Security engineer jobs in Oxford, MA

Veteran-Owned Firm Seeking a System Cybersecurity Engineer II for an Onsite Assignment at Hanscom Air Force Base (AFB) My name is Stephen Hrutka. I lead a Veteran-Owned management consulting firm in Washington, DC. We specialize in Technical and Cleared Recruiting for the Department of Defense (DoD), the Intelligence Community (IC), and other advanced defense agencies. At HRUCKUS, we support fellow Veteran-Owned businesses by helping them recruit for positions across organizations such as the VA, SBA, HHS, DARPA, and other leading-edge R&D-focused defense agencies. We seek to fill a System Cybersecurity Engineer II role at Hanscom Air Force Base (AFB) in Bedford, MA. The ideal candidate must have an active Secret Security Clearance, a DoD 8570.01-M MGT512-compliant certification, and experience with LogRhythm. Required qualifications include either a BA/BS with 10 years of cybersecurity experience (5 in DoD), an MA/MS with 5 years (3 in DoD), or 15 years of related experience with proper certifications, including 5 years in DoD. If you're interested, I'll gladly provide more details about the role and discuss your qualifications further. Thanks, Stephen M Hrutka Principal Consultant HRUCKUS LLC Executive Summary: HRUCKUS is seeking a System Cybersecurity Engineer II with Secret Clearance for a role at Hanscom Air Force Base (AFB) in Bedford, MA. Position Overview: The System Cybersecurity Engineer II will be able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. Position Responsibilities: Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF). Recommending policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data. Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals. Conducting systems security evaluations, audits, and reviews. Recommending systems security contingency plans and disaster recovery procedures. Recommending and implementing programs to ensure that systems, networks, and data users are aware of, understand, and adhere to systems security policies and procedures. Participating in network and systems design to ensure implementation of appropriate systems security policies. Facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes. Assessing security events to determine impact and implementing corrective actions. Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services. Perform the Information System Security Engineer (ISSE) duties in an Information Assurance Workforce System Architecture and Engineering (IASAE) position as outlined in AFI 33-200, AFI 33-210 and AFMAN 33-285 for assigned systems. Perform the Information System Security Manager (ISSM) duties as outlined in DoDI 8510.01 for assigned systems/applications. Perform the Information System Security Officer (ISSO) duties as outlined in DoDI 8510.01 for assigned systems/applications. Other duties as assigned. Required Qualifications: Clearance: Active Secret Security Clearance BA/BS degree with a minimum of 10 years of cybersecurity experience, including 5 years supporting the Department of Defense (DoD); or an MA/MS degree with at least 5 years of experience, including 3 years in a DoD environment; or 15 years of directly related experience with the appropriate certifications, of which a minimum of 5 years must be within the DoD. DoD 8570.01 MMGT512 compliant certification. Experience with LogRhythm. Lab/SCIT management experience preferred. Experience with the Risk Management Framework (RMF). Details: Job Title: System Cybersecurity Engineer II Location: Hanscom Air Force Base, MA Clearance Requirement: Active Secret Clearance Assignment Type: Full-time, Onsite Salary Range: $130,000 - $140,000 per year

Length: 6 months + (temp to perm potential) 24x7 support team with on-call rotation Skills The infrastructure services engineer will provide reliable and flexible support to all components of client's infrastructure, including systems, networking, data center operations, cloud infrastructure, telecom, and others. This role will be dedicated to maintenance and management of these systems, as well as responding to all alerts to ensure maximum reliability. Skills 3+ years' experience with a variety of infrastructure tools (VMWare, Cisco, Windows Server OS, etc.) Experience with public cloud providers (AWS, Azure) and associated infrastructure management a plus Knowledge of networking protocols and technologies (DNS, DHCP, SNMP, TCP/IP) Solid knowledge of and previous experience using scripting technologies (PowerShell or Python) Thorough understanding of managing servers in large corporate settings, covering security protocols, compliance with policies, and handling exceptions or changes Excellent communication and documentation skills Ability to work well as part of a large team Proven ability to troubleshoot and resolve production issues while making sensible decisions in times of stress

