Security engineer jobs in Nashville, TN

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Your Work Shapes the World at Caterpillar Inc. When you join Caterpillar, you're joining a global team who cares not just about the work we do - but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here - we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it. ERP SAP Application Security Analyst The Caterpillar Information Technology ERP SAP Application Security team is seeking a Senior IT Applications Analyst. As a member of the ERP Application Security team, you will be responsible for safeguarding the integrity, confidentiality, and availability of ERP systems by designing, implementing, and managing security policies and procedures. This role involves analyzing business requirements, configuring ERP roles and authorizations, monitoring user access, and ensuring compliance with internal and external regulations. What You Will Do: * Design, implement, and maintain SAP ERP security roles and authorizations to meet business and compliance requirements. * Use established ERP change and transport management methodology to promote approved changes to production. * Monitor and manage user access, segregation of duties (SoD), and privileged accounts within the ERP environment. * Track and resolve incidents, service requests, and system changes, ensuring proper documentation and compliance with change control processes. * Identify opportunities to optimize current processes, enhance system performance, and improve user experience. * Support technical and operational go-lives for deployments and software upgrades. * Participate in regular security audits, risk assessments, and vulnerability analyses to identify and address potential issues. * Collaborate with business stakeholders, IT teams, and auditors to ensure security controls align with organizational policies and regulatory standards. * Provide support for request and incident response, troubleshooting, and resolution of security-related ERP issues. * Maintain documentation of security policies, procedures, and changes within the ERP landscape. * Drive internal projects as needed to maintain client integrity. Top Candidates Will Have: * Excellent analytical, problem-solving, and communication skills. * AI skills for automation of manual team tasks * Expertise with audit processes, SOX compliance, and risk management principles. * Ability to support Sap Governance Risk and Control AC/PC * ECC to S4 conversion knowledge Skills Descriptors: * Core Application Systems: Knowledge of major production application systems used for delivery services to internal and external clients; ability to leverage major production application systems in diverse situations. * IT Standards, Procedures & Policies: Knowledge of Information Technology (IT) standards and policies; ability to utilize a variety of administrative skills sets and technical knowledge to manage organizational IT policies, standards, and procedures. * Business Process Improvement: Knowledge of business process improvement best practices and ability to use methods for identifying, evaluating, introducing, and implementing more efficient approaches to performing business related activities. * Accuracy and Attention to Detail: Understanding the necessity and value of accuracy; ability to complete tasks with elevated levels of precision. * Problem Solving: Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations. * Application Design, Architecture: Knowledge of basic activities and deliverables of application design; ability to utilize application design methodologies, tools and techniques to convert business requirements and logical models into a technical application design. Implementation: Knowledge of how to run applications for organizations; ability to implement application software within an organization and help end-users perform specific tasks (ex: accounting or graphic design). * Requirements Analysis: Knowledge of tools, methods, and techniques of requirement analysis; ability to elicit, analyze and record required business functionality and non-functionality requirements to ensure the success of a system or software development project. * System Testing: Knowledge of system and software testing; ability to design, plan and execute system testing strategies and tactics to ensure the quality of software at all stages of the system life cycle. * Technical Troubleshooting: Knowledge of technical troubleshooting approaches, tools, and techniques; ability to anticipate, recognize, and resolve technical issues on hardware, software, application or operation. Additional Information: * Location for this role is Peoria, IL, Dallas, TX or Nashville, TN * This role requires 5 days onsite. * SPONSORSHIP IS NOT AVAILABLE. * This position may require 10% travel. * Relocation is not available. What You Will Get: * Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world. * Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays. * All qualified individuals - Including minorities, females, veterans, and individuals with disabilities - are encouraged to apply. About Caterpillar - Caterpillar Inc. is the world's leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we've been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed. Summary Pay Range: $110,520.00 - $165,840.00 Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar. Benefits: Subject to plan eligibility, terms, and guidelines. This is a summary list of benefits. * Medical, dental, and vision benefits* * Paid time off plan (Vacation, Holidays, Volunteer, etc.)* * 401(k) savings plans* * Health Savings Account (HSA)* * Flexible Spending Accounts (FSAs)* * Health Lifestyle Programs* * Employee Assistance Program* * Voluntary Benefits and Employee Discounts* * Career Development* * Incentive bonus* * Disability benefits * Life Insurance * Parental leave * Adoption benefits * Tuition Reimbursement * These benefits also apply to part-time employees Posting Dates: December 1, 2025 - December 11, 2025 Any offer of employment is conditioned upon the successful completion of a drug screen. Caterpillar is an Equal Opportunity Employer, Including Veterans and Individuals with Disabilities. Qualified applicants of any age are encouraged to apply. Not ready to apply? Join our Talent Community.

