Security engineer jobs in Norman, OK

As a key member of Oracle Cloud Infrastructure's (OCI) Security Organization, you will play a critical role in safeguarding the cloud and broader enterprise from adversaries and insider threats. As our team continues to grow and expand into ambitious new initiatives, we seek a **Consulting Security Engineer** to lead and contribute to critical security engineering imperatives. In this highly visible role within the OCI and Infrastructure Security, you will research, innovate on, and design engineering/ process solutions. You will tackle broad security initiatives across cloud, product, and infrastructure security topics such as AI, Hardware, Network, Cryptography. You will partner closely with Cloud Security leadership and collaborate across OCI and broader Oracle business operations and leadership teams to drive security excellence. Success in this role requires a results-driven, self-starter with a strong sense of ownership, accountability, and the ability to influence and engage with senior security and technology leaders and their engineering teams. The ideal candidate brings deep expertise in security engineering, networking, and cloud computing. Strong executive communication, stakeholder engagement, attention to detail, and problem-solving capabilities are essential to thrive in this role. This is a high-impact, strategic position that offers the opportunity to shape the future of OCI and make a lasting impact across the cloud security ecosystem. **Responsibilities** Key Responsibilities: + **Security Deep Dive** : Investigate the security posture, controls, and risks associated with complex architectures and lifecycle management. + **Security Innovation** : Drive security innovation across legacy and nascent product and cloud services. + **Data-Driven Decision Making** : Analyze and interpret complex datasets using scripts, Python, or other analytics tools to identify trends, generate insights, and provide actionable recommendations to leadership. + **Global Stakeholder Collaboration** : Establish strong relationships with cross-functional partners and senior leadership to align cybersecurity initiatives with business objectives. + **Cross-Functional Communication** : Facilitate clear, concise communication across teams, ensuring alignment on key priorities and enabling effective decision-making at all levels. + **Executive Reporting & Presentations** : Develop high-impact reports, dashboards, and presentations tailored for senior leadership, ensuring clarity, professionalism, and strategic insight. + **Strategic Planning & Execution** : Define project requirements, establish roadmaps, and manage execution for complex cybersecurity programs, balancing long-term strategy with immediate business needs. + **Issue & Risk Management** : Identify, assess, and mitigate program risks and blockers, ensuring continued progress toward cybersecurity and operational goals. + **Security Program Oversight** : Oversee multiple security initiatives, ensuring alignment with organizational security objectives and compliance requirements. + **Problem Solving & Critical Thinking** : Leverage data-driven methodologies to solve complex business and technical challenges, optimizing cybersecurity operations for effectiveness and efficiency. + **AI Enablement** : Help innovate and drive AI capabilities to streamline security operations and create security insights. + **Security Tooling:** Collaborate with cross-functional teams to enhance security tooling, CI/CD pipelines and tools, ensuring alignment with OCI's cloud strategy and compliance requirements. + **Industry Policies:** Partner with stakeholders to define and implement policies that align with industry best practices and compliance standards. + **Security by Default:** Implement closed-loop mechanisms to continuously improve security by default. Responsible for the planning, design and build of security architectures; oversees the implementation of network and computer security and ensures compliance with corporate security policies and procedures. + **Emerging Security Trends:** Stay informed about emerging technologies and industry trends, integrating new software solutions to strengthen risk reduction strategies. + **Security Mentoring:** Guide and mentor junior security team members. Additionally: Responsible for expert planning, design and build of security systems, applications, environments and architectures; oversees the implementation of security systems, applications, environments and architectures and ensures compliance with information security standards and corporate security policies and procedures. Evaluates existing and proposed technical architectures for security risk, provides expert technical advice to support the design and development of secure architectures and recommends security controls to mitigate those risks. Evaluations of internal security architecture may include design assessment, risk assessment, and threat modeling. Provides expert technical advice and direction to support the design and development of secure architectures. Maintain expert proficiency in emerging trends in information security. Determine the best practices for the large-scale Big Data infrastructure used by some Oracle LOBs, including tooling, data architecture, and content. May lead incident management teams and provide expert level incident management expertise. Coordinates incidents with other business units and may act as incident commander of multiple serious incidents. Leads development of new methods, playbooks and provide thought-leadership related to incident management throughout Oracle. May provide leadership in an incident management team, bringing expert-level skills to respond to security events in line with Oracle incident response playbooks. Investigates purported intrusions and breaches, and oversees root cause analysis. Coordinates incidents with other business units and may act as Incident Commander on multiple serious incidents. Leads development of new methods, and playbooks, as well as highly sophisticated scripts, applications, and tools. Trains and mentors other staff, and may supervise incident management teams. Brings expert-level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required, but no computer programming/scripting knowledge is required. Leads development of highly sophisticated scripts, applications, and tools, and trains others in their use. Focus on operational and strategic level tasks, and provide counsel and guidance to the junior level security operations engineers in the department. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $120,100 to $251,600 per annum. May be eligible for bonus, equity, and compensation deferral. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC5 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

**_Job Title:_** Lead Adversarial Security Engineer **About** **Trellix:** **Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.** Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at ************************ . **_Role Overview:_** Trellix is seeking an Adversarial Security Engineer to lead the evolution of its cybersecurity posture. This is a senior, hands-on, remote-first role for a red/blue/purple expert who possesses a valuable blend of offensive tradecraft and defensive-engineering skills. **Role Overview:** As a lead member of the security operations team, and reporting to the Deputy CISO the mission of this role is to bridge the gap between "what if" and "what is" to continuously test the organization's defenses, find gaps, and personally lead the engineering effort to close them. By collaborating with the Security Operations Center (SOC), Threat Intelligence, and infrastructure teams, this expert will act as a force multiplier, mentoring junior security operations staff and providing the technical leadership to measurably improve the ability to detect and respond to advanced threats. **About the role:** + Plan and execute sophisticated, end-to-end red team engagements against our on-premise and cloud infrastructure. + Develop and validate new detection logic, transforming the results of your own attacks into high-fidelity alerts. + Lead continuous purple team exercises, acting as the primary bridge between the SOC, Threat Intelligence, and Detection Engineering teams. + Leverage Attack Surface Management (ASM) data to find "Shadow IT" and prioritize your offensive operations based on the most likely and impactful attack vectors. + Act as a senior technical leader, mentoring SOC analysts and junior engineers on advanced attack chains, detection theory, and defensive best practices. + Communicate complex findings and remediation strategies to a wide range of stakeholders, from highly technical engineers to executive leadership. **About you:** + You have a blended career path of 7+ years, demonstrating experience in both offensive security (like Red Teaming) and defensive operations (like Detection Engineering or Threat Hunting). + You possess exceptional communication skills, with an ability to create reports and presentations for both highly technical and executive audiences. + You are a U.S. citizen. + Your technical expertise is built on a deep, practical understanding of frameworks like MITRE ATT&CK and the Diamond Model. + You have proficiency in modern offensive tools and C2 frameworks (e.g., Cobalt Strike, Metasploit) and/or experience developing custom attack methods to evade EDR and network controls. + You are proficient in writing, tuning, and validating detection logic in SIEM and EDR platforms. + Your knowledge of automation is clear from your proficiency in any scripting languages such as Python or PowerShell. + You have practical experience assessing and defending modern cloud environments. + You may hold advanced offensive (e.g., OSCP, OSEP, GXPN) or defensive (e.g., GCIH, GDAT) certifications. + You may contribute to the community through public-facing research, conference talks, or open-source tools. **_Company Benefits and Perks:_** We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. + Retirement Plans + Medical, Dental and Vision Coverage + Paid Time Off + Paid Parental Leave + Support for Community Involvement We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

**Job Opportunity is actually with a company called Western Farmers Electric Cooperative (WFEC)** Under the general supervision of the Supervisor, IT Infrastructure, the Cyber Threat Analyst performs monitoring and analysis of cyber threats to assist in the defense of WFEC cyber systems and operations. The incumbent will curate and triage intelligence from multiple cyber intelligence sources and will inform the security operations with timely and relevant TTPs, IOCs, and context. The incumbent will generate reports for upper management based on data, information, and intelligence. The incumbent must understand the MITRE ATT&CK framework and be able to integrate the framework in the reporting. The Cyber Threat Analyst will develop and document threat hunt activities based on intelligence, scenarios, and observations. The incumbent develops, maintains, and supports systems that provide collection capabilities and telemetry information to the organization. In addition, the incumbent performs troubleshooting, installation, and maintenance on equipment and software systems related to NERC CIP. The incumbent performs change management and configuration activities, security controls testing, system baseline activities, vulnerability testing and analysis, and network traffic analysis to ensure system reliability and security. The incumbent participates in in-house, regulatory, and industry teams, including working groups, committees, incident response teams, and business continuity teams as required. Also, the incumbent participates in exercises that test policies, procedures, and skills which are required by business and critical operations. The incumbent responds to anomalous events that will require analysis and will have to synthesize and correlate complex events to ensure operational security.