Our client is seeking a highly skilled Systems Engineer to provide advanced technical and systems engineering expertise across complex defense programs. This role involves applying engineering principles and innovative problem-solving to develop, evaluate, and enhance systems and technologies that support mission objectives. The ideal candidate will have a strong foundation in systems engineering, digital engineering, and Model-Based Systems Engineering (MBSE), with the ability to influence strategy and guide program decisions through analytical insight and technical leadership. Essential Duties and Responsibilities (but not limited to): Apply and adapt engineering principles, standards, and methods to address unique and complex technical challenges. Research, design, and develop solutions that extend existing engineering concepts and technologies. Provide expert technical consultation and guidance to senior management and program stakeholders. Integrate digital engineering and MBSE practices throughout all phases of the system lifecycle. Evaluate new technologies, engineering methodologies, and emerging industry trends for potential application. Conduct systems-level analysis, trade studies, and performance evaluations to support mission and design objectives. Lead or contribute to the development of new engineering standards, methods, or models. Assess risks, recommend mitigations, and support system and program risk management activities. Analyze system performance and ensure alignment with cost, schedule, and security requirements. Incorporate resiliency and system security principles into engineering designs and architectures. Conduct feasibility assessments, concept development, and decision analyses for proposed solutions. Perform validation and verification of system designs, develop testing criteria, and evaluate results. Provide systems integration oversight to ensure interoperability among subsystems and external interfaces. Prepare technical documentation, reports, and presentations summarizing findings, recommendations, and performance metrics. Support communication system integration and open architecture frameworks (e.g., Open Mission Systems) for NC3 modernization efforts. Qualifications: Bachelor's degree in Engineering or a related technical discipline (advanced degree preferred). Minimum of 10 years of experience in systems engineering or a related engineering field. Proven expertise applying engineering theories and principles to solve complex technical and operational problems. Experience supporting system design, development, testing, and sustainment activities. Strong understanding of digital engineering and MBSE concepts and tools. Ability to assess and evaluate the impact of emerging technologies, methodologies, and strategies. Skilled in developing technical recommendations, performing trade analyses, and influencing engineering decisions. Excellent communication, analytical, and technical writing skills. Adaptable and proactive, with the ability to learn and lead in a dynamic environment. Must be a United States Citizen with an active Top Secret clearance and SCI eligibility. POST-OFFER BACKGROUND CHECK IS REQUIRED. Digital Prospectors is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by law. Digital Prospectors affirms the right of all individuals to equal opportunity and prohibits any form of discrimination or harassment. Come see why DPC has achieved: 4.9/5 Star Glassdoor rating and the only staffing company (< 1000 employees) to be voted in the national Top 10 ‘Employee's Choice - Best Places to Work' by Glassdoor. Voted ‘Best Staffing Firm to Temp/Contract For' seven times by Staffing Industry Analysts as well as a ‘Best Company to Work For' by Forbes, Fortune and Inc. magazine. As you are applying, please join us in fostering diversity, equity, and inclusion by completing the Invitation to Self-Identify form today! ******************* Job #18001

As the Senior Network Engineer, you will be responsible for supporting and implementing networking equipment and software, including firewalls, switches, routers, and load balancers. You will ensure proper monitoring, patching, compliance, and backups for all network equipment while collaborating with IT units to develop plans and provide technical guidance. This role includes acting as a project manager for small to mid-size projects, delivering innovative solutions, and providing exceptional customer service. You will offer onsite and remote support on a 24x7 basis, troubleshoot escalated issues, and secure network infrastructures to protect productivity and mitigate threats. Minimum Qualifications: 8+ years of network engineering experience in large enterprise environments. 5+ years in a senior capacity leading complex networking projects. Strong knowledge of routing protocols (EIGRP, OSPF, RIP, BGP) and Cisco routing/switching. Hands-on experience with firewalls (Checkpoint, Cisco, Juniper, Palo Alto) and VPN technologies. Bachelor's degree in Computer Science, IT, or equivalent experience. Responsibilities: Design, plan, and implement network equipment and capacity planning. Create and update documentation for network architecture and installations. Troubleshoot and resolve network issues independently and with vendors. Ensure compliance with MassDOT/EOTSS security standards and audit requirements. Provide technical leadership and mentoring to team members. Travel between facilities (only in MA) for maintenance and deployment. Nice to Have: Cisco certifications (CCNA, CCNP, or CCIE). Knowledge of AWS network architecture. Experience with Metro-Ethernet technologies and VOIP/QoS. What's In It For You: Weekly Paychecks Opportunity to work on critical infrastructure projects impacting the Commonwealth. Collaborative and innovative team environment. Professional development and growth opportunities.

Basic Qualifications CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $107,529.00 - USD $114,000.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

