowledge of information security technology, design, research techniques, administration, operating standards, and quality control methods. - Basic understanding of LAN/WAN technologies and protocols, FTP, Active Directory, VPN technologies (MPLS, IPSEC, etc.), IIS and other network services. - Experience in a large, formal vulnerability program. - General knowledge of cloud, wireless network and mobile security. - Team-oriented and skilled in working within a collaborative environment. **An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability** This job description does not state or imply that the above are the only duties and responsibilities assigned to this position. Employees holding this position will be required to perform any other job-related duties as requested by Management. **Need help finding the right job?** We can recommend jobs specifically for you! An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability (************************************************************************************************** **Job Locations** _US-MN-St. Paul_ **Job ID** _2025-13894_

The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates. Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop - GSO protects their data and privacy, so they can have a secure and trustworthy experience. The Security Strategy, Risk, and Resilience (SRR) team is responsible for TikTok's Governance, Risk and Compliance function working closely with cross-functional partners to manage security risks, mature security operations, and build organizational resilience. We support our partners in meeting industry cybersecurity compliance standards and government regulations by developing and driving the organization's cybersecurity strategy, establishing and maintaining a comprehensive business continuity management program, creating and maintaining governing security policies, implementing our security control framework, conducting regular security risk and control assessments, and staying up-to-date on global compliance initiatives and evolving regulatory requirements. The Cybersecurity Strategy Senior Analyst plays a critical role in supporting the development and execution of strategic initiatives and metrics programs across TikTok's Global Security Organization. You will help define what "best-in-class" looks like for a rapidly growing global cybersecurity team by driving data-informed decision-making, maturity modeling, and performance measurement. This role involves working closely with cross-functional stakeholders to align cybersecurity efforts with broader organizational goals while contributing to the department's strategic direction and operational excellence. You would be a great fit for this role if you are enthusiastic about: 1. Using data and metrics to tell compelling stories and influence decisions at the highest levels of leadership 2. Thriving in a fast-paced, ambiguous environment with a passion for building frameworks and programs from the ground up 3. Collaborating with technical and non-technical stakeholders to build visibility and alignment around cybersecurity goals and performance Responsibilities As a Cybersecurity Strategy and Metrics Senior Analyst, you will be responsible for: * Supporting the development and execution of the department-wide cybersecurity strategy and multi-year maturity roadmap * Designing and maintaining cybersecurity performance measurement frameworks, including department KPIs, KRIs, OKRs, and executive dashboards * Developing maturity models and measurement tools to assess and monitor cybersecurity capabilities across teams and functions * Providing regular reporting and briefings to leadership, summarizing progress against strategic goals, identifying areas for improvement, and recommending adjustments * Conducting benchmarking and trend analysis to assess the organization's performance relative to industry standards and peers * Partnering with leadership to identify strategic gaps and support initiative development, prioritization, and tracking * Supporting strategic planning cycles, initiative management, and documentation efforts that align with both security and business priorities Minimum Qualifications: * Strong understanding of cybersecurity domains and frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and how to translate them into measurable objectives * Experience designing and operationalizing metrics or performance programs in a cross-functional environment * Strong analytical and project management skills with the ability to lead initiatives and drive results with multiple stakeholders * Excellent communication skills, with the ability to translate complex data and strategy into business-relevant narratives * Ability to work at the Washington DC or New York office for 5 days per week and willingness to travel to other offices, including international locations, as required to support business needs Preferred Qualifications: * Strong experience in cybersecurity, GRC, metrics development, strategic operations, or a related field * Strong experience in security strategy, cybersecurity operations, metrics programs, consulting, or related areas * Experience working with data visualization tools such as Tableau, Power BI, or internal dashboards * Relevant certifications (e.g., CISSP, CRISC, CISM, PMP, or other strategy or security-related certifications)