The Senior IT Security Analyst is responsible for managing activities relating to monitoring and responding to security events. The analyst is responsible for monitoring application, host, and network threats, including external threat actors and rogue insiders. As a trusted member of the Information Security team and industry community, the analyst works closely with internal technical teams, business units, and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, and government agencies. The analyst is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Analysts are expected to continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. Analysts in this role are expected to consistently learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business. Duties & Responsibilities * Responsible for developing, managing, and maintaining threat intelligence and threat hunting program and processes * Regularly research and identify emerging threats, TTPs in public and closed forums, and work with colleagues to access risk and implement/validate controls as necessary. * Assist with Security Operations activities, including but not limited to, triage of alarms/alerts, and performing technical security assessments. * Participate in a call tree for outsourced Security Operations Center to assist with triage and remediation of critical and high rated alerts that are escalated both during and after business hours. * Research and recommend solutions to fulfill regulatory compliance with all standards set forth by FFIEC guidelines, Sarbanes Oxley, Gramm-Leach-Bliley and other regulations applicable to the financial services industry and publicly traded companies. * Perform periodic review of IT procedures and security of all systems in order to maintain integrity of company and customer data. * Document and perform verification of IT related changes in accordance with Company security policies and procedures. * Research and recommend hardware and software solutions to augment or enhance existing security measures. * Stay current in events and trends in IT security. * Investigate and report any security violations and incidents and ensure proper protection and corrective measures have been taken when an incident or vulnerability has been discovered. * Conduct scheduled reviews of key application security settings. * Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of SOC associates. * Assist in process development and improvements to maximize the efficiency and effectiveness of the department and related programs * Supports audit and incident processes, as required * Monitor and support internal SEIM systems, reports, and searches * Monitor and support internal phishing email report systems and reports * Partner and establish relationships to work closely with cross-functional teams consisting of representatives in the business * Develops strong liaison relationships with key internal business and technology teams * Coach level I & IIs on security domains and program processes * Depending on need, VP Security may determine a Team Lead designation for Level III role * Participate in security work streams for a variety of enterprise projects and initiatives * Determine and communicate security risk postures to partners and leaders as appropriate Education & Experience Knowledge of: * Strong experience with threat information sharing and threat hunting processes to proactively identify potential or existing threats in medium to large environments. * Proficient with SIEM tools, threat intelligence platforms, and security orchestration, automation, and response (SOAR) solutions to centralize and manage the incident and remediation workflow. * Knowledge and understanding of networking concepts and securing traffic across LAN, WAN, and Internet infrastructure. * Proficiency in operating systems such as Windows, Linux, and MacOS to effectively research and analyze threats in a sandbox environment, and respond to incidents. * Experience in incident handling and investigation including using formal chain-of-custody methods, forensic tools, and best practices. * Applicable knowledge of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and CVSS. * Capable of scripting in Python, Bash, Perl, RegEx, or PowerShell. * Knowledge and understanding of networking concepts and securing traffic across LAN, WAN, and Internet infrastructure. * Familiarity with cloud architectures, security standards, and best practices * Strong oral and written communication skills * Strong organizational skills and attention to detail * Excellent interpersonal skills Ability to: * Ability to analyze incident logs, attack vectors, and understand vulnerabilities and exploits. * Take independent action within established options and develops new procedures and approaches to problems when necessary * Analyze assignments based on a wide knowledge of many factors where application of advanced or technical concepts are required * Self-starter requiring minimal supervision * Highly organized and efficient. * Demonstrated strategic and tactical thinking. * Stays current with the evolving threat landscape. * Perform duties and make decisions under frequent time pressures Education and Training: * (Preferred) Bachelor's degree in Computer Science, Management Information Systems (MIS) or related field or equivalent work experience. * On-the-job training in relevant roles relating to security operations, threat intel and hunting, system administration, incident response, or equivalent * Security+, CySA+, GCIH, CSA, CCSP or similar certification; or willingness and ability to pursue certification/re-certification within the first six months of hire. * At least 5 years' experience in security operations center environments, threat intelligence/hunting, or security systems administration * Requires knowledge of Microsoft Office and other productivity tools Benefits and Compensation Salary offered is based on factors, including but not limited to, the job duties, required qualifications and relevant experience, and local market trends. The role may be eligible for bonus or incentives based on company and individual performance. (Base Pay Range: $86,000 - $123,000/year) Busey provides a competitive Total Rewards package in return for your time, talents, efforts and ultimately, results. Your personal and professional well-being-now and in the years to come-are important to us. Busey's Total Rewards include a competitive benefits package offering 401(k) match, profit sharing, employee stock purchase plan, paid time off, medical, dental, vision, company-paid life insurance and long-term disability, supplemental voluntary life insurance, short-term and long-term disability, wellness incentives and an employee assistance program. In addition, eligible associates may take advantage of pre-tax health savings accounts and flexible spending accounts. Visit Busey Total Rewards for more information. Equal Opportunity Busey values a diverse and inclusive workplace and strives to recruit, develop and retain individuals with exceptional talent. A team with diverse talent, working together, is essential to Busey's commitment of delivering service excellence. Busey is an Equal Opportunity Employer including Disability/Vets. Visit Busey.com/Careers to learn more about Busey's Equal Opportunity Employment. Unsolicited Resumes Busey Bank, and its subsidiaries, does not accept any liability for fees for resumes from recruiters or employment agencies ("Agency"), without a binding, written recruitment agreement between Busey and Agency describing the services and specific job openings ("Agreement"). Busey may consider any candidate for whom an Agency has submitted an unsolicited resume and explicitly reserves the right to hire those candidate(s) without any financial obligation to the Agency, unless an Agreement is in place. Any email or verbal contact with any Busey associate is inadequate to create a binding agreement. Agencies without an Agreement are requested not to contact any associates of Busey with recruiting inquiries or resumes. Busey respectfully requests no phone calls or emails. Application Deadline 11/15/25