Your Future. Secured. ISC2 is a force for good. As the world's leading nonprofit member organization for cybersecurity professionals, our core values - Integrity, Advocacy, Commitment, Inclusion, and Excellence - drive everything we do in support of our vision of a safe and secure cyber world. Our globally recognized, award-winning portfolio of certifications provide an independent and globally recognized endorsement of cybersecurity knowledge, skills and experience for all career levels. Our charitable arm, the Center for Cyber Safety and Education, enables ISC2 and our members to serve the public by educating the most vulnerable about cyber risks and empowering access to enter and thrive in the cyber profession. Learn more at ISC2 online and connect with us on Twitter, Facebook and LinkedIn. When you join ISC2, you'll demonstrate your commitment to an inclusive and equitable environment. Your support of the unique perspectives and experiences shared by our global cybersecurity workforce and profession will be recognized. We invite you to take an active role in helping us create a true sense of belonging across our organization - an environment of authenticity, trust, empowerment and connectedness that empowers all of our successes. Learn more. **Position Summary** The Application Security Engineer will be an integral part of the security team and will work cross-functionally with several lines of business to ensure the secure delivery of products and applications. The Application Security Engineer will be expected to attend stand-ups and strategy sessions to identify areas of risk and offer consulting on best practices. The Application Security Engineer will act as a champion and will formalize the integration of application security into our current processes and tools. **Responsibilities** The Application Security Engineer will be expected to facilitate technical design reviews, perform code analysis, offer remediation recommendations, perform manual and dynamic security testing, and document and present all findings. The Application Security Engineer will work closely with the Development, Release, and QA teams to identify and coordinate security testing, validate, test, and vet both internally and externally developed applications. As an Application Security Engineer, you will act as a DevSecOps Engineer that will be responsible for secure application delivery as well as the underlying infrastructure. The Application Security Engineer must be comfortable with securing cloud-based products in environments such as AWS, Azure and Salesforce. Additionally, this position will provide security risk assessments, create threat models and assist the team with vulnerability testing. Additionally, this position manages the ISC2 responsible reporting program that supports the organization's secure application delivery objectives. In addition to the daily duties described, the individual will assist the security engineering team in the management of security technologies administered by the group (e.g., WAF, Firewall, IDS, and SEIM). This would be an "as needed" function, which is primarily to provide coverage for those duties when individuals on the security engineering team are out of the office for training or vacation. Additionally, the Application Security Engineer will be expected to participate in the Incident Response team and act as a Subject Matter Expert when dealing with the continuity of our operations and when responding with cyber incidents. + Conduct security assessments: Perform comprehensive security assessments of applications, including static code analysis, dynamic application testing, and penetration testing. Identify vulnerabilities, weaknesses, and potential attack vectors. + Secure code review: Review application source code to identify security flaws, such as insecure authentication mechanisms, input validation vulnerabilities, and potential injection attacks. Provide recommendations for remediation and best practices for secure coding. + Threat modeling: Collaborate with development teams to identify and assess potential threats and risks associated with the application. Use threat modeling techniques to prioritize security controls and countermeasures. + Develop and implement security controls: Design, develop, and implement security controls and countermeasures to protect applications against common security threats, such as cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection. Implement secure coding practices and security guidelines. + Vulnerability management: Establish and maintain a vulnerability management program for applications. Track and prioritize vulnerabilities based on their severity and impact. Coordinate with development teams to ensure timely remediation of identified vulnerabilities. + Security testing automation: Develop and maintain automated security testing tools and scripts to streamline the application security testing process. Integrate security testing into the continuous integration and deployment (CI/CD) pipeline. + Security training and awareness: Conduct security training and awareness programs and determine skills training needs for development teams, promoting secure coding practices andawareness of common security vulnerabilities. Stay updated with the latest security trends, attack techniques, and best practices. + Incident response: Provide support during security incidents or breaches related to applications. Participate in incident response activities, including containment, investigation, and remediation. + Compliance and regulatory requirements: Ensure that applications adhere to relevant security compliance standards, industry regulations, and data privacy requirements (e.g., GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability)). Collaborate with compliance teams to address any compliance-related concerns. + Security documentation and reporting: Prepare and maintain security documentation, including security policies, procedures, and guidelines. Generate periodic reports on the security posture of applications and present findings to relevant stakeholders. Other responsibilities include: + Maintain and manage all pipelines from a security perspective. + Onboard new pipelines for security tooling. + Keep pipeline diagrams up to date with current security details. + Serve as the primary SME for the DAST scanner.This includes configuration, testing, vulnerability management, and remediation oversight. + Recommend continuous improvements for the SAST scanner. + Security code release approvals + Maintain and manage the WAF, including signatures, configuration, and threat intel feeds. + Serve as the SME and provide recommendations for ongoing improvements. + Establish baseline WAF signatures for XD Prod following the Silverline migration. + Baseline WAF signatures after code releases. + Serve as the primary point of contact for vetting bug reports and managing the informed disclosure process. + Assist with attestation data gathering. + Support and assist with threat modeling. + Act as the formal backup for the threat modeling and attestation processes. + Review and approve Security Assessment Review reports as needed. + Perform other duties as required. **Behavioral Competencies** + Ability to demonstrate and support the ISC2 Core Values: Integrity, Excellence, Inclusion, Advocacy and Commitment + Function as an architect, who can conduct architecture reviews of new systems and solutions. + Serve as a builder who can build and integrate application security in our SDLC. + Act as a collaborator, who likes to engage with the team and the industry. + Serve as a team player, who will jump in and assist in other security functions as needed. + Function as a leader, who will use your knowledge and to train and guide developers and engineers. + Demonstrate a passion for