At Children's Wisconsin, we believe kids deserve the best. Children's Wisconsin is a nationally recognized health system dedicated solely to the health and well-being of children. We provide primary care, specialty care, urgent care, emergency care, community health services, foster and adoption services, child and family counseling, child advocacy services and family resource centers. Our reputation draws patients and families from around the country. We offer a wide variety of rewarding career opportunities and are seeking individuals dedicated to helping us achieve our vision of the healthiest kids in the country. If you want to work for an organization that makes a difference for children and families, and encourages you to be at your best every day, please apply today. Please follow this link for a closer look at what it's like to work at Children's Wisconsin: *********************************** Children's Wisconsin is seeking a Senior Information Epic Security Analyst- to join our team! Location: Remote but must be local to Milwaukee What you will do: The IS Security Analyst-Epic will perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Ensures that user community understands and adheres to necessary procedures to maintain security. Must be able to weigh business needs against security concerns and articulate issues to management. Primary EPIC security lead on Enterprise Information Security team responsible for management of Epic user records (EMP users, including background users) which includes the life cycle management of the records (creation, modification, inactivation) and auditing as appropriate. Collaborates with app analysts teams who manage the templates and sub templates. Participates in the development of workflows, system configuration, change documentation, optimization and support related to Epic security, while working with application teams to deploy functionality changes, new modules or departments, update security classes, modify provider records, conduct user analysis, and implement security enhancements. Leads and assists in the development of department and organization wide policies and procedures, while effectively communicating policies and procedures impacting Identity and Access management to end users, leadership, and peers to ensure compliant practices. Provides guidance on optimizing security build based on appropriate minimum necessary standards. Responsible for the on-going maintenance, testing, support and optimization of Epic user security and provider management, with focus on role based access. Epic certification is a requirement. Excellent organizational skills and ability to manage work load while assigned to multiple simultaneous projects with minimal supervision. Thorough understanding of user account administration in a network environment. Thorough understanding of security auditing principles. Familiarity with current common paradigms for violating system integrity. Top-tier security performance tuning skills and trouble-shooting required. Works closely with all levels of the organization to ensure that security is consistent with organizational security standards, information access requirements and business strategies. Coordinates with IS entities regarding technical considerations (user rights/privileges, system access) to ensure proper implementation and provides on-going support for all security operations. Works collaboratively with Internal Audit, Corporate Compliance, Human Resources and other departments on security related issues and projects. Works with cross-functional teams to perform reviews and tests of IS internal controls to ensure existing systems are operating as designed and contain adequate controls. Monitors and analyzes technology security and recommends appropriate IS policies, procedures and practices to strengthen security operations. Provides consultation regarding audit, regulatory and security management activities across IS functional areas. Coordinates the IS component of both internal and external audits, federal and state examinations. ESSENTIAL FUNCTIONS: Demonstrates behaviors outlined in the Core Competencies the Blue Kids Way to provide service excellence as a committed partner to children, families and co-workers. Recommends and maintains policies and procedures related to information security. Monitors the organization's overall security fabric. Assesses security needs and capabilities of the organization. Makes regular reports to management concerning security measures. Makes recommendations for improvement as required. Identifies and provides information security awareness training as appropriate. Identifies appropriate courses to enhance security capabilities and competencies of the organization. Works with management to perform and maintain risk assessments. Ensures organization compliance with the security sections of Federal and State statutes, including HIPAA, as well as regulatory requirements. Coordinates investigations into potential security infractions. Determines and designs appropriate tests for all aspects of information security. Activities may include attempted “cracking” of system security, review of audit trails and attempted theft of devices. Evaluates system effectiveness and makes change recommendations as necessary. Coordinates periodic reviews of system security by outside consultants, including vulnerability assessments, penetration tests, HIPAA reviews and PCI compliance. Works with IS teams to implement recommendations as appropriate. Monitors, evaluates and makes recommendations regarding perimeter security including prevention against attack, viruses, and other forms of malicious software. Monitors, evaluates and makes recommendations regarding email and Internet content filtering. Evaluates and makes recommendations regarding requested changes to perimeter security. Recommends policies and procedures for controlling remote access by employees, non-employees and vendors. Reviews and makes recommendations regarding security oriented software applications and workstation security, including patch management, user rights management, and operating system configuration. Keeps current on security issues through seminars, publications and self-education on an on-going basis. MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED: Requires bachelor's degree in computer science or related technology field. Master's degree preferred. Requires 7 years of relevant computer systems experience, preferably in a hospital or healthcare setting. Significant experience in IS security administration including compliance, audit, and information security management. Epic Security certification is a requirement. Professional certification (e.g. CISA, CISM or CISSP) preferred. Thorough understanding of risk analysis, disaster recovery and audit tracking. Familiarity with current common paradigms for violating system integrity. Must have excellent interpersonal skills to effectively communicate with all levels of hospital personnel, vendors and IS personnel. Must possess the ability to deliver clear, concise communications and presentations. Must be able to train others on key IS security concepts. Children's Wisconsin is an equal opportunity / affirmative action employer. We are committed to creating a diverse and inclusive environment for all employees. We treat everyone with dignity, respect, and fairness. We do not discriminate against any person on the basis of race, color, religion, sex, gender, gender identity and/or expression, sexual orientation, national origin, age, disability, veteran status, or any other status or condition protected by the law. Certifications/Licenses:

The JFG Information Security Engineering & Operations Analyst plays a key role in supporting JFG's Identity & Access Management (IAM), Cyber Threat Management, and Vulnerability Management services. This role helps support IAM services to provision, deprovision, and certify access to JFG systems. It also helps detect, analyze, hunt for, and report on cybersecurity events related to malware, network intrusion, and data loss protection and insider threat incidents. This role is also responsible for finding and reporting on internal and external vulnerabilities on JFG systems. This role will be supported by a Managed Detection & Response (MDR) services and Identity & Access Management Managed services. Occasional off-hour and weekend work will be expected. Very little (less than 5%) business travel is expected in this role. This role will be located in Racine, Wisconsin. Ability to come in-office would be required (working a hybrid schedule.) KEY RESPONSIBILITIES: * Detect, analyze, contain, and remediate threats and vulnerabilities across the JFG environment. * Operate and support vulnerability management, data loss protection, cybersecurity monitoring, cybersecurity incident response, intrusion analysis, root-cause-analysis (digital forensics), cyber-threat intelligence, and malware analysis technologies. * Lead and report on incidents involving malware, network intrusion, insider-threat, internal investigations and litigation support activities. * Incorporate Cyber Threat Intelligence into operational signal intelligence and reporting. * Proactively investigate JFG environment for threats based on Cyber Threat Intelligence and known threat methods and patterns (aka Threat Hunting). * Operate and support Identity Governance and Administration technologies to support timely on/off-boarding of people and regular access governance reviews to ensure appropriate access. * Support weekly/monthly/quarterly/annual operational metrics, reports and dashboards. * Assist with maintaining the Cybersecurity Incident Response Plan. * Collaborate on the continuous improvement of Information Security Operations processes, workflows, and procedures (e.g. RunBooks). * Automate repetitive tasks and drive efficiencies with measurable benchmarks to show progress. JOB REQUIREMENTS: * Associates degree in Information Security, Cybersecurity preferred * 0-2 years' experience * Types of certification preferred: Security+, CEH, SSCP * Experience with Python and PowerShell scripting languages for automation preferred * Good report writing and communication skills * Has a basic understanding of the Information Security platforms at JFG, common Information Security controls and frameworks, networking concepts and technologies, as well as Windows and Linux environments Come as you are. Johnson Financial Group supports and is committed to the principle of equal employment opportunity. We make all employment-related decisions without regard for an individual's race, color, religion, sex, sexual orientation, age, national origin, citizenship, disability, veteran status, or any other protected status as required by law.

Are you an identity innovator ready to jump in, look at a system, and take it somewhere? Join us as a Systems Security Engineer - a role that blends the technical depth of IAM with the creativity to improve and automate how access happens across the enterprise. This isn't your typical side of cybersecurity - it's where code development, system management, and smart integration meet. From auditing permissions and refining processes to collaborating across teams, you'll have the opportunity to make a wide variety of impacts every day. Enjoy weekly pay, 401(k) starting day one, and health benefits. Whatever your career goals may be, let Mystic Lake Casino help get you there! Job Overview: Provide engineering development and support for Identity and Access (IAM) management activities related to system software, hardware, performance, problem determination or resource management requiring communication and coordination with vendors, technicians, clients, and management. Actively integrate identity system with other operational systems to achieve single view of all identity access, while providing efficient automation for identity access changes. Perform procedures necessary to manage security and account permissions to protect information systems across the enterprise. Validate information security procedures are updated, communicated and followed. Audit and grant account permissions to network resources and applications. Perform reviews of security logs and controls. Facilitate the remediation of vulnerabilities and inconsistencies. Document and track information security issues or incidents. Assist with security assessments based on the direction of the Director of Cybersecurity. Elevate & Thrive: Key Responsibilities: Work with Identity Access Management (IAM) suite of products and processes; developing and providing support services for IAM deployment; defining and standardizing IAM processes; code development; performing analysis of various projects and requests; developing designs for projects that have medium to high complexity; formulating procedures and implementing business solutions. Building Identity and Access (IAM) management systems integrations across various applications, technologies and cloud services, providing both identity and data governance to entire organization. Work closely with business units, application teams, infrastructure areas and vendors to identity, review and