Your Future. Secured. ISC2 is a force for good. As the world's leading nonprofit member organization for cybersecurity professionals, our core values - Integrity, Advocacy, Commitment, Inclusion, and Excellence - drive everything we do in support of our vision of a safe and secure cyber world. Our globally recognized, award-winning portfolio of certifications provide an independent and globally recognized endorsement of cybersecurity knowledge, skills and experience for all career levels. Our charitable arm, the Center for Cyber Safety and Education, enables ISC2 and our members to serve the public by educating the most vulnerable about cyber risks and empowering access to enter and thrive in the cyber profession. Learn more at ISC2 online and connect with us on Twitter, Facebook and LinkedIn. When you join ISC2, you'll demonstrate your commitment to an inclusive and equitable environment. Your support of the unique perspectives and experiences shared by our global cybersecurity workforce and profession will be recognized. We invite you to take an active role in helping us create a true sense of belonging across our organization - an environment of authenticity, trust, empowerment and connectedness that empowers all of our successes. Learn more. **Position Summary** The Application Security Engineer will be an integral part of the security team and will work cross-functionally with several lines of business to ensure the secure delivery of products and applications. The Application Security Engineer will be expected to attend stand-ups and strategy sessions to identify areas of risk and offer consulting on best practices. The Application Security Engineer will act as a champion and will formalize the integration of application security into our current processes and tools. **Responsibilities** The Application Security Engineer will be expected to facilitate technical design reviews, perform code analysis, offer remediation recommendations, perform manual and dynamic security testing, and document and present all findings. The Application Security Engineer will work closely with the Development, Release, and QA teams to identify and coordinate security testing, validate, test, and vet both internally and externally developed applications. As an Application Security Engineer, you will act as a DevSecOps Engineer that will be responsible for secure application delivery as well as the underlying infrastructure. The Application Security Engineer must be comfortable with securing cloud-based products in environments such as AWS, Azure and Salesforce. Additionally, this position will provide security risk assessments, create threat models and assist the team with vulnerability testing. Additionally, this position manages the ISC2 responsible reporting program that supports the organization's secure application delivery objectives. In addition to the daily duties described, the individual will assist the security engineering team in the management of security technologies administered by the group (e.g., WAF, Firewall, IDS, and SEIM). This would be an "as needed" function, which is primarily to provide coverage for those duties when individuals on the security engineering team are out of the office for training or vacation. Additionally, the Application Security Engineer will be expected to participate in the Incident Response team and act as a Subject Matter Expert when dealing with the continuity of our operations and when responding with cyber incidents. + Conduct security assessments: Perform comprehensive security assessments of applications, including static code analysis, dynamic application testing, and penetration testing. Identify vulnerabilities, weaknesses, and potential attack vectors. + Secure code review: Review application source code to identify security flaws, such as insecure authentication mechanisms, input validation vulnerabilities, and potential injection attacks. Provide recommendations for remediation and best practices for secure coding. + Threat modeling: Collaborate with development teams to identify and assess potential threats and risks associated with the application. Use threat modeling techniques to prioritize security controls and countermeasures. + Develop and implement security controls: Design, develop, and implement security controls and countermeasures to protect applications against common security threats, such as cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection. Implement secure coding practices and security guidelines. + Vulnerability management: Establish and maintain a vulnerability management program for applications. Track and prioritize vulnerabilities based on their severity and impact. Coordinate with development teams to ensure timely remediation of identified vulnerabilities. + Security testing automation: Develop and maintain automated security testing tools and scripts to streamline the application security testing process. Integrate security testing into the continuous integration and deployment (CI/CD) pipeline. + Security training and awareness: Conduct security training and awareness programs and determine skills training needs for development teams, promoting secure coding practices andawareness of common security vulnerabilities. Stay updated with the latest security trends, attack techniques, and best practices. + Incident response: Provide support during security incidents or breaches related to applications. Participate in incident response activities, including containment, investigation, and remediation. + Compliance and regulatory requirements: Ensure that applications adhere to relevant security compliance standards, industry regulations, and data privacy requirements (e.g., GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability)). Collaborate with compliance teams to address any compliance-related concerns. + Security documentation and reporting: Prepare and maintain security documentation, including security policies, procedures, and guidelines. Generate periodic reports on the security posture of applications and present findings to relevant stakeholders. Other responsibilities include: + Maintain and manage all pipelines from a security perspective. + Onboard new pipelines for security tooling. + Keep pipeline diagrams up to date with current security details. + Serve as the primary SME for the DAST scanner.This includes configuration, testing, vulnerability management, and remediation oversight. + Recommend continuous improvements for the SAST scanner. + Security code release approvals + Maintain and manage the WAF, including signatures, configuration, and threat intel feeds. + Serve as the SME and provide recommendations for ongoing improvements. + Establish baseline WAF signatures for XD Prod following the Silverline migration. + Baseline WAF signatures after code releases. + Serve as the primary point of contact for vetting bug reports and managing the informed disclosure process. + Assist with attestation data gathering. + Support and assist with threat modeling. + Act as the formal backup for the threat modeling and attestation processes. + Review and approve Security Assessment Review reports as needed. + Perform other duties as required. **Behavioral Competencies** + Ability to demonstrate and support the ISC2 Core Values: Integrity, Excellence, Inclusion, Advocacy and Commitment + Function as an architect, who can conduct architecture reviews of new systems and solutions. + Serve as a builder who can build and integrate application security in our SDLC. + Act as a collaborator, who likes to engage with the team and the industry. + Serve as a team player, who will jump in and assist in other security functions as needed. + Function as a leader, who will use your knowledge and to train and guide developers and engineers. + Demonstrate a passion for application security, creative and critical thinking, strong analysis skills, the ability to work in a fast-paced environment, and have familiarity with agile, continuous integration, and continuous deployment. + Experience in securing SaaS-delivered offerings in multiple cloud environments deployed with automation & orchestration. **Qualifications** + Ability to write some code, as needed, to conduct security-focused testing. + Application Experience with common testing tools such as Veracode, Fortify, Zap, Burp, and fiddler, among others. + Application Understanding of common vulnerabilities & remediation. + Application Knowledge and understanding of automation and scripting languages. + Design & code review skills. + A solid understanding of Microsoft platforms such as .NET, Windows, C#, Azure. + General Knowledge of cloud security, API (Application Programming Interface) security, and associated best practices. **Education and Work Experience** + Bachelor's degree in computer science, information systems, related engineering field. Will consider a high school diploma and 10+ years of relevant work experience, as well as current additional credentials (CCSP, GDSP, etc..) in lieu of a degree. + A CISSP and CSSLP are required for this position. + 8+ years of experience in Information Security. + 8+ years of experience with static and dynamic analysis for coding and vulnerability identification and remediation. + 5+ years of Secure Development experience. + Application Experience with implementing Secure Development Lifecycle in an agile environment. + First-hand experience with architectural reviews, application reviews, and penetration testing. + Application Experience with Continuous Integration processes, particularly with building security practices into the pipeline. **Physical and Mental Demands** + Ability to travel up to 10% of time. May also include overnight travel. + Work extended hours, when necessary. + Work in an office environment using dual monitor computer screens. + Sitting for extended periods. **Equal Employment Opportunity Statement** All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic as protected by applicable law. Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process. **Job Locations** _US-Remote_ **Posted Date** _2 weeks ago_ _(11/19/2025 1:29 PM)_ **_Job ID_** _2025-2253_ **_\# of Openings_** _1_ **_Category_** _Information Security_

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