application security, creative and critical thinking, strong analysis skills, the ability to work in a fast-paced environment, and have familiarity with agile, continuous integration, and continuous deployment. + Experience in securing SaaS-delivered offerings in multiple cloud environments deployed with automation & orchestration. **Qualifications** + Ability to write some code, as needed, to conduct security-focused testing. + Application Experience with common testing tools such as Veracode, Fortify, Zap, Burp, and fiddler, among others. + Application Understanding of common vulnerabilities & remediation. + Application Knowledge and understanding of automation and scripting languages. + Design & code review skills. + A solid understanding of Microsoft platforms such as .NET, Windows, C#, Azure. + General Knowledge of cloud security, API (Application Programming Interface) security, and associated best practices. **Education and Work Experience** + Bachelor's degree in computer science, information systems, related engineering field. Will consider a high school diploma and 10+ years of relevant work experience, as well as current additional credentials (CCSP, GDSP, etc..) in lieu of a degree. + A CISSP and CSSLP are required for this position. + 8+ years of experience in Information Security. + 8+ years of experience with static and dynamic analysis for coding and vulnerability identification and remediation. + 5+ years of Secure Development experience. + Application Experience with implementing Secure Development Lifecycle in an agile environment. + First-hand experience with architectural reviews, application reviews, and penetration testing. + Application Experience with Continuous Integration processes, particularly with building security practices into the pipeline. **Physical and Mental Demands** + Ability to travel up to 10% of time. May also include overnight travel. + Work extended hours, when necessary. + Work in an office environment using dual monitor computer screens. + Sitting for extended periods. **Equal Employment Opportunity Statement** All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic as protected by applicable law. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. **Job Locations** _US-Remote_ **Posted Date** _2 weeks ago_ _(11/19/2025 1:29 PM)_ **_Job ID_** _2025-2253_ **_\# of Openings_** _1_ **_Category_** _Information Security_

CaptivateIQ is transforming the way companies plan, manage, and optimize sales performance. We started by revolutionizing incentive compensation management, and now we're expanding our platform to solve broader sales planning challenges. Recognized by industry analysts like Forrester and G2 and backed by top-tier investors, including Sequoia, ICONIQ and Accel, we empower high-growth companies like Netflix, Figma and Stripe with the flexibility and insights needed to drive revenue performance. Join a talented, fast-growing team committed to solving some of the most complex and impactful problems in sales performance management. About the RoleSecurity is a core value at CaptivateIQ. As we scale and expand our suite of services, embedding security into every phase of product development is critical to building trust in everything we deliver. As a Senior Security Engineer focused on Application & Product Security, you will own our AppSec strategy - driving threat modeling, secure architecture design, and offensive security testing. You will lead manual and automated penetration testing, manage AppSec tooling (SAST, DAST, SCA), and build developer enablement programs. You'll also be responsible for vulnerability management, incident response for application-layer events, and ensuring compliance alignment for SOC 2, ISO 27001, and privacy requirements. This role blends offensive and defensive expertise with strategic influence, giving you the autonomy to shape a scalable, modern AppSec program. Job Location RemoteRaleigh, NC Nashville, TN Toronto, Canada Responsibilities Threat Modeling & Architecture Reviews Mature and scale a modern threat modeling program across products and services. Enable secure by design architectures in collaboration with Engineering teams. Offensive Security Testing Conduct penetration tests (white-box and black-box) for web applications and APIs. Perform dynamic (DAST), static (SAST), and software composition (SCA) analysis. Simulate adversary attack scenarios to validate controls and identify gaps. Secure SDLC Integration Embed security into every stage of development; implement automated security tooling in CI/CD pipelines. Vulnerability Management Triage and prioritize application-layer vulnerabilities and guide engineering teams through remediation. Developer Enablement Deliver secure development and coding training; create resources to reduce recurring vulnerabilities. Bug Bounty Management Oversee Bug Bounty program, validate findings, and ensure timely resolution. Incident Response Leadership Lead investigations for application-layer security incidents and conduct post-incident analysis. Compliance Enablement Support audits, technical evidence collection, and control design for SOC 2, ISO 27001, and privacy-by-design requirements. Customer TrustContribute to customer security assessments, penetration test reports, and security documentation. Requirements 7+ years of experience in a security engineer or related role, including 4+ years specializing in web application, API, and product security. Deep expertise securing multi-tenant SaaS platforms and features. Strong communication and ability to influence software engineers and product managers. Advanced experience conducting penetration tests, code reviews, and vulnerability assessments. Expert knowledge of OWASP Top 10, web application and API security, and common vulnerability classes with practical remediation strategies. Hands-on experience with AppSec tooling (SAST, DAST, SCA) integrated into CI/CD pipelines. Strong programming and scripting skills (Python preferred) and ability to influence secure coding practices. Proven ability to lead incident response for application-layer security events. Familiarity with compliance frameworks (SOC 2, ISO 27001) and secure SDLC practices. Knowledge of privacy-by-design principles and data security in SaaS environments. Awareness of emerging AI/ML security risks and related countermeasures. Nice to have Certifications such as OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. Prior experience driving security engineering for a SaaS-based company. Experience leveraging automation or AI/ML tools to improve secure development, detection, incident response, or code analysis workflows. Benefits (US-ONLY) 100% of medical, dental, and vision covered including 75% for dependents Flexible vacation days and quarterly mental health days so you can recharge Enjoy a one-time expense on your 1-year work anniversary (to use for travel, home furnishings, fancy meal) (US-ONLY) 401k plan to participate in and save towards the future Newest Apple products to help you do your best work Employee Resource Groups (ERGs) to support and celebrate the shared identities and life experiences of communities within CaptivateIQ. ERGs directly support our company-wide DEI goals as a space for developing and retaining diverse talent Notice to Prospective Candidates Only emails ********************* should be trusted. We are aware of active recruitment scams using the CaptivateIQ name, in which individuals pose as our recruiters and post fake remote job openings and make fake job offers on the Internet. Please note, we will never do the following: Attempt to correspond with a candidate using a free web-based account, such as an email address that ends *************, @yahoo.com, @hotmail.com, etc. Make an offer of employment without conducting multiple rounds of interviews face-to-face