Security engineer jobs in Round Rock, TX

Apple's Security Engineering u0026 Architecture organization is responsible for the security of all Apple products. Passionate about safeguarding our users, we believe that the best defense requires a great offense. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first. Can you make a difference on this scale? Join our extraordinary team of security researchers and help protect all Apple users. We engage in diverse activities, including vulnerability research, binary exploitation, security tooling development, fuzzing, machine learning, and many more. By developing and harnessing state-of-the-art technologies, we amplify our impact on Apple's product security. We cover a wide range of specialities, including operating systems, firmware, microarchitecture, hardware, browser, messaging applications, Bluetooth, Wi-Fi, baseband, physical attacks including side-channel and fault injection, incident response, and more. As a member of our group, your primary responsibility will be to conduct offensive security research in one or more of these areas, often in cross-functional teams. This job is for individuals with outstanding technical skills, grit, and a genuine passion for breaking systems. If this is you, we'd love to hear from you. Ability to apply AI techniques and tools, such as LLM or Machine Learning, for security research Fluency with tool development, using programming languages such as C, C++, Python, Swift, or Objective-C Experience with reverse-engineering techniques and tools like IDA or Ghidra Knowledge of Apple operating systems like iOS or mac OS is nice-to-have, but not required Offensive security research experience Strong understanding of common vulnerability classes and exploitation techniques Creative and effective problem-solving and analytical skills Outstanding collaboration skills

The Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers. We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards. Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade. Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do - and they push us to ensure we take care of ourselves, each other, and our communities. Job Summary: Sr. Analyst, Cybersecurity Operations focused on cloud security. As a key player in our Cloud Assurance team, you will help provide comprehensive visibility into cloud infrastructures, monitor for misconfigurations, and proactively detect threats. Job Description: Essential Responsibilities: * Independently apply security best practices to enhance and optimize cyber threat management, ensuring robust protection and efficiency, while beginning to understand and align security measures with business objectives. * Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture and cyber threat management. * Analyze and resolve security challenges by adapting standard cyber threat management processes and exploring alternative approaches to address complex threats. * Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams. * Collaborate with key partners to gather and incorporate feedback, driving continuous improvements in cyber threat management. Minimum Qualifications: * Minimum of 5 years of relevant work experience and a Bachelor's degree or equivalent experience. Preferred Qualification: Your day to day: This role will be focused primarily on the security in AWS and GCP cloud environments at PayPal. This will include the security aspects of infrastructure, build pipelines, application design, cloud native service and tool design patterns, stakeholder communications, consulting and advisement of peer security teams, and solution review and approval. Daily tasks will include but not limited to: * Onboarding Cloud accounts (such as Azure, AWS & GCP) - this includes access grant, enabling policies, configuring baselines, configuring agents (if applicable), verifying health status * Administer CSPM solution - this includes managing user roles, audit logs, manage API access * Discover cloud assets - this includes gaining visibility and manage cloud assets * Manage Security policies and Benchmarks - this includes configuring CSPs specific security policies, industry specific compliance policies (such as PCI), benchmarks standards (such as CIS, NIST, etc.) * Respond to alerts - this includes monitor, investigate and triage incidents based on actionable alerts * Manage OS hardening - this includes administer operating system baseline and hardening * Integration with 3rd party systems - this includes manage changes, requests on integration with other systems (such as ITSM and CI/CD Tools) * Remediation guidance - this includes providing recommendations to the stakeholders to fix the potential threats, applying configurations on the systems to maintain IT security regulatory compliance and standards * Manage reports - this includes providing reports to the business and IT stakeholders What do you need to bring: * 5+ years' experience in Cloud Security, CSPM * Collaborate with the team to design and deliver scalable back-end services that enhance our leading CSPM platform * Develop user-friendly command-line utilities that interact with our web services * Excellent communication and documentation skills * Provide integration support and documentation for various teams, including UX/UI and Sensors * Configure and monitor uptime alerts related to the services you manage * Continuously improve architecture, models, user experience, performance, and stability through rapid prototyping and agile decision-making * Innovate and refine methods to utilize data for automating global-scale cyber threat intelligence * Contribute to building a platform that secures the entire lifecycle of cloud workloads for our customers * Proficiency in at least one object-oriented programming language with strong typing * Experience in developing and using RESTful API web services * Familiarity with cloud provider APIs and CLI tools for AWS, Azure, and GCP * Experience with infrastructure-as-code tools like CloudFormation, Terraform, and Azure Templates * Hands-on experience with Docker containers in Kubernetes environments * Experience with message queues including defining messages, estimating sizes and rates, and monitoring lag * Experience with RDBMS databases and SQL, such as Postgres Preferred certifications: * Cloud Security related certifications (AWS, GCP) * Bachelors / Master's Degree in Computer Science / Cybersecurity or related field Bonus Points: * Industry experience or certifications related to CNAPP, CSPM, or Cloud Security * Experience with application observability tools such as Splunk and PagerDuty * Experience managing production environments with Postgres, Kubernetes etc. * Familiarity with graph structures, data, and graph databases * Compliance knowledge/experience * Automation Subsidiary: PayPal Travel Percent: 0 * PayPal is committed to fair and equitable compensation practices. Actual Compensation is based on various factors including but not limited to work location, and relevant skills and experience. The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit ******************************* The US national annual pay range for this role is $111,500 to $191,950 PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. Any such request is a red flag and likely part of a scam. To learn more about how to identify and avoid recruitment fraud please visit ************************************ For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we're committed to building an equitable and inclusive global economy. And we can't do this without our most important asset-you. That's why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit ******************************* Who We Are: Click Here to learn more about our culture and community. Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at ****************************************. Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please Join our Talent Community. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