CyberOne is hiring! We hire smart, talented and high-performing professionals to push our organization forward and provide superior service to our customers. We each take accountability for our work, strive to make each other better, and genuinely love what we do. If you value learning new things, being innovative, and working in a supportive, collaborative environment, CyberOne may be the place for you. If you are ready to raise the bar for your career and be part of our exciting journey, we would like to hear from you! The Presales Senior Security Architect partners closely with Account Managers, Professional Services, and partner resources to design and deliver tailored cybersecurity solutions that address customer needs. Acting as a trusted advisor, this role combines deep technical expertise with strong communication skills to build confidence and drive successful outcomes. The Senior Security Architect will primarily support customers in the Oklahoma region, while providing additional support to other regions as needed. This position requires the candidate to reside in Oklahoma in order to effectively serve the assigned region.Essential Functions Build strong customer relationships and serve as a trusted technical advisor, helping them achieve their business and security goals. Work in close partnership with Account Managers, Professional Services, and vendor partners. Continuously expand and update knowledge of cybersecurity use cases, leading partner technologies, and CyberOne's Professional Services offerings to align with customer needs. Maintain a strong understanding of the broader cybersecurity ecosystem with deep knowledge of key verticals (e.g., network, cloud, OT, application security). Provide training and knowledge sharing to sales teams on vendor products, cybersecurity trends, and market insights. Perform assessments and consulting services to help customers identify risks within their environments. Lead strategic conversations with enterprise customers on industry trends and emerging technologies. Act as the customer's advocate for technical issues, ensuring timely follow-up and resolution. Travel as needed to participate in customer meetings, workshops, and strategic discussions. Education/Experience 7+ years of experience designing and implementing security solutions in large environments. Experience leading and recommending technology selection processes within or for enterprise organizations. Proven experience as a senior or lead technical resource/architect (cybersecurity, network, cloud, etc.) within a large organization, reseller, or systems integrator. Effectively lead and support customer demonstrations with Systems Engineers to highlight CyberOne's value proposition. Certification/License Requirements Industry-recognized certifications (e.g., CISSP, CCSP, SANS, Open CA) preferred. Vendor/technology certifications (e.g., AWS, Palo Alto Networks, Tenable) preferred. Core Skills/Abilities Excellent relationship-building skills with the ability to engage clients confidently in person and virtually. Strong organizational skills with the ability to manage multiple priorities in a fast-paced environment. Strong presentation, written, and oral communication skills across all organizational levels, from senior leadership to peers and team members. Proficiency with standard office equipment such as laptops and smartphones. Work Environment Ability to travel up to 50% within the Oklahoma territory and occasionally to the Plano, TX headquarters. Ability to navigate client environments, including walking, stairs, and carrying light materials (up to 25 lbs). Prolonged periods of sitting or standing while working remotely or attending meetings. Operates a laptop and standard office equipment for prolonged periods. Participates in virtual meetings and occasional in-person training or company events. Strong verbal, visual, and auditory capabilities to effectively present, communicate, and engage with clients and internal teams. If you are passionate, driven and ready to take your career to the next level, we invite you to apply today! CyberOne is a proud Equal Opportunity and Affirmative Action Employer. All qualified applicants, regardless of race, color, genetic information, national origin, religion or belief, sex, affectional or sexual orientation, gender identity or expression, immigration status, ancestry, age, marital status, disability, or protected veteran status, are encouraged to apply and will receive equal consideration based on merit, qualifications, and business need. Recruitment Agencies Please Note: "In accordance with our recruitment policy, CyberOne strictly prohibits any form of solicitation of our employees by external agencies or third parties. Any candidate information that may be received from such agencies or third parties shall be deemed as a voluntary gift and shall become the exclusive property of CyberOne. Exceptions to this policy apply only when an Agency/Third Party is an Authorized Vendor of CyberOne, holding a valid and current contract that has been duly signed by our People Services Manager or CFO of CyberOne. Under no circumstances will any payment be made to any Agency/Third Party unless they are an Authorized Vendor or possess written approval from the CyberOne People Services Manager or CFO, granting them explicit permission to engage in recruitment efforts on behalf of CyberOne."

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Under the direction of the IT Director, the IT Security & Infrastructure Manager is responsible for all aspects of data network and communications infrastructure utilized by CFS Brands and supported facilities. This position will function as a technical, engineering, and operational subject matter expert as it relates to enterprise network and security technology. This includes participating in project planning, designing, capacity projections, hands-on implementation, complex integration work, security assessment, hardening of configurations, troubleshooting, maintaining, upgrading, and defining policy/procedure for all LAN/WAN infrastructure in use. ESSENTIAL DUTIES AND RESPONSABILITIES: Essential duties and responsibilities include the following. Other duties may be assigned. Guide and supervise staff assigned to work on infrastructure and security operations and provide technical assistance when necessary. Evaluate existing systems and providing technical direction to IT personnel Plan, manage and schedule the CFS Brands infrastructure and security systems and procedures to improve utilization or propose revision(s) of infrastructure operations. Provide management of technology initiatives including creating comprehensive plans for achieving infrastructure project objectives. Establish processes for the configuration, testing, and maintaining operating systems, application software, and security management tools Communicate with personnel from a variety of departments including staff, various vendors, and department leadership to exchange information concerning security. Apply a security framework and ensure compliance from the business, vendors, and contractors. Develop infrastructure support and project budgets. Represent security and infrastructure needs during any Acquisition and Divestiture activity. Recommend enhancements to the infrastructure operations. Monitor compliance with applicable internal and external security and data protection policies. Monitor compliance with applicable regulations Coordinate and champion the cybersecurity training program Perform complex tasks on critical infrastructure upgrades, security projects, and infrastructure enhancements. Design, implement and monitor network activities, devices, uptime, on all security platforms. Travel to local sites and occasionally travel to remote sites in support of corporate initiatives. Perform related duties as assigned. EDUCATION / EXPERIENCE REQUIRED: Bachelor's degree in computer information sciences, Technology Management, Information Systems, Business, or Leadership from an accredited college or university OR CISSP (Certified Information System Security Professional), CISM (ISACA Certified Information Security Manager), or CISA (ISACA Certified Information Security Auditor), or like certification. Five years of increasing responsibility in supporting/managing complex networked systems and IT security. Two or more years in a supervisory or management capacity with direct subordinates related to computer information systems/science is preferred. Ability to multi-task in a fast-paced environment. Ability to communicate technical information, both verbal and written to a wide range of end-users in a friendly, professional manner. Strong organizational skills. Advanced skill in information technology security associated with: Security frameworks Internet and network services IT operations User access and authentication Security within software applications Basic computer programming Location: (on-site) Oklahoma City, OK Travel Required: Up to 20% travel to support multiple operating locations and corporate initiatives across the US and Mexico, with potential travel to Europe. CFS BRANDS: Headquarters located in Oklahoma City, Oklahoma, CFS BRANDS is a market-leading designer, manufacturer and distributor of commercial foodservice, healthcare, and industrial hygiene products. CFS BRANDS has maintained its industry-leading position and consistent growth with a strong focus on customer support and satisfaction, product variety and availability, and a unique ability to be a “one-stop shop” solution for a wide range of organizations. CFS BRANDS enjoys this competitive market advantage through its extensive network of brands and global manufacturing and distribution facilities. CFS BRANDS's core products include dinnerware, drinkware, professional cookware, industrial hygiene products brushes and cleaning tools, dispensing systems, and healthcare meal service equipment. These products are provided through major distributors customers across the country. CFS BRANDS became a portfolio company of The Jordan Company (“TJC”), a private equity firm, in 2018. More information on CFS BRANDS can be found at ****************** CFS Brands is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.