using secure video-conferencing technology. Ask candidates to cash checks to buy equipment on behalf of CaptivateIQ. Ask candidates to make a payment in order to be considered for a position. Make early requests for candidates' personal information such as date of birth, passport details, credit card numbers, bank details and social security number, etc. Please note that we'll only ask for more sensitive personal information in connection with background checks after an offer is made. Participate in an on-call rotation to provide after-hours support, ensuring timely resolution of critical issues and maintaining system uptime. $154,500 - $197,760 a year The base range represents the minimum and maximum for this position across North America. For candidates in Raleigh , the range is $170,980-$197,760; for Toronto, and Nashville locations, the range is $154,500-$177,160. The compensation offered for this position will depend on numerous factors, including individual proficiency, anticipated performance, and the location of the selected candidate. Our OTE is just one component of CaptivateIQ's competitive total rewards package. CaptivateIQ participates in E-Verify, web-based system that allows enrolled employers to confirm the eligibility of their employees to work in the United States We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Job Description OUR MISSION We exist to create a more connected, compassionate, and confident experience for people with cancer and those who care for them. We make it easier to get answers, access high-quality care quickly, and feel supported throughout treatment and beyond. Today, Thyme Care is a market-leading value-based oncology care enabler, partnering with national and regional health plans, providers, and employers to deliver better outcomes and lower costs for thousands of people across the country. Our model combines high-touch human support with powerful technology and AI to bring together everyone involved in a person's cancer journey: caregivers, oncologists, health plans, and employers. As a tech-native organization, we believe technology should strengthen the human connection at the center of care. Through data science, automation, and AI, we simplify complexity, improve collaboration, and help care teams focus on what matters most: supporting people through cancer. Looking ahead, our vision is bold: to become a household name in cancer care, where every person diagnosed asks for Thyme Care by name. If you're inspired to make cancer care more human and to help reimagine what's possible, we'd love to meet you. Together, we can build a future where every person with cancer feels truly cared for, in every moment that matters. WHAT YOU'LL DO As a Senior Security Engineer, you strengthen Thyme Care's security posture across our platform and infrastructure. You work closely with our Platform engineering team, IT, and virtual CISO to identify risks, harden our architecture, and embed security by design across engineering. You balance hands-on technical execution with coaching engineers to build secure practices by default. Proactively identify and close gaps in cloud, network, and application security architecture Lead security reviews of code and infrastructure, conduct threat modeling and partner with Eng squads on secure-by-default design Configure, tune, and monitor key security tools (e.g., Nightfall, GuardDuty, endpoint agents) to surface actionable alerts Triage and approve incoming security-related requests (applications, packages, Chrome extensions) Own technical response during a live security incident - from triage and log analysis to containment - in partnership with CISO, Engineering, and IT Build additional and low-friction security automation into CI/CD pipelines (dependency checks, SAST/DAST, IaC scanning) Partner with engineers to establish best practices and elevate secure coding practices without slowing delivery WHAT YOU'VE DONE Experience in application and infrastructure security, ideally in a healthcare or regulated environment Expertise with cloud security (AWS), IAM, CI/CD pipelines, and core security tools Background in securing public-facing APIs, web apps, and data platforms Knowledge of security monitoring, alerting, and incident response practices Ability to triage and operationalize security requests with pragmatism and rigor Comfortability working in fast-paced, scaling environments where priorities shift quickly WHAT LEADS TO SUCCESS Act with our members in mind. You protect sensitive health data with urgency and care. Move with purpose. You take initiative, surface risks, and close them. Seek diverse perspectives. You collaborate with engineers, IT, and leadership, and know when to pull in external expertise. Technical ability. You bring confidence and depth to lead reviews and guide secure outcomes. Clear communication. You translate complex security concepts for technical and non-technical audiences. Calm under pressure. You take ownership during incidents and drive resolution. OUR VALUES At Thyme Care, our core values guide us in everything we do: Act with our members in mind, Move with purpose, and Seek diverse perspectives. They anchor our business decisions, including how we grow, the products we make, and the paths we choose-or don't choose. Our salary ranges are based on paying competitively for our size and industry, and are one part of the total compensation package that also includes equity, benefits, and other opportunities at Thyme Care. Individual pay decisions are based on several factors, including qualifications, experience level, skillset, and balancing internal equity relative to other Thyme Care employees. The base salary for this role is $175,500 to $195,000. The salary range could be lower or higher than this if the role is hired at another level. We recognize a history of inequality in healthcare. We're here to challenge the status quo and create a culture of inclusion through the care we give and the company we build. We embrace and celebrate a diversity of perspectives in reflection of our members and the members we serve. We are an equal-opportunity employer. Be cautious of recruitment fraud , and always confirm that communications are coming from an official Thyme Care email.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Security Engineer - Cloud - Hybrid Opportunity This is a hybrid position based at our corporate office in Brentwood, TN, with on-site work required Monday through Wednesday. We are seeking a Cloud Security Engineer to join our cybersecurity team. This role will lead the design, implementation, and management of secure cloud environments while also contributing to broader security operations. In addition to cloud security responsibilities, this position will support functions like endpoint hardening, vulnerability management, Microsoft 365 security tickets, proactive investigations into potentially malicious domains, and other security tasks as assigned. Essential Duties and Responsibilities: The Security Engineer is expected to have competency in a variety of security platforms, potentially including the implementation & operation of several of the following: Cloud Security & Architecture: * Design, implement, and maintain secure cloud configurations in line with best practices. * Monitor and improve cloud security posture using available tools and platforms. Endpoint & Vulnerability Management: * Harden and secure enterprise endpoints across the organization. * Identify, assess, and remediate vulnerabilities in a timely manner. Threat Investigation & Response: * Investigate potential phishing domain registrations and other external threats. * Respond to and investigate security alerts across cloud and enterprise systems. Microsoft 365 & Security Support: * Address Microsoft 365 security-related tickets and