CIP Cyber & Physical Security Analyst (Auditor) Texas Reliability Entity, Inc. (Texas RE) is hiring! We are seeking a CIP Cyber & Physical Security Analyst to join our team to conduct compliance engagements (audits) and internal control assessments based on risk within the Bulk Power System (Energy Sector). Who We Are At Texas RE, we affect the lives of millions of people by ensuring effective and efficient reduction of risks to the reliability and security of the Bulk Power System within the ERCOT Interconnection. The ERCOT Interconnection is located within the State of Texas and includes approximately 90% of Texas's electric load and 75% of its land area. Texas RE's teams support this this mission while enjoying a flexible work environment, open collaboration, and a culture that values diversity, equity, and inclusion. Employees work a hybrid work schedule consisting of, at least, two days in the office (Tuesdays and Wednesdays) with the option of working three days remotely. Additionally, employees have the option to take advantage of Flexible Friday, where employees may shift working hours to earlier in the week instead of on Friday afternoon. Considered candidates will be required to reside in the Austin-metro area or be able to reliably commute to the office within a reasonable amount of time. Summary of Responsibilities The Critical Infrastructure Protection (CIP) Cyber and Physical Security Analyst is responsible for performing NERC Reliability Standard compliance engagements and other compliance program activities. The position is expected to develop expertise in the areas of information technology, operational technology, security, electrical power industry, professional auditing, and risk-based compliance processes. This position prepares and performs engagements to evaluate NERC registered entities for compliance with the NERC Reliability Standards. This position has significant contact with personnel who manage, operate, plan, and oversee generation, transmission, distribution, and cyber/physical security. This position ensures information obtained is consistent and accurate and prepares documentation and reports for the engaged NERC registered entity, NERC, FERC, Texas RE management, and the Texas RE Board. The CIP Cyber and Physical Security Analyst works independently and in a collaborative team environment while reporting to the Manager, CIP Compliance Monitoring/Director, Compliance Assessments. The CIP Cyber and Physical Security Analyst is also responsible for assisting with efforts to compose guidance, respond to registered entity questions and provide outreach and training. Essential Job Duties Ability to travel up to 30%. Plans, supports, and conducts: Compliance engagements and internal control assessments of NERC registered entities required for security and reliability issues as a subject matter expert. Data analysis and correlation as necessary through statistical, judgmental, and/or mathematical methods. Internal and external training and outreach. Develops, maintains, and delivers: Detailed, accurate, and concise audit workpapers, findings, presentations, and reports. Adherence to departmental procedures and work instructions. Confidentiality and integrity of evidence, findings, reports, and any other records. Efficiently and Effectively: Communicates strongly within the organization and externally with stakeholders. Collaborates with the ERO Enterprise and industry on compliance, reliability, and security matters. Works independently, proactively, and productively to ensure all work responsibilities (audits, projects, outreach, etc.) are successfully completed. General Job Requirements Bachelor's degree in Computer Science or Engineering field of study (or six years applicable experience Between 1 to 5 years in excess of degree requirements stated above of progressively responsible experience Problem solving skills Organizational skills Presentation skills Interpersonal, verbal, and written communication skills Willingness to learn, retain, and share technical knowledge and skills. Preferred Job Skills One of the following active certifications: Security: A+, Network+, Security+, Systems Security Certified Practitioner (SSCP), GIAC Critical Infrastructure Protection Certification (GCIP) Audit: Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC) Knowledge of Industrial Control Systems (SCADA, distributed control systems, relays, etc.) and other utility Operational Technology or Information Technology systems. Self-motivated with the ability to manage work objectives efficiently and effectively to meet deadlines. Solutions-driven with the ability to make sound and independent judgment(s). Ability to adhere to strong professional standards when interacting with others. Company Benefits Texas RE pays 100% of employee-only coverage for medical, dental, vision, life and ADD, short-term and long-term disability, and long-term care insurance, as well as the employee assistance program. Additional benefits are offered at a minimal cost to the employee such as dependent medical, dental, voluntary life and ADD for employees, spouses, and children, additional long-term care coverage for family members, legal services and identity protection. Texas RE provides a generous 401(k) or Roth 401(k) savings plan for employees, contributing 10% of an employee's compensation towards the retirement plan with full vesting after three (3) years. Additionally, Texas RE will match 75%, up to 6%, of employee contributions, with vesting at 20% per year and full vesting at five (5) years of employment. Additional Information for Applicants Background checks (including criminal history and drug screening, education and employment verification) will be conducted prior to employment. Certain positions require travel outside the U.S.; valid passport necessary for those positions. Texas RE has restrictions on employee and employee's household members' employment and financial relationships with NERC registered entities. Additional details furnished upon request. Texas RE is committed to attracting top talent from a diverse candidate pool. During the interview process, candidates will meet with a cross-section of Texas RE employees who bring a broad set of perspectives to the discussion. Our inclusive, friendly work environment encourages employees to collaborate across and outside of our organization, while also offering opportunities for personal growth. Our team of professional, technical, and administrative staff derives its collective strength from our varied backgrounds. Texas RE is an equal employment opportunity employer and prohibits discrimination against employees or job applicants on the basis of race, color, sex (including sexual orientation, gender identity/transgender status, and pregnancy), religion, national origin, age (40 or older), disability, veteran status, marital status, genetic information, or other status protected by law.