We are seeking a skilled and security-conscious Cloud Engineer to join our dynamic Cybersecurity team. This role is pivotal in designing, deploying, and maintaining our secure cloud infrastructure, with a primary focus on Microsoft Azure and the M365 ecosystem. You will be responsible for translating security requirements into tangible technical controls, ensuring our cloud services are resilient, compliant, and hardened against modern threats. This position directly adds value by enhancing the organization's security posture and enabling the business to leverage cloud technologies safely and efficiently. Your unique contribution will be as the subject matter expert who bridges the gap between cloud infrastructure and cybersecurity policy. Responsibilities Key Accountabilities Design, deploy, and manage secure cloud infrastructure (IaaS, PaaS, SaaS) in Microsoft Azure, ensuring alignment with security best practices and architectural standards. Administer and secure the Microsoft 365 environment, including Entra ID, Exchange Online, SharePoint, and Teams, with a focus on implementing robust security configurations and policies. Implement, manage, and tune M365 security tools such as the Microsoft Defender suite, Purview Information Protection, and Microsoft Intune for endpoint management and data loss prevention. Utilize scripting languages, primarily PowerShell, to automate security tasks, compliance checks, reporting, and administrative routines within Azure and M365. Manage Identity and Access Management (IAM), including roles, permissions, and privileged access (PIM), enforcing the principle of least privilege across all cloud platforms. Configure and manage cloud networking components, such as Virtual Networks (VNETs), Network Security Groups (NSGs), and Azure Firewall to segment and protect network traffic. Monitor cloud environments for security threats, vulnerabilities, and misconfigurations, and collaborate with the Security Operations Center (SOC) during incident response. Create and maintain comprehensive documentation for cloud architecture, security configurations, and operational procedures to ensure clarity and business continuity. Performs other duties and responsibilities as assigned. Networking/Key relationships Cybersecurity Team: Collaborate daily on security strategy, threat intelligence, incident response, and implementing security controls. IT Infrastructure Team: Partner on network integration, on-premises connectivity (hybrid cloud), and core infrastructure dependencies. Application Development Teams: Advise on secure development practices and CI/CD pipelines to ensure applications are deployed securely in the cloud. IT Service Desk: Act as a tier 3 escalation point for complex cloud and M365-related security issues. Compliance & Audit Teams: Provide evidence and support during internal and external audits to demonstrate adherence to security frameworks and regulations. Business Stakeholders: Engage with various departments to understand their needs and implement cloud solutions that enable their goals without compromising security. External Vendors (e.g., Microsoft): Manage vendor relationships for technical support, licensing, and staying abreast of new security features and product roadmaps. Qualifications Minimum Knowledge & Experience for the position: Education: Bachelor's Degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent professional experience. Experience: 3-5 years of hands-on experience in a cloud engineering, systems administration, or cybersecurity role with a strong focus on cloud environments. Direct experience deploying and securing solutions in Microsoft Azure and M365 is required. Skills & Capabilities: Strong proficiency in Microsoft Azure services (IaaS and PaaS), including Virtual Machines, Storage, VNETs, and Azure App Services. In-depth knowledge of Microsoft 365 administration and security features, particularly Entra ID, Defender for Cloud Apps, Defender for Endpoint, and Intune. Experience with Infrastructure as Code (IaC) tools such as Terraform, Azure Bicep, or ARM Templates. Proficiency in scripting languages for automation, with a strong preference for PowerShell. Solid understanding of cloud networking concepts, including VNETs, subnets, NSGs, VPNs, and firewalls. Strong knowledge of core cybersecurity principles: Identity and Access Management (IAM), encryption, logging, monitoring, and threat modeling. Experience with both Windows Server and Linux operating systems in a cloud context. Excellent analytical and problem-solving skills, with the ability to troubleshoot complex technical issues. Strong verbal and written communication skills, capable of explaining complex concepts to both technical and non-technical audiences. Relevant industry certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft 365 Certified: Security Administrator Associate (MS-500)) are highly desirable. Travel Requirements: Minimal travel required, approximately The annual base salary range for this role is currently $130,000 range to $160,000 range. Individual employee compensation will ultimately depend on factors including education, relevant experience, skillset, knowledge, and particular business needs. This role is eligible for medical, dental, and vision insurance, 401k plan retirement benefits with an employer match, as well as paid vacation and sick leave. Our sales roles are eligible for participation in a commission plan and our management, and select professional roles, are eligible for a performance-based bonus.