requests. * Support security controls and configurations for enterprise collaboration tools. Also, the Security Engineer will participate in the following operational activities: * Incident response * Creating reports for management * Analyze security solutions and seek improvements on a continuous basis * Find cost-effective solutions to cybersecurity problems * Other duties as assigned Education Requirements: * High School diploma required. * Bachelor's or master's degree in security or technology field (or other related field), or equivalent work experience. Recommended Experience: * Cloud security hardening with platforms such as AWS, GCP and Microsoft Azure * Cloud Security platforms * Vulnerability management platforms * Workstation full disk encryption solutions * EDR consoles & deployments * SIEM monitoring and deployment * Firewall rule review/configuration * IPS (host, network) configuration & operation * Encryption tools & key management * Virtualized, Hybrid, & Cloud environments * NIST, ISO, or other security program frameworks * Holds a current security- or audit-focused certification such as CISSP, GIAC, CEH, etc. Required * Minimum 5 years of experience in cybersecurity principles, cyber threats and vulnerabilities. * Requires knowledge of regulatory compliance, including SOX, PCI, and HIPAA requirements for information systems, security and privacy. #100

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Arctiq is a leader in professional IT services and managed services across three core Centers of Excellence: Enterprise Security, Modern Infrastructure and Platform Engineering. Renowned for our ability to architect intelligence, we connect, protect, and transform organizations, empowering them to thrive in today's digital landscape. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries. Position Overview: We are looking for a highly skilled and motivated Cloud Security Consultant to join our team. In this role, you will be a key contributor in defining, architecting, and implementing cloud security best practices for our clients. You will be responsible for helping customers secure their cloud environments, implement zero-trust architectures, and integrate robust application security controls into their DevOps pipelines. Responsibilities: Guide end-to-end client involvement, covering opportunity identification, proposal processes, architecture and design, and project delivery following industry best practices. Act as a subject matter expert for securely developing applications and deploying them into cloud environments. Lead clients towards industry best practices in cloud security, including WAF, IAM, hardening, load balancing, and zero trust. Collaborate with client development teams to implement application security practices (separation of duties, etc.) and technologies (such as SCA/SAST/SBOM) across the Software Development Life Cycle (SDLC). Develop innovative solutions, architectures, proof of concepts, demo/lab environments, and compelling business cases for application and cloud security. Work closely with the Project Management Office (PMO) to provide visibility into project delivery scope, timelines, and expectations. Ensure the delivery of high-quality projects on time and within budget. Collaborate with Partner and Marketing teams to develop content, including sales collateral, blog posts, podcasts, and live workshops. Present at company and partner events, contributing to thought leadership in the industry. Provide mentorship and coaching to junior team members, fostering professional development. Actively participate in professional associations, industry events, and community engagements, contributing intellectual property (IP) development. Keep abreast of industry trends and technology developments by maintaining partner certifications and actively participating in technology events. Develop and lead the vision for building and scaling a modern cloud security practice. How will you stand out? Lead and perform comprehensive cloud security assessments, focusing on governance, Identity and Access Management (IAM), network security, and data protection. Design and implement Zero Trust Network Access (ZTNA) solutions, with a focus on platforms like Cloudflare Zero Trust. Advise and guide customers on Application Security (AppSec) best practices, including the implementation of quality gates and security scanning tools (e.g., Wiz Cloud, Snyk, Checkmarx, SonarQube) within CI/CD pipelines. Knowledge of SCA, SAST, DAST, IAST, RASP tools for meticulous source code and application security and vulnerability analysis. Knowledge of CNAPP concepts and seamless integration within AWS, GCP, Azure environments. Knowledge of container and Kubernetes hardening, emphasizing security best practices. Knowledge of secure coding practices and the ability to review and provide guidance on application code for security vulnerabilities. Capable of conducting security code reviews to identify complex security issues that automated tools might miss. Experience in integrating security seamlessly into SDLC CI/CD pipelines for automated checks and validations. Proficiency in conducting threat modeling exercises to identify and mitigate potential security threats early in the development process. Implementation of secure logging practices with observability tools for proactive threat detection. Ability to create and maintain comprehensive security documentation, including requirements and guidelines. Proactive promoter of a security-first mindset, advocating robust security within the DevOps culture. Enthusiastic about Application and Cloud Security, staying abreast of industry advancements and driving improvements. What will you bring to the role? Over 5 years of hands-on experience in technical infrastructure (cloud and on-premise), encompassing systems design, deployment, maintenance, and troubleshooting. Over 2 years of experience with provisioning infrastructure through IAC (preferably Terraform) and cloud automation principles Demonstrated and applied experience in establishing and delivering complex projects, showcasing a track record of successful implementations. Experienced in configuring, deploying, and maintaining containers and related orchestration platforms, including Docker, Kubernetes, OCP, GKE, and AKS. Proficient use of SCM tools such as Git, GitHub, and GitLab for efficient version control and collaborative development. Experience with automation and configuration management solutions, utilizing tools like Ansible, Terraform, Octopus Deploy, AWS Config, and Azure Automation & Control. Experience in secrets management solutions like KMS, HSMs, Hashicorp Vault Proven experience in cloud security, with a strong understanding of major cloud platforms (AWS, Azure, GCP). Hands-on experience with cloud security assessments and compliance frameworks. Expertise in Zero Trust architectures and solutions. Deep knowledge of Application Security (AppSec) principles and security scanning tools. Experience in a professional services or consulting practice, with the ability to multitask and engage with multiple clients simultaneously. Strong communication and client-facing skills, with the ability to translate complex technical concepts into clear business value. Desired Certifications: Preference will be given to those applications who have some of the following, general cyber security certifications may also be considered. SAST tools (Snyk, Checkmarx, GitHub Advanced Security) CNAPP tools (Lacework, Aqua, SysDig) Public Cloud Professional Certifications (Azure, AWS, GCP) CNCF Kubernetes Certification (CKA, CKS) Arctiq is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply. We thank you for your interest in joining the Arctiq team! While we welcome all applicants, only those who are selected for an interview will be contacted.