At PLEXSYS, our teams design, build and deliver Live, Virtual, and Constructive (LVC) innovation and training solutions to customers around the world. With over 200 employees in seventeen states and four foreign countries, we contribute our success to enabling better training…everyday…across the globe. As an employee of PLEXSYS, you'll find a culture that empowers you to achieve your professional objectives, give your personal best, and work with other highly passionate individuals. Our core values of integrity, excellence, teamwork and agility drive our daily decisions, identify our focus areas, and inspire our organizational culture. GENERAL DESCRIPTION The Command and Control, Intelligence, Surveillance, and Reconnaissance (C2ISR) Information System Security Officer (ISSO) will provide cybersecurity support to Joint Theater Air-to-Ground Simulation Systems (JTAGGS), Airborne Warning and Control Systems (AWACS), Airborne Surveillance Command and Control (ASC2), and/or Theater Air Control System (TACS) training and ground systems and networks. The ISSO is responsible for ensuring the appropriate operational security posture for information systems and must have detailed knowledge and expertise required to manage the security aspects of an information system. Responsibilities include implementation of the requirements of the Joint Special Access Program (SAP) Implementation Guide (JSIG), Risk Management Framework (RMF), and other security requirements as assigned. Duties also include physical and environmental protection, personnel security, and incident handling. Coordinate and synchronize security policy guidance with PLEXSYS Facility Security Officer and C2ISR Information System Security Manager (ISSM) and work in close coordination with Partner/Government ISSO/ISSM. Duties & Responsibilities Execute on-site information system security program to include implementation and validation of automated informational security, ensuring security requirements are satisfied for C2ISR training systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees May assist in the development and updating of required Authority to Operate (ATO) artifacts Conduct system audits in accordance with System Security Plan requirements May be required to conduct maintenance on the networks, systems, and hardware May be required to perform software upgrades on networks, systems, and hardware Understand and follow NISPOM/ODAA/RMF/ICD/NIST/JSIG classified system accreditation and certification requirements Other duties as assigned REQUIREMENTS Bachelor's degree in related field or 2 years' experience in related field Extensive Training or experience with Windows based Information Systems standards with a working knowledge of Linux operating systems Specialized computer training in networking and active directory Experience with security audits for information systems Strong communication and problem-solving skill Ability to work in both a Team environment as well as independently Must be organized and detail orientated Current DoD 8570 IAT Level II and IAM Level I or higher certification (i.e. Security + or equivalent certification) DESIRABLE Experience with DoD Security Regulations and Policies Experience with Type 1 and/or Type 2 virtualization platforms Experience managing system security in an enterprise environment Strong system documentation skills Experience with Trellix ePO (HBSS), Splunk, and Tenable Security Center/Nessus (ACAS) AUTHORITY Must have or be able to obtain and maintain a Top-Secret clearance with approval for SAP and SCI access PERKS As a PLEXSYS employee, you can expect certain advantages; such as advancement based on performance, competitive wages, valuable benefits and a great working environment. Our team is committed to ensuring an environment that empowers individuals to realize their full potential by providing opportunities and necessary support to achieve personal and professional goals. Medical/Vision/Prescription/Dental Benefits Life, AD&D and Long Term Disability Coverage Paid Holidays, Military Leave, and Paid Time Off 401k Plan with eligibility from first day of employment Education reimbursement for job-related courses for full-time employees PriceClub/COSTCO/Sam's Club annual membership PLEXSYS Interface Products, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Digi Security Systems is an industry leader in the design, installation and support of custom video surveillance, electronic access control, and intrusion detection solutions for public and private partners. We've built our reputation on innovation and reliable service, and we're known as the industry's experts. Position Overview We are seeking an experienced Field Engineer to join our operations in the Oklahoma City, OK area. Salary for this position is dependent on experience, but the budgeted range is from $80,000+ / year. This person will be responsible for performing the most skilled security technician work in the service, troubleshooting, alternation and programming of all security related systems. Field Engineers, also known as Elite Resource Technicians, are service providers who support Digi's internal and external operations by providing custom programming, training, and technical advisement. This individual must have a expert background in installing and servicing Access Control, CCTV, and Burglar/Intrusion Alarm Systems and at least seven (7) years of experience working in the commercial security systems field. Main Responsibilities: Service: Responsible for the professional service of access control, CCTV, and burglar/intrusion alarm systems. Programming: Ensures project systems are programmed to the highest standard and organized to work well for the client. Often includes customized programming to meet specific Partner needs. Networking: Complete high level integration and programming of systems, using both networks and servers. Quality Control: Complete internal audits of Digi's projects, and ensures that highest standard of installation is upheld. Write course content and provide technical expertise for Digi's internal learning and development initiatives. Leadership: Provide on-the-job training and mentoring on-site to technicians on their team. Collaborate with other Elite Resources to create standard operating procedures, work exemplars, and training sessions. Communication: Respectfully communicates with all local Partner and internal staff on daily progress and all necessary information on any service call or project. Documentation: Completes project close out documentation, including as-built drawings, head end and installation quality pictures. Documents installation quality and completes all required close out documents. Benefits: 2 weeks vacation accrual rate and included paid sick time 3 weeks vacation accrual rate after first year of employment 7 company-wide paid holidays throughout the year On-call bonuses 401k plan w/corporate matching structure Full health benefits offered - medical, dental and vision Included life insurance, additional available for purchase Accident/critical illness insurance available for purchase Full set of Hilti tools All hand tools and consumables paid for by company Required training/licensing paid for by company Voluntary professional development opportunities Company laptop, company phone, uniforms and gear Company vehicle or personal vehicle allowance Yearly stipend for steel-toed boots and work pants Great opportunities for bonus pay Physical Requirements: Ability to lift/move equipment and tools weighing up to 50 lbs. Ability to work from ladders or man lifts at extended heights. Must be able to differentiate colors. Must be comfortable standing for long periods of time and complete overhead work for long periods of time. Must have a current, valid driver's license in the state of which you are applying and have the ability to meet our company driving standards. Disclaimer: This job description is not all encompassing of job responsibilities and is not in any way a binding document. It does not affect the at will nature of employment at Digi Security Systems. #LI-TW1

The Security Risk and Compliance Analyst is a member of the information security team and works closely with the other members of the team, the business, and other IT staff to develop and manage security for one or more IT functional area (e.g., data, systems, network, and physical) across the enterprise. The candidate will be able to effectively understand standard risk methodologies and the implementation of security controls in an enterprise environment. Key Result Areas: Work as part of a team to maintain security and integrity of corporate data and IT systems through activities including: Develop and maintain enterprise security policies and procedures Assist in the coordination and completion of information security risk assessments and documentation Work with information security management to develop strategies and plans to enforce security requirements and address identified risks Report to management concerning residual risk, vulnerabilities, and other security exposures including misuse of information assets and noncompliance Work with IT department and members of the information security team to identify, select and implement technical controls Provide direct support to the business and IT staff for security related Maintain an awareness of security and control issues in emerging technologies Perform other duties as assigned Knowledge, skills, and experience required: Bachelor's degree in Computer Science, Information Systems, or other equivalent degree or experience Preferred Certifications (CISSP, CISA, CRISC, CRM, GSEC, etc.) Strong analytical and problem-solving skills to enable effective security incident and problem resolution Proven ability to work under stress with the flexibility to handle multiple high-pressure tasks simultaneously Ability to work well under minimal supervision Strong team-oriented skills with the ability to interface effectively with a broad range of people and roles, including vendors and enterprise personnel Strong written and verbal communication skills and attention to detail for board level committee and regulatory reporting Strong customer/client focus with the ability to manage expectations appropriately General understanding of risk management Knowledge of security methodology frameworks and regulatory requirements such as NIST, CIS, HIPAA, PCI, and FFIEC Microsoft Excel, Word, and Visio skillset for the creation, tracking and reporting of security metrics (e. graphs, formatting, basic formulas) Preferred Qualifications: Understanding of enterprise risk management systems and automation platforms Experience with Data Loss Prevention (DLP) and Vulnerability Management solutions *This position is on-site located in Oklahoma City, must reside within the area to be considered. *Position requires a minimum of 3 years of relevant US based experience. #LI-Onsite #LI-DNI