As passionate about our people as we are about our mission. Why Join Q2? Q2 is a leading provider of digital banking and lending solutions to banks, credit unions, alternative finance companies, and fintechs in the U.S. and internationally. Our mission is simple: build strong and diverse communities through innovative financial technology-and we do that by empowering our people to help create success for our customers. What Makes Q2 Special? Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together. As an Application Security Engineer, you will play a critical role in safeguarding the security of our software products and development lifecycle. This role focuses on managing and optimizing code scanning tools, identifying vulnerabilities, and ensuring secure coding practices are embedded into every stage of software development. You will collaborate with engineering teams to provide actionable security guidance, design metrics to measure security effectiveness, and create strategies to continuously improve application security. By integrating cutting-edge tools and techniques, you will ensure that our applications meet the highest standards of security and resilience, ultimately protecting the organization and its users from emerging threats. Key Responsibilities Manage and optimize code scanning tools (e.g., SAST, DAST) to detect and remediate security vulnerabilities. Provide security guidance and best practices to engineering teams throughout the software development lifecycle. Design, maintain, and report on application security metrics and dashboards to track progress and effectiveness. Perform security assessments, including threat modeling and architecture reviews for new features and applications. Collaborate with DevOps and CI/CD teams to integrate security tools seamlessly into development pipelines. Stay up-to-date on the latest security threats, vulnerabilities, and remediation strategies to evolve application security practices. Deliver secure coding training and resources to engineering teams to foster a security first culture. Own and lead the Security Champions program to drive secure practices and cross-functional engagement. Things You Will Need to Be Successful in This Role Typically requires a Bachelor's degree in a technical field such as Computer Science, Information Security, Information Technology or equivalent experience and may require up to 2 years of related experience; or an advanced degree without experience. Proficiency with code scanning tools (e.g., SAST, DAST) Deep understanding of secure coding practices and standards (e.g., OWASP Top Ten). Hands-on experience with programming languages such as Python, Java, JavaScript, or C#. Familiarity with CI/CD pipelines and integrating security tools into DevOps workflows. Strong analytical skills to interpret scan results and prioritize remediation efforts. Certifications (Preferred): CSSLP or relevant security certifications. Excellent communication and collaboration skills to work effectively with cross-functional teams. A proactive and detail-oriented mindset to identify and mitigate risks early in the development lifecycle. This position requires fluent written and oral communication in English. Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time. Health & Wellness Hybrid Work Opportunities Flexible Time Off Career Development & Mentoring Programs Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents Community Volunteering & Company Philanthropy Programs Employee Peer Recognition Programs - “You Earned it” Click here to find out more about the benefits we offer. Our Culture & Commitment: We're proud to foster a supportive, inclusive environment where career growth, collaboration, and wellness are prioritized. And our benefits go beyond healthcare-offering resources for physical, mental, and professional well-being. Click here to find out more about the benefits we offer. Q2 employees are encouraged to give back through volunteer work and nonprofit support through our Spark Program (see more). We believe in making an impact-in the industry and in the community. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status. Applicants in California or Washington State may not be exempt from federal and state overtime requirements

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Support senior cybersecurity staff in evaluating cybersecurity risks across commercial real estate (CRE) environments. Responsibilities include assisting with network security assessments, reviewing access controls, identifying common misconfigurations, running vulnerability scans, documenting networks/systems, and preparing clear reports. Scope spans both IT and OT (building systems such as BMS/BAS, HVAC, access control, CCTV). Key Responsibilities Perform asset discovery and initial scans to identify hosts, services, and firmware versions (e.g., Nmap). Review firewalls, VPNs, and endpoint security to identify misconfigurations and vulnerabilities Evaluate switch/router configurations for proper segmentation Document current-state diagrams and asset inventories Assess BMS/BAS, IoT, and physical security systems for cyber risk with minimal disruption to operations. Identify common gaps (weak/default credentials, unpatched systems, outdated TLS, flat networks, exposed management interfaces, insecure vendor remote access). Support remediation by coordinating with IT teams, vendors, and property managers; verify fixes and retest critical findings. Prepare and maintain assessment artifacts: asset lists, risk-rated findings, evidence, compliance checklists, and client-ready reports. Track emerging threats and advisories relevant to smart buildings/IoT and CRE environments; summarize impact for the team. Qualifications Associate's or Bachelor's in Cybersecurity/IT (or 2+ years equivalent hands-on experience). Familiarity with core security technologies: Firewalls (e.g., Fortinet, Palo Alto), IAM/MFA (e.g., Entra ID/Azure AD), and EDR (e.g., SentinelOne). Intermediate networking: TCP/UDP, routing basics, Layer-3 switches, VPNs (IPsec/SSL), VLANs, ACLs, NAT, DHCP/DNS, Wi-Fi/WPA3. Working knowledge of Windows client/server; basic Linux familiarity. Strong documentation and communication skills; ability to translate technical findings into clear business impact. Nice to Have Exposure to vulnerability management tooling and concepts. OT/IoT awareness: BACnet/Modbus basics, safety-first testing on live control networks, maintenance-window/change-control etiquette. Firewalls and platforms: Palo Alto, Fortinet, Check Point; switch stacks (Cisco Catalyst/Meraki, UniFi). Identity, privileged access, and remote access hygiene Endpoint and device management Scripting/automation Ticketing and knowledge tools (ServiceNow/Jira/Confluence); diagramming (Visio/draw.io). Familiarity with frameworks and benchmarks: NIST CSF 2.0, CIS Controls Travel: Regular on-site visits to local properties (50%) with occasional out-of-area travel (5-10%) Benefits Medical, dental, and vision insurance Life insurance Long-term disability Paid vacation Paid holidays Simple IRA (401K equivalent) for eligible employees Stocked snack bar Company-sponsored outings Fitness center onsite