The driving force behind our success has always been the people of AspenTech. What drives us, is our aspiration, our desire and ambition to keep pushing the envelope, overcoming any hurdle, challenging the status quo to continually find a better way. You will experience these qualities of passion, pride and aspiration in many ways - from a rich set of career development programs to support of community service projects to social events that foster fun and relationship building across our global community. The RoleAspenTech is an AI-powered software company helping the world's leading energy, chemical and engineering companies succeed in their digital transformation, making their operations more efficient and reducing impact on the environment. At AspenTech, you will be part of a global market-leading company with double digit growth and a blue-chip customer base. We offer the opportunity to make an impact, to drive innovation and to be an agent of positive change. Our culture and vision have taken dramatic leaps forward over the past two years and we still have work to do. We need extraordinary individuals to pave the way ahead. The reviews on here paint many stories of successes, failures, excitement and disappointment. Every person has their own story. We strive to make your story at AspenTech a great one. Under the direction of the VP of Product Security this role is a key member for day-to-day operations of Product Security at Aspen Technology. This role will help protect our clients, enable teams to deliver secure development, and position us for future security needs. This thought leader will help drive mitigation of risk thru activities such as developing Threat Models, driving Risk Assessments, reviewing alignment of standard controls to mitigate risks in products, oversee vulnerability tracking, ensure security documentation and compliance with security lifecycle activities for product security releases. This could include supporting compliance documents, secure patch release, security incidents, security communications, the security champion program, and product security verification/validation activities. This role will work closely with development teams, senior leaders, and teams across the organization. This role will work with teams across the organization to mitigate risks, protect our customers, protect our assets, and enable secure activities. The Principal Security Engineer will support the development and execution of product security strategic efforts to meet business and technology objectives. This role will also support the continuously improving product security policies, procedures, tools, guidelines, and security awareness. This role will also maintain a vigilant awareness of industry threats, standards, regulations, and best practices to enhance our security profile.Your Impact Responsible for supporting the design, implementation, and oversight of Product Secure Development Lifecycle. Including aspects such as security requirements, secure architecture/design, risk assessment, threat models, security scanning, triage and vulnerability management, and product security validation/verification. Administers product security practices to product teams, technology, and security champions across the organization. Drive Product Security efforts to resolve challenges, enable automation, and impact organization security culture Monitors information security best practices, standards, regulations, industry threats and risks for improvements to product security practices. Maintains a deep understanding of current issues in the realm of information security. Subscribes to major industry newsgroups and mailing lists and assesses the impact of all emerging issues on systems and practices at Aspen Technology. Monitors security bulletins and alerts from all Aspen Technology's information system vendors. Evaluates vulnerability impact and formulates and executes risk mitigation plans for product security. Member of the AspenTech Security Emergency Response Team (ASERT) providing expert analysis of security customer reported security incidents. Works with information resource owners during and after security incidents; work with product teams for analysis; recommends best practices and solutions. Where appropriate, work with product teams, technology teams, client support and customer contacts. Occasionally after hours and weekend work to perform tasks that cannot be done during business hours. What You'll Need Bachelor's degree (B.A./B.S.) or equivalent in computer science or technical equivalent discipline from an accredited college or university required 8+ years of experience in IT required 5+ years of experience in an information security role or experience with security and development teams. Knowledge of information security regulatory requirements for privacy, secure by design, and defense in depth Maintains broad understanding of information security including ISO27002, NIST and other information security frameworks and regulations. Experience with Application/Product Security, Risk Assessment, Threat Models, Secure Architecture/Design, Security Scanning. (SAST, DAST, SCA, cloud security configuration scanning) Experience with cloud solutions such as Azure and AWS - Experience with security policy, procedures, tools, services, and cloud security models. Demonstrated ability to plan, design, develop, deploy, and maintain application security best practices Ability to assume high levels of responsibility and to work with a minimum of day-to-day supervision Ability to cooperatively and effectively work with people from all organizational levels and build consensus through negotiation and diplomacy Preferable exposure to the following: IEC 62443-4-1, IEC 62443-4-2, NIST 800-53, ISO 27001, ISO 27002, Cloud Security Alliance (CSA), Cybersecurity and Infrastructure Security Agency (CISA), SANS, OWASP, CWE 25, ethical hacking, and AI Security best practices. Desired domain knowledge and/or certification: CISSP, CISA, CCSP, CSSLP, CEH, SANS GIAC, security certification from AWS or Azure Desired knowledge of the following Technologies: Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA) Experience with Application Security Best Practices such as web security, cloud security, pen testing, fuzz testing, security coding guidelines, security architecture/design principles, CVSS, STRIDE, DREAD Experience with Application development technologies, processes, and best practices. For example: Agile, RUP, CICD, DevSecOps #LI-WJ1 The salary range for this role is $120,900.00 - $151,100.00. This range represents what we in good faith believe is the range possible for base compensation for this role at the time of this posting. We may ultimately pay more or less than the posted range based on several factors. This range may be modified in the future. This role is also eligible for bonus or variable incentive pay. Additionally, we offer a comprehensive benefits package including paid time off, charitable giveback day, medical/dental/vision insurance, and retirement benefits to eligible employees.