We are seeking an experienced and mission-driven Manager of Information Security to help protect our credit union's systems, safeguard member data, and support our commitment to being the best place our employees have ever worked and the best place our members have ever banked. The ideal candidate holds a current CISSP certification, demonstrating deep expertise across all cybersecurity domains, and maintains ongoing training to stay ahead of evolving threats and regulatory requirements in the financial services sector. The Manager Information Security responsible for overseeing the Information Security program, Vendor Management program, and the administration of the Business Continuity Plan at WEOKIE Federal Credit Union. Responsibilities include but are not limited to developing and maintaining the information security framework, monitoring and managing vendor risk, and maintaining, enhancing, and testing the Business Continuity Plan. Major Activities: * Develops, maintains, and reviews appropriate information security policies and procedures needed to maintain the integrity of the information security program. * Conducts threat focused business impact analysis to maintain an inventory of business impacting cyber threats. * Organizes and conducts cybersecurity simulation exercises. * Acts as the IT Security, Business Continuity, and Vendor Management central point of contact for the annual NCUA exam and IT Controls Audit. * Ensures proper policies, procedures, risk mitigation activities, and operation controls are followed. Reports gaps in policies, procedures, and operating controls to leadership to ensure member impact and risk is mitigated. * Responsible for performing information security risk assessments on a scheduled basis that focus on ensuring policies and procedures are consistently applied. * Attends/makes presentations to the WEOKIE Board of Directors and various Board Committees as assigned. * Assist with development of company wide information security training materials for computer-based training modules and build company wide information security awareness materials. * Support technology/systems that enable all vendor management activities by administering the Tandem platform. * Responsible for vendor risk assessment and execution of other vendor management activities as needed. This includes administration, processing risk acceptance documentation, and maintaining the schedule of vendor management activities. * Maintain, develop, update, and test WEOKIE's Business Continuity Plan. * Write reports to summarize testing activities, including results and recommendations. * Act as Business Continuity Coordinator in the event of an incident, to ensure that WEOKIE's Business Continuity Plan is implemented. Critical Results: * WEOKIE's information security program is a core part of its culture and is integrated into all of its lines of business, support functions and third-party management programs. * Information Security risks and threats are clearly identified, measured and remediated timely. * The Board of Directors and Senior Management receive timely and credible reporting and recommendations that lead to effective decision-making in both strategic and tactical contexts. * Members and credit union information security assets are protected from unauthorized access and when necessary, reacts timely and effectively to manage incidents or vulnerabilities. * WEOKIE receives favorable results from key reviews, audits, and exams from audit and exam sources. * WEOKIE's information security program is seen as independent from the IT line of business and also seen as supportive and collaborative to all stakeholders. * Risk assessments are completed annually and deficiency are quickly addressed and/or remediated. * Security incidents are properly documented, tracked, and escalated in a timely fashion when deficiencies are presented. * New quality control activities are developed and presented to leadership that correspond to the information security program. * Vendor Management risk assessments, reporting results, and conclusions are thoroughly documented, completed timely and accurately. * Vendor Management is collaboratively managed with fellow team members. * Vendor Management risks are controlled and mitigated by adhering to all applicable policies and procedures. * WEOKIE's Business Continuity Plan is up-to-date, regularly tested, thoroughly communicated, and ready for immediate implementation in the event of an incident. Qualifications: * Specialized or Technical Knowledge and Skills: The Manager Information Security is a data security professional skilled at managing IT security activities in a complex, multi-system/multi-vendor computing environment. A strong, practical working knowledge of information security concepts and technical architecture are necessary along with an ability to take technical concepts and translate them into business impact. * A bachelor's degree is required, preferably in Information Technology or Computer Science. * A minimum of three years of experience in the information security field. * A Certified Information System Security Professional (CISSP) certification is required; additional certifications such as a Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) are preferred. * Demonstrated experience in managing and working with third party vendors. * Demonstrated ability to research and implement innovative solutions that have improved security, operational efficiency, quality, and service levels. * In-depth understanding of the financial services or highly regulated business, and the applications systems and technical infrastructures needed to support them. B. Behavioral Competencies: Behavioral competencies are the skills and personal characteristics that an individual should possess in order to be successful in this position. * Core Competencies: Core competencies are consistent for all positions across the organization and are aligned with WEOKIE's core values. * Member Focus (internal and external): Builds member confidence, is committed to increasing member satisfaction, sets achievable member expectations, assumes responsibility for solving member problems, ensures commitments to members are met, solicits opinions and ideas from members, responds to internal members. * Dependability: Meets commitments, works independently, accepts accountability, handles change, sets personal standards, stays focused under pressure, and meets attendance/punctuality requirements. * Integrity/Ethics: Deals with others in a straightforward and honest manner, is accountable for actions, maintains confidentiality, supports company values, conveys good news and bad. * Job Specific Competencies: The position requires a well‐rounded and level‐headed individual who is able to maintain composure in a variety of situations. The following stand out among a long list of behavioral competencies for this position: * Managing Vision and Purpose: Communicates a compelling and inspired vison of core purpose; talks beyond today; talks about possibilities, is optimistic, creates mileposts and symbol to rally support behind the vision; make the vision sharable by everyone; can inspire and motivate entire units or organizations. * Strategic Agility: Sees ahead clearly, can anticipate future consequences and trends accurately; has broad knowledge and perspective; is future oriented; can articulately pain credible pictures and visions of possibilities and likelihoods; can create competitive and breakthrough strategies and plans. * Oriented Towards Serving Others: Is predisposed to servant leadership and excited towards improving conditions for others. * Command Skills: Relishes leading; takes unpopular stands if necessary; encourages direct and tough debate but isn't afraid to end it and move on; is looked to for direction in a crisis; faces adversity head on; energized by tough challenges. * Intellectual Horsepower: Is bright and intelligent; deals with concepts and complexity comfortably; described as intellectually sharp, capable, and agile. * Innovation Management: Is good at brining the creative ideas of others to market; has good judgement about which creative ideas and suggestions will work; has a sense about managing the creative process of others; can facilitate effective brainstorming; can project how potential ideas may play out in the marketplace. * Composure: Is cool under pressure; does not become defensive or irritated when times are tough; is considered mature; can be counted on to hold things together during tough times; can handle stress; is not knocked off balance by the unexpected; doesn't show frustration when resisted or blocked; is a settling influence in a crisis. * Political Savvy: Can maneuver through complex political situations effectively and quietly; is sensitive to how people and organizations function; anticipates where the land mines are and plans his/her approach accordingly; views corporate politics as a necessary part of organizational life and work to adjust to that reality. C. Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to stand; walk; sit; use hands to finger, handle, or feel; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl and talk or hear. The employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include color vision, peripheral vision, depth perception and ability to adjust focus. D. Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The worker is not substantially exposed to adverse environmental conditions. The noise level in the work environment is usually moderate. WEOKIE does not and shall not discriminate on the basis of Protected Status, marital status, and political belief or any other status or condition protected by applicable federal and/or state law. Bona fide occupational qualifications will be applied impartially. These activities include, but are not limited to, hiring of staff, selection of volunteers and vendors, and provision of services. We are committed to providing an inclusive and welcoming environment for all our members, our staff, clients, volunteers, subcontractors, vendors, and clients.