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: * Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Build-time controls: Managing applications/products security controls and activities during development. * Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities * Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. * Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. * Support or develop components of the security analytics platform. * Contribute to investigations, threat hunting, and incident response activities in a supporting role. * Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. * Support the security operations team with the vulnerability management lifecycle for products and services under your purview. * Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities * Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. * Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. * Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. * Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). * Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. * Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. * Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. * Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. * Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. * Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. * Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. * Experience engaging with vendors in design partnerships. * Experience overseeing vulnerability and threat management at the platform and application levels. * Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. * Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. $146,000 - $170,000 a year In addition to the above salary, this role may be eligible for a bonus. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

JOB TYPE: Full-time WORK LOCATION: Onsite in Martinsburg, WV, Hines IL or Austin, TX. Only Candidates who reside in WV, IL and TX will be considered for this position. POSITIONS: There are 2 positions are available: 1st shift: Sunday -Thursday, 0700 - 1530, 2nd shift: Tuesday - Saturday, 0700-1530 ABOUT: QMS Consulting (QMS) is an Education Technology (EdTech) and Information Technology (IT) Consulting firm specializing in Cybersecurity / Data Protection, Cloud Lifecycle, Software Development and Data Science. QMS seeks a seasoned Security Operations Center (SOC) analyst to work within a dynamic and highly innovative SOC team that supports federal government customers. The Senior SOC analyst will include onboarding new detection technologies, crafting and updating incident response playbooks, and leading investigations of escalated incidents by analyzing attack patterns and determining root causes. In this role, you should be technically sound, detail oriented with the ability to lead tasks and ensure high-quality service delivery. Critical thinking and problem-solving skills are essential for this position. JOB RESPONSIBILITIES: Sr. Security Operations Center Analyst responsibilities include: Work with detection engineering team to onboard and operationalize new cloud detection tools include Azure Sentinel, AWS Guard Duty, Netskope CASB etc. Develop playbooks for cloud incident response. Lead and actively participate in the investigation, analysis, and resolution of Tier 3 and escalated cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences. Serve as a cloud subject matter expert in handling incidents of varying complexity, providing guidance and support to Tier 1 and Tier 2 analysts during investigations. Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks. Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders. Develop and operationalize advanced security analytics use cases to detect and respond to sophisticated cyber threats in real-time. Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy. Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions. Support the mentoring and training of more junior IR staff. Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities. This list of responsibilities may not be all-inclusive and can be expanded to include other duties or responsibilities as required by the business. QUALIFICATIONS AND REQUIRED EXPERIENCE: Sr. Security Operations Center Analyst requirements include: 5+ years of experience supporting large-scale IT related projects 3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC) that includes monitoring of cloud environments. A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment. Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools Experience with enterprise ticketing systems like ServiceNow Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight. Ability to learn and function in multiple capacities and learn quickly. Strong verbal and written communication skills Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent work experience) Certifications, such as CISSP, GCIH, GCFA, CEH, or equivalent, are highly desirable SALARY: $113,000 - $125,000 BENEFITS: health benefits, holidays and PTO We are an equal opportunity employer. Our policy is to always provide equal opportunity without regard to race, color, religion, sex, pregnancy, national origin, ancestry, age, marital status, sexual orientation, family responsibility, physical or mental disability, medication, or status as a veteran.

SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. SpyCloud's solutions thwart cyberattacks and protect more than 4 billion accounts worldwide. Cybersecurity is an exciting, evolving space, and being at the forefront of the fight to disrupt cybercrime makes SpyCloud a special place to work. If you're driven to align your career with a fantastic mission, look no further! *This role can be hybrid out of Austin (preferred) or remote in the United States with occasional travel to the office (around once per quarter) We are looking for a passionate Senior Security Data Analyst/Python Developer to help us parse, transform, and analyze dirty data. The ideal candidate has a thorough understanding of Python, Data analysis techniques, AWS, ETL patterns, and Automation techniques. Our Stack: Python Linux Databases: Relational and NoSQL AWS (EC2, RDS, SQS, S3, Lambda, API Gateway, and more) What You'll Do: Parse and transform structured and unstructured datasets. Build Python-based automation for the parsing platform. Bring order to dirty and/or unstructured data. Develop ETL-style automation scripts. Maintain and improve the existing codebase and infrastructure. Manage the weekly data ingestion process. Collaborate with the team to design and build innovative data systems. Data analysis based on the consumption of blogs for the marketing team. Develop processes, standards and CI/CD pipelines to manage our codebase. Leverage AI to automatically parse data. Requirements: 5-7 years of professional experience as a Python developer. A love of working with data. Familiarity with cleaning/transforming data. Experience building data solutions and automation tools using Python. Proficient in Linux bash/ksh scripting and Regular Expressions. Interest in cybersecurity. Strong understanding of computer science fundamentals (data structures, algorithms, data processing). Experience with relational and NoSQL databases. Excellent communication skills. Great team player. Self-directed, empathetic, and eager to automate repetitive tasks. Able to switch contexts as business needs change. Nice to Have: Background or strong interest in cybersecurity. Familiarity with Git version control system. Experience with AWS (Compute, Storage, Database). Experience working with Infrastructure as Code (we use Terraform and Ansible). SpyCloud is not sponsoring visas at this time. U.S.-Based Benefits + Perks (for Full Time Employees): At SpyCloud, we are committed to working alongside individuals who are equally passionate about preventing cybercrime, regardless of their department or role. Guided by our core values in all business decisions, we prioritize unity in our mission and ensure all SpyCloud employees have the support and benefits they need to stay focused on our goals. In addition to our engaging workspace in South Austin, flexible and remote-friendly work options, and competitive salary package, we offer our employees a comprehensive benefits package that includes: 401(k) with Employer Contribution Health, Vision, and Dental Insurance Health Savings Account (HSA) available with Employer Contribution Employer Paid Life, Short-term, and Long-term Disability Insurance Generous PTO Plan and 16 paid holidays per year U.K.-Based Benefits + Perks (for Full Time Employees): Retirement Savings Plan with Employer Contribution Employer Provided Private Health Insurance and Healthcare Cashplan Employer Paid Life Insurance and Income Replacement Generous Holiday Plan and 14 paid holidays per year About SpyCloud: SpyCloud is on a mission to disrupt the cycle of cybercrime. As the leader in Cybercrime Analytics, our solutions thwart cyberattacks that originate from the use of stolen data, including account takeover, ransomware, and online fraud. More than 550 customers and partners trust SpyCloud to protect users' identities, prevent targeted attacks, and unmask adversaries attempting to harm businesses and their customers. To learn more and see insights on your company's exposed data, visit SpyCloud. Our Mission: Our mission is to make the internet a safer place by disrupting the criminal underground. Together with our customers and partners, we aim to end criminals' ability to profit from stolen information. Who We Are: SpyCloud is a place for innovative, collaborative, and problem-solvers to thrive. Individually, we're amazing, but together, we're unstoppable. We celebrate diversity and various perspectives and aim to create an inclusive and supportive environment for all. We are proud to be an Equal Employment Opportunity and Affirmative Action employer of choice. All aspects of employment decisions will be based on merit, performance, and business needs. We do not discriminate on the basis of any status protected under federal, state, or local law. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. Women, minorities, individuals with disabilities, and protected veterans are encouraged to apply. SpyCloud complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. SpyCloud expressly prohibits any form of workplace harassment. Improper interference with the ability of SpyCloud's employees to perform their job duties may result in discipline up to and including discharge. SpyCloud shares the right to work and participates in the E-Verify program in all locations. If you need assistance or accommodation due to a disability, you may contact us. Our Culture: Our culture is something really special. We're all driven to disrupt the cybercriminal economy as we keep customer accounts safe from compromise. We support a truly worthy and serious mission, but we have fun doing it together. If you are driven, inventive, and collaborative, you'll fit right in. SpyCloud's Recruitment Policy: We will never ask an applicant for sensitive or personal financial information during the recruitment process. We advise all applicants seeking employment with SpyCloud to review available information on recruitment fraud. Anyone who suspects that they have been contacted by someone falsely representing SpyCloud should email ********************. Compensation Transparency Policy: At SpyCloud, we believe in transparency and fairness in compensation. We strive to ensure that all employees are fairly compensated for their contributions, and we openly discuss our compensation philosophy and structure. We are committed to providing competitive salaries and benefits packages to attract and retain top talent, and we encourage open dialogue and feedback regarding compensation matters. Learn more and apply: SpyCloud Careers

The Security Operations team is responsible for designing and driving information security initiatives at Tricentis including defining and enforcing policy, engineering defensive controls, and responding to incidents. We are seeking a candidate with a strong technical background who can adapt and thrive within a fast-growing SaaS environment. As a Senior Security Analyst, you will be a key component of our front-line defense and overall security posture. Responsibilities Include: Monitoring and reacting to security events Assisting in incident response efforts Planning, coordinating, and/or executing security assessments of networks, systems, applications, and cloud platforms Working with system owners and stakeholders to mitigate issues found in security assessments Assist with governance, risk, and compliance initiatives as needed Developing and curating threat intelligence Working with the greater Information Security team to define and implement security policies, procedures, and controls General awareness of developments in information security and help in guiding the company's response Providing security expertise and advice to other teams within the company Collaborating with other teams to solve business challenges Basic Qualifications: 5+ years of experience in information security concepts, controls, and technology Extensive experience with servers/workstations, computer networks, cloud platforms, their built-in security capabilities and hardening options Experience in a global SOC environment Experience with Azure and/or AWS cloud environments Experience with Log Management/SIEM tools Experience with EDR, Antivirus, and security tools Familiarity with the following security related disciplines with deep experience in several: Vulnerability management Forensic Analysis Application Security Cloud Security Posture Management IAM Penetration Testing Malware analysis Deep technical troubleshooting skills Familiarity with industry or regulatory compliance standards (CIS, NIST, SOC2, etc) Technical degree, certification, and/or 5+ years of experience related to information security Excellent communication skills, and the ability to explain security best practices to a non-technical audience Willingness and aptitude for learning new skills and adapting to new technologies Experience with programming and/or automation software Why Tricentis? Tricentis is currently investing heavily in our information security efforts so that means investing in YOU. We've allocated a budget for training, certifications, conference attendance, etc. and support participation in industry groups as well as speaking at events. As you are joining a company in a growth phase, we are interested in developing individuals that show leadership qualities into those that will build and oversee future teams. In addition to significant growth opportunities, you will get to help build our security stack, sourced from best-in-breed solutions and tooling. Tricentis Core Values: Knowing what we need to achieve and how to achieve it is important. Tricentis core values define our ways of working and the behaviors we model that create an enjoyable and successful Tricentis life. Demonstrate Self-Awareness: Own your strengths and limitations. Finish What We Start: Do what we say we are going to do. Move Fast: Create momentum and efficiency. Run Towards Change: Challenge the status quo. Serve Our Customers & Communities: Create a positive experience with each interaction. Solve Problems Together: We win or lose as one team. Think Big & Believe: Set extraordinary goals and believe you can achieve them. Why You'll Love Working at Tricentis: Market conform salary + success-oriented bonus Supportive and engaged leadership team 401(k) plan, full benefits package available Company paid Disability and Life Insurance Hybrid work environment Tricentis is proud to be an equal opportunity workplace. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran.