Are you looking for an opportunity to enhance your project management expertise within a cutting-edge global environment? If so, this Facilities Engineering Manager role could be an ideal opportunity to explore. As OT Security Engineer you will provide technical expertise and implementation resources for all automation and control systems activities on new and existing equipment and facilities in the New England Region. This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following: Liaising with the Site Team with assets residing on the OT with aiding in reviews, audits and any questions / queries with relation to OT security Maintaining the OT security standard requirements on the identified workstreams OT Ensuring vendors are managed appropriately at site in terms of OT security compliance Responsible for OT security related works in the identified workstream, including Capital Projects, to ensure they comply with the GSK OT Security standards, guidance, processes and procedures Support delivery of cyber security training to the site Responsible for engaging with GSK OT teams to deliver projects or provide service Responsible for input into improvement strategies to deliver business benefits. Responsible for providing technical input during solution design, development, testing and implementation To act as an OT Network Technical authority on related matters where To act as an advocate for OT Cybersecurity, enabling supply divisions to maximize the exploitation of technology Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field. 5+ years of experience in cybersecurity, with at least 2 years focused on OT environments. Knowledge of ICS, SCADA, and OT security principles. Familiarity with OT protocols (e.g., Modbus, OPC, DNP3) and security tools (e.g., Splunk, Palo Alto Networks, Siemens TIA Portal). Experience with regulatory frameworks such as NIST, IEC 62443, and ISO 27001. Preferred Qualifications: If you have the following characteristics, it would be a plus: Exposure to IT infrastructure and Cyber Security risk reduction Effective communication skills with the ability to interface with operational, capital projects and senior management within the organization Certifications such as CISSP, GICSP, or ISA/IEC 62443 Cybersecurity Expert. Strong problem-solving and analytical skills. Ability to communicate complex technical risks to non-technical stakeholders. Experience in the pharmaceutical or manufacturing industry is a plus. Why GSK? At GSK, we value the contributions of every team member and are committed to offering a supportive and dynamic work environment. Here's what you'll enjoy as part of our team: Purpose-Driven Work: Play a key role in protecting the systems that help us deliver life-saving medicines. Career Growth: Access to training, certifications, and development opportunities to advance your career. Inclusive Culture: Work in a collaborative and diverse environment where innovation thrives. Competitive Benefits: Comprehensive health coverage, retirement plans, and family-friendly perks. #LI-GSK We encourage you to apply if you are passionate about making a difference and have the skills to thrive in this role. Join us in creating a healthier world! Please visit GSK US Benefits Summary to learn more about the comprehensive benefits program GSK offers US employees. Why GSK? Uniting science, technology and talent to get ahead of disease together. GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation; oncology; HIV; and infectious diseases - to impact health at scale. People and patients around the world count on the medicines and vaccines we make, so we're committed to creating an environment where our people can thrive and focus on what matters most. Our culture of being ambitious for patients, accountable for impact and doing the right thing is the foundation for how, together, we deliver for patients, shareholders and our people. If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at ************** (US Toll Free) or *************** (outside US). GSK is an Equal Opportunity Employer. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), military service or any basis prohibited under federal, state or local law. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site. Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit the Centers for Medicare and Medicaid Services (CMS) website at *********************************

Are you looking for an opportunity to enhance your project management expertise within a cutting-edge global environment? If so, this Facilities Engineering Manager role could be an ideal opportunity to explore. As OT Security Engineer you will provide technical expertise and implementation resources for all automation and control systems activities on new and existing equipment and facilities in the New England Region. This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following: Liaising with the Site Team with assets residing on the OT with aiding in reviews, audits and any questions / queries with relation to OT security Maintaining the OT security standard requirements on the identified workstreams OT Ensuring vendors are managed appropriately at site in terms of OT security compliance Responsible for OT security related works in the identified workstream, including Capital Projects, to ensure they comply with the GSK OT Security standards, guidance, processes and procedures Support delivery of cyber security training to the site Responsible for engaging with GSK OT teams to deliver projects or provide service Responsible for input into improvement strategies to deliver business benefits. Responsible for providing technical input during solution design, development, testing and implementation To act as an OT Network Technical authority on related matters where required To act as an advocate for OT Cybersecurity, enabling supply divisions to maximize the exploitation of technology Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field. 5+ years of experience in cybersecurity, with at least 2 years focused on OT environments. Knowledge of ICS, SCADA, and OT security principles. Familiarity with OT protocols (e.g., Modbus, OPC, DNP3) and security tools (e.g., Splunk, Palo Alto Networks, Siemens TIA Portal). Experience with regulatory frameworks such as NIST, IEC 62443, and ISO 27001. Preferred Qualifications: If you have the following characteristics, it would be a plus: Exposure to IT infrastructure and Cyber Security risk reduction Effective communication skills with the ability to interface with operational, capital projects and senior management within the organization Certifications such as CISSP, GICSP, or ISA/IEC 62443 Cybersecurity Expert. Strong problem-solving and analytical skills. Ability to communicate complex technical risks to non-technical stakeholders. Experience in the pharmaceutical or manufacturing industry is a plus. Why GSK? At GSK, we value the contributions of every team member and are committed to offering a supportive and dynamic work environment. Here's what you'll enjoy as part of our team: Purpose-Driven Work: Play a key role in protecting the systems that help us deliver life-saving medicines. Career Growth: Access to training, certifications, and development opportunities to advance your career. Inclusive Culture: Work in a collaborative and diverse environment where innovation thrives. Competitive Benefits: Comprehensive health coverage, retirement plans, and family-friendly perks. #LI-GSK We encourage you to apply if you are passionate about making a difference and have the skills to thrive in this role. Join us in creating a healthier world! Please visit GSK US Benefits Summary to learn more about the comprehensive benefits program GSK offers US employees. Why GSK? Uniting science, technology and talent to get ahead of disease together. GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation; oncology; HIV; and infectious diseases - to impact health at scale. People and patients around the world count on the medicines and vaccines we make, so we're committed to creating an environment where our people can thrive and focus on what matters most. Our culture of being ambitious for patients, accountable for impact and doing the right thing is the foundation for how, together, we deliver for patients, shareholders and our people. If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at ************** (US Toll Free) or *************** (outside US). GSK is an Equal Opportunity Employer. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), military service or any basis prohibited under federal, state or local law. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site. Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit the Centers for Medicare and Medicaid Services (CMS) website at *********************************