evaluate the solution requirements. Review and provide recommendation on new technologies, roadmaps and vendor product offerings specific to server, software technologies and other products. Provide consultation and work closely with other functional infrastructure areas on multiple initiatives to meet common organizational business goals and objectives. Participate in and provide consulting to project teams on design development, integration opportunities, planning of systems and assures it is aligned to our established strategies, guiding principles, rationales and practices. Ensure IAM solution provides best in class governance, availability and operational efficiency to meet business needs. Job Requirements: Bachelor's degree required (Cybersecurity or an equivalent discipline preferred) 5+ years of IT experience with 3+ years of Information Security experience Strong scripting knowledge (PowerShell, Beanshell and JavaScript) preferred Sailpoint IAM product suite experience preferred Demonstrate a strong understanding of tools, technologies, security strategies and their implications on the broader business environment Have a strong understanding of Information Security concepts, protocols, industry best practices and strategies Have experience with Active Directory security administration in a large Windows network Demonstrated background of Windows NTFS and Share Permissions Ability to develop internal processes and procedures as it relates to day-to-day system security administration Have experience with common Information Security Management frameworks, such as International Standards Organization (ISO) 17799/27001, the IT Infrastructure Library (ITIL) and the National Institute of Standards and Technology (NIST) frameworks Have excellent technical knowledge of mainstream operating systems (for example, Microsoft Windows and Unix/Linux) and a range of security technologies such as identity and access management systems Experience in general technical knowledge of current network hardware/software, protocols, and standards Experience in conducting research into information security issues, reviewing logs and evaluating security controls Outstanding Benefits & Awesome Perks: Enjoy competitive weekly pay, outstanding benefits, and advancement opportunities at the SMSC Gaming Enterprise. Eligible Team Members are offered a comprehensive benefits package include medical, dental, life and disability insurance, onsite medical clinics and pharmacy, 401(k) retirement plan, paid time off, wellness programs and more. Plus, take advantage of perks like discounts on childcare, fuel, bus passes and fitness membership, free uniforms and free uniform cleaning, and tuition reimbursement. Who We Are: We're not just in the business of entertainment; we're in the business of crafting unforgettable experiences. We believe in the power of possibility, to unite and uplift, rallying around every triumph, big and small. At Mystic Lake and Little Six, every moment is a chance to be the experience. Different backgrounds, different strengths, and different passions, we value the diversity that everyone brings to the table. Our values are a direct reflection of the diverse communities that we proudly serve, represent, and invest in. We invite you to the place to learn, grow, thrive and lead. Let's create moments that matter, celebrate diversity, and build a brighter future for all. Be the Experience. Be Bold. Be Mystic.

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Job Description Position Details: Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension) Location - Eagan , MN - 55123 Qualifications Primary Objective Perform in the delivery and development of processes and services which support best practices in information security and risk management for Client enterprise. Knowledge, Skills & Behaviors • 2+ years related information security risk management experience • 3+ years related information technology experience • Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL • Preferred exposure in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC • Demonstrate results in planning and delivering complex projects on time • Maintain focus and manage multiple efforts concurrently • Perform independently to expectations while being collaborative and maintaining alignment with the team • Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership • Strong written and verbal communication skills to include executive audiences • Apply tactical and strategic methods appropriately • Effective negotiation and influence • Focused on supporting the customer, the team, and the business • Strong collaboration and problem-solving skills Major Areas of Accountability • Operate as a key contributor to the Vendor Risk Management processes. • Interface with subject matter experts, peers and stakeholders; and business or technology leaders across the Client enterprise. • Demonstrate subject matter expertise on information security best practices and Client security posture focused on performing due diligence for vendor assurance inquiries and attestations. • Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress. • Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned. • Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership. • Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices. • Participate as a member of a team for Vendor Risk Management • Contribute to and achieve business and departmental goals and objectives • Deliver processes and services consistently and accurately • Accept feedback and flex to address tactical needs • Report on status of initiatives to all levels in the organization • Work across the organization to contribute to departmental initiatives and programs Education • Prefer 4 year (Bachelor's) Degree in a technology related field If you are interested please contact NEHA KALIA (Technical Recruiter) at ************ and email an updated copy of your resume (preferably WORD format) to *************************** Additional InformationIf you are interested please contact NEHA KALIA (Technical Recruiter) at ************ and email an updated copy of your resume (preferably WORD format) to ***************************