At Jamf, we believe in an open, flexible culture based on respect and trust. Our track record and thriving work environment all stem from the freedom we grant ourselves to get the job done right. We take pride in helping tens of thousands of customers around the globe succeed with Apple. The secret to our success lies in our connectivity, while operating with a high degree of flexibility. Work-life balance remains our priority while feeling connected is important to maintain our strong culture, achieve our goals, and thrive as #OneJamf. What you'll do at Jamf: The Senior Security Operations Engineer will work with the Cloud and Delivery team to continue to build, automate and maintain cloud security services in Azure. They will be responsible for leading the Security Design and Architecture, Log Collection, Security Incident Management, Identity and Access Management, Vulnerability and Patch management. They will be responsible for maintaining operation of the environment in accordance with our service level agreements and providing support to both our staff and customers. This role if offered as remote in Minneapolis, MN; Eau Claire, WI; or Austin, TX. You may be required to work periodically at a Jamf office or collaborative work location with other Jamf employees in your area for certain events or moments that matter. We are only able to accept applications for those based in one of these locations. What you can expect to do in this role: Mentors and advises others in related components and broad fundamental expertise areas Manages identity and access control in Azure Responsible for the tools, configuration, administration and related processes around our log file collection and monitoring Provides the framework, processes and execution to ensure support of Jamfs data leakage prevention Responsible for Web application firewall and related prevention, detection and mitigation of DDoS attack Vulnerability Management: Accountable for the prevention, detection and mitigation of vulnerabilities through industry standard tools, configuration, administration and internal procedures Performs regular firewall audits in line with our procedures. Provides the appropriate documentation, supporting evidence and follow up on identified issues requiring remediation Responsible for tooling, processes and follow up actions related to our external port scanning needs and practices Handles the identification, planning and implementation of any server hardening needs. Works collaboratively with Operations and other internal teams to communicate, document and implement Performs security incident analysis, response and remediation Participates in design and implementation of security automation workflows Helps manage security data reporting and visualization platform #LIRemote What we are looking for: Minimum of 4 years IT security principles, security operations, techniques, and technologies. (Required) Minimum of 4 years experience working with Linux/Unix command line interfaces, including Shell or Python scripting (Required) Minimum of 4 years experience with industry standard configuration management and deployment tools (e.g. Ansible, Azure Resource Manager or other) (Required) Minimum of 2 years experience administering some or all of the following Azure Services: (Virtual Machines, SQL Database, Load Balancer, Storage) (Preferred) Minimum of 2 years experience working with monitoring (Logic Monitor, AppDynamics, Zabbix, etc) and logging tools (Splunk, Sumologic, or ELK (ElasticSearch/Logstash/Kibana)) (Preferred) Advanced knowledge of containerization concepts and Kubernetes (Preferred) Basic knowledge of MySQL or Postgres (Preferred) 4 year / Bachelor's Degree (Preferred) A combination of relevant experience and education may be considered The following certification is preferred: Microsoft Certified: Azure Security Engineer Associate OTHER REQUIREMENTS: This position will perform work that the U.S. government has specified can only be performed by a U.S. citizen located physically in the U.S., and therefore any employment offer will be contingent upon verification of both of these requirements. Applicants who are not U.S. citizens or who are located outside of the U.S. are strongly encouraged to apply for other positions at Jamf, which is an equal-opportunity employer. SECURITY AND PRIVACY REQUIREMENTS: Participation in ongoing security training is mandatory Established security protocols will be adhered to, sensitive data will be handled responsibly, and data protection practices are followed, including understanding relevant privacy regulations and reporting breaches Acknowledging the Jamf Code of Conduct, where applicable security and privacy policies can be found, is a requirement of all roles at Jamf How we help you reach your best potential: Named a 2025 Best Companies to Work For by U.S. News Named a 2024 Best Technology Company to Work For by U.S. News Named one of Forbes Most Trusted Companies in 2024 Named a 2024 Best Companies to Work For by U.S. News Our developers work in agile delivery teams to produce new features, improve software components, and are the subject matter experts for our Jamf product offerings. You will have the opportunity to make a real and meaningful impact for more than 75,000 global customers with the best Apple device management solution in the world. We constantly push the boundaries of technology, our developers support new innovations and OS releases the moment they are made available by Apple. Several Jamf engineers are named in patents and with team names like CatDog, ThunderSnow and Dalek you can expect to have some fun while building cutting-edge software. You will have the opportunity to work with a small and empowered team where the culture is based on trust, ownership, and respect. We offer a clear career path that enables you to grow under supportive leadership and management Visit our Jamf Engineering blog to learn more about the innovative projects our team is working on and what we learn from each challenge we solve. A blog written by engineers, for engineers at medium.com/jamf-engineering 22 of 25 world's most valuable brands rely on Jamf to do their best work (as ranked by Forbes). Over 100,000 Jamf Nation users, the largest online IT community in the world. The below annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/annual salary to be offered to the selected candidate. Factors include, but are not limited to the scope and responsibilities of the role, the selected candidate's work experience, education and training, the work location as well as market and business considerations. Pay Transparency Range$103,100-$219,700 USD What it means to be a Jamf? We are