More than 1,000 organizations worldwide-from 25 Fortune 100 companies to small enterprises-use Bit9 + Carbon Black to increase security, reduce operational costs and improve compliance. Leading managed security service providers (MSSP) and incident response (IR) companies have made Bit9 + Carbon Black a core component of their advanced threat prevention, threat detection and incident response services. With Bit9 + Carbon Black, you can arm your endpoints against advanced threats. Job Description We are looking for a Cloud Security Engineer who can provide hands-on technical engineering and ownership of the growing cloud security program, across multiple providers. You will work closely with our Product Management group as well our Cloud Operations team to help build secure and robust systems responsible for serving all of Bit9 + Carbon Black customers. Role Description: The Cloud Security Engineer provides cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Additionally, the Cloud Security Engineer assists in the development of cyber security requirements, conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in this environment. Key Responsibilities: Serves as the subject matter expert (SME) on Cloud Security for Bit9 + Carbon Black Develops standards, policies and procedures as well as best practices documentation. Participate in efforts that tailor the company's security policies and standards for use in cloud environments Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers. Propose and/or design technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset Lead and influence multi-disciplinary teams in implementing and operating Cyber Security controls. Work closely with application developers and database administrators to deliver creative solutions to complex technology challenges and business requirements. Provides Info security architecture & systems engineering consulting to other IT and business teams. Automate security controls, data and processes to provide better metrics and operational support Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments Stay current on emerging security threats, vulnerabilities and controls. Identify and Implement new security technologies and best practices into Bit9's Cloud offerings Evaluates new technologies against established requirements and validate the security of the technology. Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams Supports the monitoring and maintaining network security suite of tools. Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis Qualifications Bachelor's degree in related business or technical areas, or an equivalency of education and work experience. Minimum of 5-7 years of IT Security and/or security engineering experience 5-7 years related experience in Computer Security, with proven focus on Cloud Security. Clear passion for cloud Security and Cloud technologies. Must have experience with virtualization (cloud or non-cloud) Expert knowledge of Cloud infrastructure, security architectures, and standards Deep technical knowledge of Amazon Web Services, and FedRAMP Able to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels Able to automate/script daily tasks through Python, Bash or equivalent Experience with web-based applications or web-services Proficient in Linux system design, automation and operations Experience in designing and implementing standards, specifications and procedures. Demonstrated ability to take initiative and accountability for achieving results. Strong interpersonal, oral, and written communication skills Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) Skilled in discussing complex security issues in understandable business terms. Very detailed knowledge of system security vulnerabilities and remediation techniques Security certification desired (e.g., CISSP, GIAC, CEH, etc) Experience using Microsoft Visio Additional Information About us: Cyber attacks are now the new normal. Advanced hackers, nation states, organized crime groups and nefarious actors are doing anything and everything they can to get their hands on valuable information that isn't theirs. With more than enough attack vectors out there, we at Bit9 + Carbon Black are looking for more creative and committed security professionals to protect today's top organizations. Bit9 + Carbon Black is an equal opportunity employer.

Fire & Security Engineer - Worcester Varied, local work and a supportive team environment. If you know your way around fire, intruder, access, and CCTV systems, and you've got a particular knack for fire alarms, this one's worth a look. You'll be covering well-maintained sites around Worcester and the M5 corridor. Expect a steady mix of servicing, fault-finding, and small works jobs. You'll be backed by a company that actually cares about quality and doing things properly. What's in it for you: £38,000-£45,000 base salary (realistically £50K+ with call-outs and overtime) Door-to-door travel pay (only 15 minutes deducted each way) Personal-use van - no restrictions 25 days holiday + bank holidays Healthcare cash plan, life insurance, and accident cover Above-average pension contribution Recognition schemes like the Elite Driver Awards Ongoing training: FIA, BAFE, BS5839, and manufacturer courses What you'll be doing: You'll be responsible for installing, commissioning, servicing, and maintaining fire, intruder, access, and CCTV systems across a defined local patch. Most of your work will involve addressable and conventional fire alarms, emergency lighting, and related systems - with all travel time paid. What you'll need: Experience with systems like Advanced, Kentec, C-Tec, Morley, or Gent Solid understanding of BS5839 and general fire/security compliance Full UK driving licence and ability to pass an enhanced DBS check A reliable, professional approach and pride in your work About the company: You'll be joining a nationwide fire & security team of around 100 people who support sectors such as healthcare, education, care homes, utility companies, and logistics. They invest heavily in training, back their engineers properly, and reward good work with genuine progression opportunities. What to do next: Apply now or get in touch for a chat about the role.