Location: This role requires associates to be in-office 1 day per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Ideal candidates will be able to report to one of our Pulse Point locations in Indianapolis, IN or Nashville, TN. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The Information Security Executive Advisor (Business Information Security Officer- BISO) develops strategic and tactical plans for a comprehensive enterprise-wide information security program. Leads the development of policies, technical standards, guidelines, procedures, and other elements of an infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls. Responsible for the selection and delivery of strategic network security, access control and secure transaction/messaging solutions. How you will make an impact: * Establishes architecture oversight and planning for information and network security technologies. * Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations. * Establishes strategic vendor relationships for security products and services. * Develops Enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements. * Provides advanced level engineering design functions. * Provides trouble resolution and serves as point of technical escalation on complex problems. * Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the Enterprise. * Provides technical guidance and leadership to the technical engineers within the organization. * Participates in the design of the Enterprise architecture. * Proposes opportunities to improve results based on targeted or continuous assessment. * Researches relevant trends and activities in healthcare, business, competition and regulatory environments. * Recommends strategy adjustments. * Participates in Enterprise planning activity, including vendor assessment, technology platform selection and retirement, prioritization and integration. * Serves as a technical merger and acquisition lead. * Acts as a subject matter expert for executive management. * Provides top-tier support for 6 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security. Minimum Requirements: Requires BS/BA in Information Technology or related field of study and a minimum of 10 years of experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background. Preferred Skills, Capabilities and Experiences: * Previous experience leading large security projects for individual business units highly preferred. * Expert Business Information Security Liaison experience highly preferred. * Ability to operate with ambiguous data to create a strategy and plan preferred. * Broad-based experience to plan and design highly complex systems preferred. * Expert knowledge and understanding of industry-accepted data processing controls and concepts preferred. * Security Certifications such as CISSP and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Systems Security Engineering Professional, Certification and Accreditation or equivalent certifications) preferred. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

This role supports the advancement of the organization's Information Security Program, ensuring robust protection of customer, consumer, and proprietary data against evolving threats. The position is a key player with strategic initiatives, enforces corporate and regulatory compliance, and continuously enhances security posture through proactive risk management and visibility improvements. Essential Duties and Responsibilities: * Support the security strategies aligned with organizational goals. * Lead or serve as a key participant in audits, regulatory examinations, and vendor assessments. * Ensure compliance with industry standards and regulatory requirements. * Maintain InfoSec dashboards using Power BI to track key metrics and identify trends. * Provide actionable insights to leadership for continuous improvement of security controls. * Implement and optimize security measures to reduce network risk and enhance visibility. * Continuously improve security controls, policies, and procedures to address emerging threats. * Manage and audit intrusion prevention systems, SIEM, antivirus, vulnerability management, and content filtering solutions. * Oversee patch management for operating systems, applications, and hardware. * Partner with technology and compliance teams to resolve security issues and implement strategic initiatives. * Manage Data Security Posture Management (DSPM) and Data Loss Prevention (DLP) tools and associated governance controls. Education and/or Experience * Bachelor's degree or equivalent experience * 5+ years in Information Security or IT Audit, with demonstrated leadership in security strategy and risk management. * CISSP required Skills and Abilities * Ability to assess, prioritize, and mitigate risks across complex environments. * Strong experience with audit processes, regulatory examinations, and vendor risk assessments. * Skilled in translating technical data into actionable insights for leadership * Ability to demonstrate the highest level of ethical behavior and confidentiality and maintain confidentiality with sensitive information. * Respectful demeanor toward other associates and managers that promotes a positive and professional work environment.

Job Requirements & Qualifications: •Designs, put into practice, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner. •Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services). •Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC. •Maintains knowledge of current and up-and-coming security, compliance, and technical developments. Identifies present and prospective future vulnerabilities and collaborates with suitable leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines. •Works with the information security management team to administer, maintain, and continuously improve HIPAA, PCI DSS, SOX, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans. •Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements. •Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security. •Guide and cross-train junior department team members lead meetings construct and uphold strong partnerships with multiple departments coordinate vendor support engagements etc. Knowledge, Skills, and Abilities •Knowledgeable with and ability to apply time-proven, generally-accepted security management concepts, techniques, and methodologies. •Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources. •Strong, efficient written and verbal communication skills that enables effective communications to multiple audiences. •Ability to occasionally work unscheduled shifts and in an on-call capacity and be available for occasional travel (up to 25%). •Strong internal (security recommendations) and external (vendor support) negotiation skills. •Ability to influence and encourage others. •Strong understanding of PCI, HIPAA, and SOC regulatory requirements. •Development/analysis proficiency in one or more scripting languages. •Development/analysis proficiency in TSQL. •Capability to learn and preserve new skills required to adapt to growing business and technical environments. •Strong perceptive of present and emergent information security technologies and trends. Qualifications Work Experience and/or Education •Bachelor's and/or Master's degree in information security or computer information systems. •6+ years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives. •Active CISA, CISSP, or CISM certification. •Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AS400, PAN OS, AIX, Cisco IOS, etc.) enterprise services (e.g. directory services, email, web publishing, database, virtualization, etc.) content management, client-server, and collaboration, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc. •Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management. Additional Information

Our client is seeking an Infrastructure & Information Security Manager to lead and advance the company's information security strategy-safeguarding data, systems, and assets across all platforms. In this role, you will design, implement, and continuously enhance security policies, risk management frameworks, and incident response processes that support regulatory and operational standards. You will partner with senior leadership and cross-functional teams to identify risks, implement safeguards, drive compliance, and foster a culture of security awareness. Responsibilities Strategic Planning and Execution + Define and lead the organization's information security strategy, aligning with business goals, regulatory requirements, and client expectations. + Develop and maintain security policies, standards, and procedures to support secure operations across all platforms. + Establish risk management frameworks and governance models to assess, monitor, and mitigate security risks across the technology ecosystem. + Evaluate emerging threats, technologies, and best practices to inform the security strategy and support continuous improvement. Team Leadership and Development + Partner with cross-functional teams to embed security concepts into technology initiatives, operational processes, and client service delivery. + Provide training and development opportunities to strengthen internal security capabilities and promote a culture of security awareness. + Define team roles, responsibilities, and performance expectations aligned with the organization's strategic priorities. Operational Management and Delivery + Oversee the implementation and management of security tools, systems, and controls across infrastructure platforms. + Lead incident response planning and execution to ensure timely resolution of security events and effective stakeholder communication. + Manage third-party risk assessments, vendor security reviews, and compliance audits to drive adherence to organizational standards. + Monitor security performance, conduct vulnerability assessments, and implement remediation plans that meet critical business needs. Continuous Improvement and Innovation + Identify opportunities to enhance security operations through automation, analytics, and integration with broader technology initiatives. + Stay informed on legal industry trends, regulatory developments, and cybersecurity innovations-especially as they relate to legal technology. + Lead initiatives to modernize the organization's security architecture, enhancing scalability and resilience. + Gather feedback from stakeholders to refine security practices and drive alignment with evolving business and client needs. Requirements Education & Credentials + College degree strongly preferred, ideally in a technology-related field. + Relevant technical certifications are strongly preferred. Knowledge & Experience + Extensive experience leading information security programs, preferably within legal or professional services. + Technical expertise in cybersecurity architecture, risk management, and incident response. + Familiarity with enterprise systems, cloud platforms, and legal operations workflows, with the ability to integrate security into business processes. + Proven ability to manage security teams, lead cross-functional initiatives, and deliver results in complex environments. + Experience conducting security assessments, managing audits, and maintaining compliance with data privacy and regulatory standards. + Strong communication and stakeholder engagement skills, with the ability to translate technical risks into business context. + Demonstrated commitment to innovation, continuous improvement, and operational excellence in in security practices. Technology Doesn't Change the World, People Do. Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles. Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more. All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information. © 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use (https://www.roberthalf.com/us/en/terms) .