The Multi Domain Solutions Division at Leidos is looking for an Information Systems Security Officer (ISSO) to support a fast-paced program with the Air Force Life Cycle Management Center located in Oklahoma City, OK. This role involves supporting the delivery of comprehensive IT and support services to ensure mission success while adhering to DoD standards and regulations. The ISSO will oversee the cybersecurity posture of DoD information systems, ensuring compliance with DoD security standards and protecting sensitive data. The ISSO will develop and implement security policies, conduct risk assessments, manage system accreditations (RMF), and lead continuous monitoring efforts. The role requires collaboration with cross-functional teams to enforce security controls and manage incident response. The ISSO will also maintain security documentation and ensure ongoing compliance with applicable regulations. The ISSO will be expected to be proficient technically & to perform hands-on cybersecurity tasks. This position will require 100% on-site work with no remote work supported Primary Responsibilities: Collaborate daily with the ISSM to provide expert cybersecurity guidance and recommendations. Support the development, implementation, and maintenance of security policies, procedures, and documentation to ensure compliance with DoD security standards and regulations (e.g., NIST, RMF, FISMA). Oversee the security posture of DoD information systems, ensuring they meet cybersecurity requirements for confidentiality, integrity, and availability. Perform risk assessments, vulnerability assessments, and security audits to identify system vulnerabilities and provide remediation strategies. Manage and conduct continuous monitoring of security controls, ensuring the protection of classified and unclassified data. Coordinate with cross-functional teams (engineering, IT, operations) to implement and enforce security protocols and best practices. Ensure the accreditation process for DoD systems (e.g., RMF accreditation) is completed and maintained in compliance with all applicable requirements. Act as the primary point of contact for security-related issues, coordinating incident response and reporting to senior management and government customers. Provide security training and awareness programs for personnel involved in the operation of DoD systems. Maintain and track security documentation, including system security plans (SSPs), risk assessments, and Plan of Actions & Milestones (POA&Ms). Stay current with emerging cybersecurity threats, vulnerabilities, and trends to ensure the program adapts to evolving security challenges. Basic Qualifications: US Citizen with at least a Top Secret clearance and the ability to obtain and SCI prior to your start date. Bachelor's degree with 8+ years of experience or a Master's degree with 6+ years of experience. Additional experience may be considered in lieu of a degree. In-depth knowledge of DoD cybersecurity policies, frameworks, and compliance standards (e.g., NIST 800-53, RMF, FISMA, ICD 503, JSIG, DAAPM). Must have a DoD 8140 Intermediate certification (e.g. Cloud+, Security+, etc.). Experience with system security engineering, risk management, and vulnerability assessments. Strong understanding of network security, security controls, and common cybersecurity tools (e.g., firewalls, IDS/IPS, SIEM, endpoint protection). Ability to work independently and collaborate effectively with cross-functional teams. Strong communication skills, including the ability to create and present detailed security reports to stakeholders. Interest in continuous learning and professional development in cybersecurity. Preferred Qualifications: DoD 8140 Advanced certification e.g. CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), etc. Experience with the Risk Management Framework (RMF) for DoD system accreditations and continuous monitoring processes. Experience in managing security for complex DoD programs or mission-critical systems. Familiarity with cloud security practices and systems, particularly in a hybrid or government cloud environment. Experience with security tools for vulnerability scanning, penetration testing, and security auditing. Cloud security certifications (e.g. Azure Security Technologies or AWS Certified Security Specialty). Experience with configuration management and change management processes in a secure environment. At Leidos, we don't want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, “what's next?” before the dust settles on “what's now.” If you're already scheming step 20 while everyone else is still debating step 2… good. You'll fit right in. Original Posting:September 3, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range:Pay Range $104,650.00 - $189,175.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

CURRENT EMPLOYEES - Please apply using "Jobs Hub" in Workday. This career site is for external applicants only. The SAP Security/GRC Admin is responsible for the management and support of SAP Roles and Security with the Diamondback SAP environment. This position will provide technical and thought leadership in the design, development, implementation, and support of the SAP Role Administration functions across the entire landscape. This role will also provide key contributions in a cross functional approach in the overall and ongoing management, testing and support of the SAP landscape for patches, upgrades and day to day operational issues. Job Duties and Responsibilities: Design, deploy and maintain security solutions that enables the business community to achieve their goals while providing proper identity and access management controls Analyze processes and system user needs to deliver quality solutions that meet both business and functional end-to-end requirements Drive overall security strategy including role design and provisioning for S4Hana ecosystem including SAP S/4 HANA, FIORI, GTS, Solution manager, HANA & other Databases, BTP, etc. Identify security risks, determines the root causes of security violations, suggest the risk mitigation and control measures and build required procedures and controls Ensures SAP security development and deployment execution align with standards, methodologies, and processes Identify the root cause of the issues and providing a permanent solution. Work with the Functional team in proposing solutions for the overall stability of the applications Daily monitoring of jobs that are necessary for the GRC application(s) to run effectively and efficiently, for example nightly management risk analysis reporting Responsible for day-to-day technical support and resolution of security issues, troubleshooting sap security problems including approval procedures and all the necessary compliance Develop and maintain processes with applicable documentation related to security by coordinating with IT management and governance teams Work with IT management as well as governance groups to facilitate appropriate controls around user/system access Proactively Interact with senior management to discuss and explain issues affecting users or systems Generate SOX/ad hoc reports on monthly/quarterly/semi-annual basis Provide production support and enhancement testing for existing security roles and positions/functions Work closely with SAP functional teams to create roles, profiles and authorizations that meet audit requirements as well as functional requirements for end users Maintain Segregation of Duties for the SAP environment (e.g. HR/Payroll, BASIS, Security Administration, and BI) Work collaboratively with a team to design, build and deploy security frameworks, devices and applications Vulnerability Assessment and Penetration Testing: Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security weaknesses in SAP S/4 environments. Be able to provision and de-provision users and roles with appropriate SAP security levels Able to effectively prioritize tasks in a high-speed environment Candidate must have strong problem-solving skills, be self-directed and capable of working with minimal supervision Must have a strong, demonstrated commitment to customer service and be committed to pro-active review of processes and procedures to continually enhance service quality, service delivery and support Cross Training Support for other SAP S/4 HANA Cross-functional team Occasional work in off-hours to minimize disruption to business Required Qualifications: Bachelor's Degree in Business Management, Information Systems or related field