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive. Senior Security Researcher At F5, we make apps faster, smarter, and safer. Come work within the security threat research group in an exciting, fast paced environment. Our team is performing the analysis of the latest security threats, detection and mitigation of our security solutions, as well as pen testing of F5 products. The team works in an intensive environment and is constantly updated with the latest modern technologies. Come and join the best in their field! Position Summary: Being a part of a highly experienced Security Research team, while specializing in web vulnerabilities analysis, threat intelligence and Honeynet projects. The team is handling the research of vulnerabilities and malware, evolving threats analysis, development and updates of attack signatures and product-hacking. Responsibilities: Researching web frameworks and servers to identify and understand emerging threats. Examining and replicating newly disclosed web application vulnerabilities. Focusing on WAF (Web Application Firewall) evasion techniques to preemptively bypass our defenses before hackers can. Creating innovative proof of concept solutions for advanced threats and continuously refining attack signatures, all in collaboration with development teams to enhance the WAF product using our research findings. Gathering web security intelligence from blogs, forums, conferences, and academic papers. Building tools and infrastructure for analyzing attacks. Composing and distributing insights through blogs, reports, and presenting at security conventions. Periodically performing security efficacy assessments on a variety of products, including WAFs, API security solutions, application security scanners, and machine learning models, to verify and improve their defense capabilities. Qualifications: At least 2 years of experience in analyzing real web attacks or web exploitation, with a strong preference for more extensive experience. A deep knowledge of networking fundamentals, the HTTP protocol, web servers, and the inner workings of web applications is essential. Experience in tracking emerging web vulnerabilities in real-time. Experience in building research infrastructure and Python-based tools. Experience with creating and comprehending Regular Expressions for detailed pattern matching and security-related data analysis. In-depth knowledge of security principles, theories, and recognized attack vectors. Experience in creating attack signatures, such as with tools like SNORT. - Advantage Analyzing binary malware and malicious scripts. - Advantage Knowledge in web development (front and back end). - Advantage The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. The annual base pay for this position is: $133,600.00 - $200,400.00 F5 maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, geographic locations, and market conditions, as well as to reflect F5's differing products, industries, and lines of business. The pay range referenced is as of the time of the job posting and is subject to change. You may also be offered incentive compensation, bonus, restricted stock units, and benefits. More details about F5's benefits can be found at the following link: ******************************************* . F5 reserves the right to change or terminate any benefit plan without notice. Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com). Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.

Security Researcher Do You Enjoy… * And strive to be a practiced subject matter expert? * Researching, learning, and evaluating technologies? * Educating business leaders on their technology investments? * Work that is Impactful and rewarding? ... The Security Researchers' primary responsibility is the evaluation of security technologies. The core of this process is the quantitative scoring of requirements, including both business and technical. Researcher will validate security products through a variety of means and confidently

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Job Overview: We are seeking a highly skilled and experienced Senior Security Engineer to join our IAM Engineering organization. The ideal candidate will have extensive solution-building experience across various Ping Identity products, including PingFederate, Ping DaVinci, PingOne, PingCentral, PingAccess, PingDirectory, AWS, and PingID Mobile. This role focuses on engineering rather than operations, and a background in Identity and Access Management (IAM) is a significant plus. Key Responsibilities: Design, develop, and implement IAM solutions using Ping Identity products such as PingFederate, PingDaVinci, PingOne, PingCentral, PingAccess, PingDirectory, and PingID Mobile. Architect and build secure and scalable IAM frameworks and solutions tailored to meet business and technical requirements. Collaborate with cross-functional teams to integrate IAM solutions with various applications and systems, ensuring seamless authentication and authorization processes. Develop and maintain AWS-based IAM solutions, leveraging cloud services to enhance security and scalability. Provide technical leadership and mentorship to junior engineers, fostering a culture of continuous learning and innovation. Conduct thorough security assessments and audits of IAM systems, identifying and mitigating potential risks and vulnerabilities. Stay current with the latest trends and best practices in IAM and security engineering, applying this knowledge to improve existing solutions. Work closely with stakeholders to understand their requirements and translate them into technical specifications and solutions. Develop and maintain comprehensive documentation for IAM solutions, including design documents, configuration guides, and operational procedures. Qualifications: Bachelor's degree in computer science, Information Security, or a related field. A master's degree is a plus. Minimum of 8+ years of overall experience in security engineering or a related field. At least 3+ years of experience with Ping Identity products, including PingFederate, Ping DaVinci, PingOne, PingCentral, PingAccess, PingDirectory, and PingID Mobile. At least 5+ years of experience with cloud services, particularly AWS. Strong engineering background with hands-on experience in building and deploying IAM solutions. Proficiency with AWS services and IAM integrations in cloud environments. In-depth understanding of IAM principles, including authentication, authorization, single sign-on (SSO), multi-factor authentication (MFA), and directory services. Experience with any programming language is a plus(Java preferably). Excellent problem-solving skills and the ability to troubleshoot complex IAM issues. Strong communication and collaboration skills, with the ability to work effectively in a team-oriented environment. Relevant certifications such as CISSP, CISM, or similar are a plus. Preferred Experience: Experience in Identity and Access Management (IAM) in large-scale enterprise environments. Familiarity with security standards and protocols such as SAML, OAuth, OpenID Connect, and LDAP. Experience with DevOps practices and tools for automation and continuous integration/continuous deployment (CI/CD). Compensation: $140,000.00 per year Who We Are CARE ITS is a certified Woman-owned and operated minority company (certified as WMBE). At CARE ITS, we are the World Class IT Professionals, helping clients achieve their goals. Care ITS was established in 2010. Since then we have successfully executed several projects with our expert team of professionals with more than 20 years of experience each. We are globally operated with our Head Quarters in Plainsboro, NJ, with focused specialization in Salesforce, Guidewire and AWS. We provide expert solutions to our customers in various business domains.