Title: Temporary - Cyber Security Analyst Under the directive of the Information Security Officer, the cyber security analyst will implement security strategies and best practices in accordance with regulatory standards. ESSENTIAL JOB FUNCTIONS/JOB DUTIES AND RESPONSIBILITIES Conduct or coordinate vulnerability scans and document findings and risk mitigation strategies. Implement, monitor and maintain preventive and detective controls. Operate, administer and monitor network and host-based intrusion detection/prevention systems. Operate, administer and monitor Microsoft Defender SIEM. Analyze network traffic, intrusion attempts, activity logs and system alerts for trends, anomalies and potential security breaches. Analyze compromised computing resources to improve security design and policy compliance. Research, analyze, test and implement new security software solutions. Enforce security policies and procedures by administering and monitoring security profiles. Perform other duties as assigned. REQUIRED QUALIFICATIONS High School Diploma or GED One year of experience in information security and compliance regulations. Proficiency with Microsoft applications. PREFERRED QUALIFICATIONS Certificate in information security, i.e., Security+, Pen+, Ethical Hacker. Experience with SIEM (Microsoft Defender). Experience in phishing campaign/training. KNOWLEDGE, SKILLS AND ABILITIES Basic knowledge of incident response procedures. Knowledge of OSI Model and concepts. Knowledge of Information Security Concepts. Strong analytical, organizational and writing skills. Knowledge of NIST, CIS and FERPA controls. Interpersonal skills to effectively collaborate with both technical and non-technical personnel across different organizational levels. Experience utilizing IT security systems and tools, including analyzing logs for security breaches. Ability to adhere to department processes and procedures. Demonstrated skills applying security controls to computer software and hardware. Basic proficiency in reading and interpreting security logs. Fundamental knowledge of vulnerability scanning and Basic knowledge of risk assessments procedures. Open Until Filled: Yes Rate of Pay: $20.00 per hour Work Hours: Up to 28 hours per week Special Instructions to Applicants: Unofficial transcripts are acceptable for the application process. Official transcripts are required upon hire. Applicants may be subject to a background check. Nashville State offers flexible work arrangements for positions that qualify.

The IT Network Security Admin role is responsible for designing, implementing, and managing the organization's network infrastructure and security protocols. This role involves monitoring network performance, safeguarding systems against threats, and ensuring compliance with security policies and regulations. The Network and Security Admin will collaborate with cross-functional teams to develop and maintain secure network architectures, conduct risk assessments, and respond to security incidents. A strong understanding of network technologies and security best practices is essential for this position. They are responsible for protecting ACP networks and systems from cyber attacks and unauthorized access. This requires the role to anticipate and defend against cyber threats and work with IT Management to plan and react to events to protect ACP data. In addition to day-to-day cybersecurity monitoring and projects, this role performs Infrastructure actions as required ranging from systems to network installations and fixes. This is to ensure the current servers, systems, and network are stable, patched, and secure. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements 10+ years' experience working in IT as Systems/Network/Security Admin role combined. Minimum 3 years' experience specifically focused on Cybersecurity role required. Knowledge and experience with Cybersecurity related skills such as Intrusion Detection, Endpoint Management, Data Security, Network and Network Security. Knowledge of virtualization, systems, hardware, and automation tools such as VMWare, SolarWinds, and SANs. Familiar with running scripts for deploying patches and PowerShell. Skill with computer networks including subnetting, routing, DNS and DHCP. Specifically, Cisco Meraki Architecture and Firewalls. Responsible for maintaining and reviewing documentation of complex systems for patch cycles and vulnerabilities. Excellent written and oral skills - this position writes many emails and communicates verbally and through instant message medium often. Familiar with Microsoft software and Operating Systems, and varied business programs. Proficient in Cybersecurity technologies. Certifications and/or training programs strongly preferred.