or equivalent in years of experience Four (4+) years in-depth experience in SAP GRC, Role Administration & Security implementation, and production support in ECC 6.0/S4-HANA Experience with SAP S/4 HANA security and authorizations Experience in SAP S/4 HANA version 1909 or later Experience in creating and assigning FF ID's and extracting Fire Fighter logs In-Depth understanding of SAP Security Role design & GRC Architecture Very good understanding of role remediation, setting up of SAP Security processes Expertise in SAP Security automation and scripts creation for mass maintenance Expertise in Running and publishing various SOX reports like, UAR, Critical Actions, SOD, Critical Permissions, Firefighter Log Review Experience in maintaining and troubleshooting Structural Authorizations Preferred Qualifications: Experience in SAP security engagements with cloud applications, Azure, etc Experience in supporting end-to-end SAP Security projects, Security and GRC workshops, testing support, Cutover prep, and Hyper care activities Experience in Role design in S/4 with Catalog and Group for Fiori Apps and good analytical skills in issue resolution SAP GRC Certification In-Depth understanding on FIORI requirement specifications, design, development, and testing In-Depth understanding of core BASIS functions and activities Minimum of three (3+) years of SAP experience within a large organization including implementing and supporting Experience in creating/maintaining GRC solutions Experience creating user and security roles for Fiori applications Experience with SOD development and ongoing controls Role administration across multiple landscape Oil and Gas experience preferred Experience with system monitoring, background job administration, spool administration Experience working with SAP GRC 10.0/10.1, SAP HCM and SAP Solution Manager Experience with SAP GRC Access Control configuration that includes MSMP and BRFPlus Experience in designing, configuring, and implementing SAP GRC Access Request Analysis (ARA), Access Request Management (ARM), Emergency Access Management (EAM), and Business Role Management (BRM) Strong knowledge in provisioning to SAP LDAP and SAP Enterprise Portal platforms for ABAP Roles, UME Roles, and Portal Roles/Groups. Work Authorization: Diamondback Energy is not currently sponsoring employment visas for this position. Diamondback is an Equal Employment Opportunity Employer. Diamondback provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, veteran or disability status, genetic information, pregnancy, or any other status protected by law. Diamondback participates in E-Verify. Learn more about E-Verify.

The Instagram Security Ecosystems team is seeking a product-focused security engineer interesting in enabling Instagram product teams to develop features with a focus on security and user safety. You will be relied upon to directly work with Instagram engineers, hardening both product features and our protective frameworks that make life harder for bad actors on the Instagram platform. **Required Skills:** Product Security Engineer, Instagram Responsibilities: 1. Threat Modeling and Security Architecture: Work directly with product managers and technical leads on threat models and security architecture for novel Instagram features or products 2. Security Reviews: Perform manual design and implementation reviews of web, mobile, and native code 3. Developer Guidance: Provide guidance and education to developers that help prevent the authoring of vulnerabilities 4. Automated Analysis and Secure Frameworks: Work with other security teams to improve Instagram's static and dynamic analysis and frameworks to scale coverage 5. Bug Bounty: Help provide technical guidance to our world class bug bounty program and independent security researchers 6. Industry Impact: Push the industry forward through conference talks and open source projects to contribute broadly to security for the world **Minimum Qualifications:** Minimum Qualifications: 7. B.S. or M.S. in Computer Science, Cybersecurity, or related field, or equivalent experience 8. 8+ years of experience finding vulnerabilities in interpreted languages (Python, PHP) 9. Extensive, proven experience in threat modeling and secure systems design 10. Experience with exploiting common security vulnerabilities **Preferred Qualifications:** Preferred Qualifications: 11. Product software engineering or product management experience 12. Experience in security consulting or other leadership-facing security advisory roles 13. Familiarity with cybersecurity investigations, abuse operations, and/or security incident response 14. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.) **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Digi Security Systems is an industry leader in the design, installation and support of custom video surveillance, electronic access control, and intrusion detection solutions for public and private partners. We've built our reputation on innovation and reliable service, and we're known as the industry's experts. Position Overview We are seeking an experienced Field Engineer to join our operations in the Oklahoma City, OK area. Salary for this position is dependent on experience, but the budgeted range is from $80,000+ / year. This person will be responsible for performing the most skilled security technician work in the service, troubleshooting, alternation and programming of all security related systems. Field Engineers, also known as Elite Resource Technicians, are service providers who support Digi's internal and external operations by providing custom programming, training, and technical advisement. This individual must have a expert background in installing and servicing Access Control, CCTV, and Burglar/Intrusion Alarm Systems and at least seven (7) years of experience working in the commercial security systems field. Main Responsibilities: Service: Responsible for the professional service of access control, CCTV, and burglar/intrusion alarm systems. Programming: Ensures project systems are programmed to the highest standard and organized to work well for the client. Often includes customized programming to meet specific Partner needs. Networking: Complete high level integration and programming of systems, using both networks and servers. Quality Control: Complete internal audits of Digi's projects, and ensures that highest standard of installation is upheld. Write course content and provide technical expertise for Digi's internal learning and development initiatives. Leadership: Provide on-the-job training and mentoring on-site to technicians on their team. Collaborate with other Elite Resources to create standard operating procedures, work exemplars, and training sessions. Communication: Respectfully communicates with all local Partner and internal staff on daily progress and all necessary information on any service call or project. Documentation: Completes project close out documentation, including as-built drawings, head end and installation quality pictures. Documents installation quality and completes all required close out documents. Benefits: 2 weeks vacation accrual rate and included paid sick time 3 weeks vacation accrual rate after first year of employment 7 company-wide paid holidays throughout the year On-call bonuses 401k plan w/corporate matching structure Full health benefits offered - medical, dental and vision Included life insurance, additional available for purchase Accident/critical illness insurance available for purchase Full set of Hilti tools All hand tools and consumables paid for by company Required training/licensing paid for by company Voluntary professional development opportunities Company laptop, company phone, uniforms and gear Company vehicle or personal vehicle allowance Yearly stipend for steel-toed boots and work pants Great opportunities for bonus pay Physical Requirements: Ability to lift/move equipment and tools weighing up to 50 lbs. Ability to work from ladders or man lifts at extended heights. Must be able to differentiate colors. Must be comfortable standing for long periods of time and complete overhead work for long periods of time. Must have a current, valid driver's license in the state of which you are applying and have the ability to meet our company driving standards. Disclaimer: This job description is not all encompassing of job responsibilities and is not in any way a binding document. It does not affect the at will nature of employment at Digi Security Systems. #LI-TW1