Job Description Aquinas Consulting is currently looking to fill an IT Security and Compliance Engineer job for our direct client in East Hartford, CT. In this role, you will design, implement, and manage security controls across cloud and on-prem environments while guiding clients through compliance requirements. You will support audits, assess gaps, and respond to incidents - ensuring clients maintain strong security postures. IT Security and Compliance Engineer Job Responsibilities: Design and implement security architectures across cloud, on-prem, and hybrid client environments Manage and optimize security tools including EDR, MDR, MFA, SIEM, firewalls, and VPNs Collaborate with NOC/SOC partners to monitor threats and respond to incidents Conduct gap assessments and advise on remediation plans for compliance frameworks such as NIST, CMMC, and PCI Support client audits by coordinating evidence collection and documentation Perform vulnerability scans, risk assessments, and configuration reviews Create and maintain security policies, procedures, and environment documentation Deliver security awareness training for internal teams and client personnel Develop and execute incident response playbooks and handle security events Improve security processes and tools, ensuring audit readiness and SLA compliance Stay current on industry trends and recommend new security measures Qualifications: Strong knowledge of servers, network infrastructure, and security technologies (firewalls, VPNs, MFA, SIEM, MDR, EDR) Experience securing cloud platforms such as AWS, Azure, or GCP, including IAM and native controls Familiarity with compliance frameworks such as NIST, CMMC, PCI, ISO 27001, etc. Excellent troubleshooting skills and experience supporting incident response Strong written and verbal communication skills with both technical and non-technical audiences Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience) 4+ years in cybersecurity engineering (MSP/MSSP/SOC experience preferred) Relevant certifications such as CompTIA Security+, CISSP, CISM, GIAC, or ISO 27001 Lead Implementer preferred If you are interested in this IT Security and Compliance Engineer job in East Hartford, CT, please apply now to be connected with a member of our team. Please note: Applying to this role is an agreement to have your information entered into our database and acknowledgement that a recruiter will reach out to you either by phone, email, and/or text message regarding this and similar job opportunities. Aquinas Consulting is a woman and minority owned company headquartered in Milford, CT that provides Engineering, Information Technology (IT), and Manufacturing staffing solutions throughout the US. We take pride in 20 years of service to our clients, our hiring managers, our consultants, and our local community. Aquinas is an affirmative action, equal opportunity employer and committed to considering all qualified applications without regard to race, genetic information, sex, age, color, religion, national origin, veteran status, disability or any other characteristic protected by law. *************************

ARS is seeking candidates to fill an ISSE Journeyman role located on Hanscom AFB in Bedford, Massachusetts. The selected individual will be able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. *ISAE II certification required. CISSP, CASP, CSSLP, CISSP-ISSEP, or CISSP-ISSAP preferred. Why Work with us? Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers. Responsibilities include: Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF). Recommending policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data. Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals. Conducting systems security evaluations, audits, and reviews. Recommending systems security contingency plans and disaster recovery procedures. Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures. Participating in network and systems design to ensure implementation of appropriate systems security policies. • Facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes. Assessing security events to determine impact and implementing corrective actions. Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services. Perform the Information System Security Engineer (ISSE) duties in an Information Assurance Workforce System Architecture and Engineering (IASAE) position as outlined in AFI 33-200, AFI 33-210 and AFMAN 33-285 for assigned systems. Perform the Information System Security Manager (ISSM) duties as outlined in DoDI 8510.01 for assigned systems/applications. Perform the Information System Security Officer (ISSO) duties as outlined in DoDI 8510.01 for assigned systems/applications. Other duties as assigned. Qualifications/Technical Experience Requirements: Must be a US citizen DoD 8570.01 MMGT512 compliant certification. Experience with the Risk Management Framework (RMF). ISAE II certification. CISSP, CASP, CSSLP, CISSP-ISSEP, or CISSP-ISSAP preferred. Active Secret Security Clearance The expected salary range: $155K -$165k. Salary is dependent upon the role and associated responsibilities, candidate's experience and qualifications to include education/training and key skills. All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals based on disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

Basic Qualifications RRequires a Bachelor's degree in Systems Engineering, or a related Science, Engineering, Technology or Mathematics field. Also requires 5+ years of job-related experience, or a Master's degree plus 3 years of job-related experience. Agile experience preferred. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibilityrequirements for access to classified information. Due to the nature of work performed within our facilities, U.S.citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package #CJ3 Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $127,432.00 - USD $140,000.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************