Meta Platforms, Inc. (Meta), formerly known as Facebook Inc., builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. To apply, click "Apply to Job" online on this web page. **Required Skills:** Security Engineer Responsibilities: 1. Build tools that enable connectivity to our infrastructure only from Meta owned and managed devices. 2. Build machine attestation and secure certificate storage solutions to enable strong client trust. 3. Deploy systems that help mitigate security risks by understanding and controlling what software is allowed to execute on our client devices. 4. Develop, validate, and enforce our client security policies. 5. Build and deploy tools and automation that proactively detect and respond to security risks and threats to internal corporate services. 6. Advise and collaborate with other teams. 7. Telecommuting from anywhere in the U.S. allowed. **Minimum Qualifications:** Minimum Qualifications: 8. Requires Bachelor's Degree (or foreign equivalent) in Computer Science, Engineering or a related field and 1 year of experience in the job offered or a computer-related occupation 9. Requires 12 months of experience involving the following: 10. PHP, Golang, Python, C/C++, Rush, or Ruby 11. Designing and deploying security infrastructure such as PKI, key management, and certificate management 12. Endpoint Security & Management 13. Certificate Lifecycle 14. Devices & OS hardening and security policies 15. Identity & Access Management (Authentication & Authorization, SSO) 16. Network Security and 17. Programming and Code Review **Public Compensation:** $178,041/year to $200,200/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

**Your Work Shapes the World at Caterpillar Inc.** When you join Caterpillar, you're joining a global team who cares not just about the work we do - but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here - we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it. **ERP SAP Application Security Analyst** The Caterpillar Information Technology ERP SAP Application Security team is seeking a Senior IT Applications Analyst. As a member of the ERP Application Security team, you will be responsible for safeguarding the integrity, confidentiality, and availability of ERP systems by designing, implementing, and managing security policies and procedures. This role involves analyzing business requirements, configuring ERP roles and authorizations, monitoring user access, and ensuring compliance with internal and external regulations. **What You Will Do:** + Design, implement, and maintain SAP ERP security roles and authorizations to meet business and compliance requirements. + Use established ERP change and transport management methodology to promote approved changes to production. + Monitor and manage user access, segregation of duties (SoD), and privileged accounts within the ERP environment. + Track and resolve incidents, service requests, and system changes, ensuring proper documentation and compliance with change control processes. + Identify opportunities to optimize current processes, enhance system performance, and improve user experience. + Support technical and operational go-lives for deployments and software upgrades. + Participate in regular security audits, risk assessments, and vulnerability analyses to identify and address potential issues. + Collaborate with business stakeholders, IT teams, and auditors to ensure security controls align with organizational policies and regulatory standards. + Provide support for request and incident response, troubleshooting, and resolution of security-related ERP issues. + Maintain documentation of security policies, procedures, and changes within the ERP landscape. + Drive internal projects as needed to maintain client integrity. **Top Candidates Will Have:** + Excellent analytical, problem-solving, and communication skills. + AI skills for automation of manual team tasks + Expertise with audit processes, SOX compliance, and risk management principles. + Ability to support Sap Governance Risk and Control AC/PC + ECC to S4 conversion knowledge **Skills Descriptors:** + **Core Application Systems:** Knowledge of major production application systems used for delivery services to internal and external clients; ability to leverage major production application systems in diverse situations. + **IT Standards, Procedures & Policies** : Knowledge of Information Technology (IT) standards and policies; ability to utilize a variety of administrative skills sets and technical knowledge to manage organizational IT policies, standards, and procedures. + **Business Process Improvement** : Knowledge of business process improvement best practices and ability to use methods for identifying, evaluating, introducing, and implementing more efficient approaches to performing business related activities. + **Accuracy and Attention to Detail:** Understanding the necessity and value of accuracy; ability to complete tasks with elevated levels of precision. + **Problem Solving:** Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations. + **Application Design, Architecture:** Knowledge of basic activities and deliverables of application design; ability to utilize application design methodologies, tools and techniques to convert business requirements and logical models into a technical application design. **Implementation:** Knowledge of how to run applications for organizations; ability to implement application software within an organization and help end-users perform specific tasks (ex: accounting or graphic design). + **Requirements Analysis:** Knowledge of tools, methods, and techniques of requirement analysis; ability to elicit, analyze and record required business functionality and non-functionality requirements to ensure the success of a system or software development project. + **System Testing** : Knowledge of system and software testing; ability to design, plan and execute system testing strategies and tactics to ensure the quality of software at all stages of the system life cycle. + **Technical Troubleshooting:** Knowledge of technical troubleshooting approaches, tools, and techniques; ability to anticipate, recognize, and resolve technical issues on hardware, software, application or operation. **Additional Information** : + Location for this role is Peoria, IL, Dallas, TX or Nashville, TN + This role requires 5 days onsite. + **SPONSORSHIP IS NOT AVAILABLE.** + This position may require 10% travel. + Relocation is not available. **What You Will Get:** + Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world. + Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays. + All qualified individuals - Including minorities, females, veterans, and individuals with disabilities - are encouraged to apply. **About Caterpillar -** Caterpillar Inc. is the world's leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we've been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed. **Summary Pay Range:** $110,520.00 - $165,840.00 Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar. **Benefits:** Subject to plan eligibility, terms, and guidelines. This is a summary list of benefits. + Medical, dental, and vision benefits* + Paid time off plan (Vacation, Holidays, Volunteer, etc.)* + 401(k) savings plans* + Health Savings Account (HSA)* + Flexible Spending Accounts (FSAs)* + Health Lifestyle Programs* + Employee Assistance Program* + Voluntary Benefits and Employee Discounts* + Career Development* + Incentive bonus* + Disability benefits + Life Insurance + Parental leave + Adoption benefits + Tuition Reimbursement * These benefits also apply to part-time employees **Posting Dates:** December 1, 2025 - December 11, 2025 Any offer of employment is conditioned upon the successful completion of a drug screen. Caterpillar is an Equal Opportunity Employer, Including Veterans and Individuals with Disabilities. Qualified applicants of any age are encouraged to apply. Not ready to apply? Join our Talent Community (*********************************************** .

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************