a team of free-thinkers, can-doers, and problem-crushers. We value humility and the relentless pursuit of knowledge. Our culture flows from a spirit of selflessness and relentless self-improvement - driving both personal growth and collective progress throughout our company. We unite around common goals while respecting personal approaches, believing that fulfilled individuals create a thriving, vibrant workplace. Our aim is simple: hire exceptionally good people who are incredibly good at what they do and let them do it. We provide the support and resources to let everyone be their authentic, best selves at work, at rest, and at play. We are committed to supporting the continual improvement of Apple in the workplace, the organizations that rely on them and the people who keep it all running smoothly. Above it all, waves our banner of #OneJamf - and the knowledge that when we stand together, we accomplish so much more than we could alone. We seek individuals who share this unwavering journey toward growth to join us in our quest for constant improvement. What does Jamf do? Jamf extends the legendary Apple experience people enjoy in their personal lives to the workplace. We believe the experience of using a device at work or school should feel the same, and be as secure as, using a personal device. With Jamf, customers are able to confidently automate Mac, iPad, iPhone and Apple TV deployment, management, and security - anytime, anywhere - to protect the data and applications used by employees in the workplace, students learning in the classroom, and streamline communications in healthcare between patients and providers. More than 2,500 Jamf strong worldwide, we are free-thinkers, can-doers, and problems crushers who are encouraged to bring their whole selves to work each and every day. Get social with us and follow the conversation at #OneJamf Jamf is committed to creating an inclusive & supportive work environment for all candidates and employees. Candidates with disabilities or religious beliefs are encouraged to reach out if they need additional support or alternative options to our recruiting processes to accommodate their disability or religious belief. If you need an accommodation, please contact your Recruiter or Recruiting Coordinator directly. Requests for accommodation will be handled confidentially by Recruiting and will not be shared with the hiring manager. Jamf is an equal opportunity employer and does not discriminate against individuals who request reasonable accommodation for disability or religious beliefs. To request accommodations please email us at *******************

Junior Information Security Analyst 12 month Contract (with strong potential for extension and career advancement) Our client is seeking a Junior Information Security Analyst to assist in supporting and enhancing cybersecurity initiatives across their organization. This role will focus on implementing and monitoring security controls aligned with the NIST Risk Management Framework, NIST Cybersecurity Framework, and Texas Information Security Standards. This is a great opportunity for an early-career professional eager to gain deep experience in information security within an enterprise environment. Required Qualifications: Bachelor's degree in Cybersecurity, Information Technology, or a related field Security certifications such as CompTIA Security+, GSEC, or equivalent 2+ years of experience in information security, cybersecurity, or a related IT field Working knowledge of common security frameworks including: NIST Risk Management Framework (RMF) NIST Cybersecurity Framework (CSF) Texas Information Security Standards Experience with basic project planning and system development methodologies Strong analytical, communication, and documentation skills Ability to work independently with minimal supervisio Familiarity with enterprise-level IT systems or public-sector environments is highly preferred Key Responsibilities: Assist in implementing and monitoring security measures across systems and applications Support security risk assessments and compliance reviews Help maintain and document security policies, procedures, and standards Coordinate with internal teams and external vendors on security initiatives Assist in identifying and recommending improvements to existing security processes Participate in incident response and audit support activities Support research and evaluation of emerging cybersecurity tools and technologies Genius Road, LLC is proud to be a Certified Women's Business Enterprise, an Equal Opportunity Employer and values diversity. All employment is decided on the basis of qualifications, merit and business need.

Title: Manager, Information Security & Compliance Duration: Fulltime Permanent with Client ________________________________ Responsibilities: Provide leadership, management, and guidance to the Operational Technology Security & Compliance team. Oversee and manage the security patch management, password management, configuration management and logging solution. Develop and maintain maintenance and configuration procedures, schedules and related evidentiary documentation. Manage on-call schedule. Maintain security system standards and NERC compliance in accordance with good utility practices. Manage daily system monitoring, verifying the integrity and availability of hardware, server resources, systems and key processes, reviewing and verifying system and application logs. Coordinate testing and implementing operating system patches in the operations technology environment. Ensure NERC CIP requirements are implemented when performing any work. Requirements: 5+ years of experience managing information security and compliance team. 10+ years of experience with security and compliance functions (Access Management, Threat and Vulnerability Management, Security Monitoring, Patch Management, Password Management, Configuration Management and Logging). Experience supporting CIP compliance is a plus. Experience working with a team required to operate in 24/7 shifts. Strong writing and communication skills. Commitment to providing excellent customer service. Qualifications NERC CIP Additional Information All your information will be kept confidential according to EEO guidelines.

Description & Requirements Electronic Arts creates next-level entertainment experiences that inspire players and fans around the world. Here, everyone is part of the story. Part of a community that connects across the globe. A place where creativity thrives, new perspectives are invited, and ideas matter. A team where everyone makes play happen. Offensive Security Engineer - Enterprise Red Team EA Security The EA Security team protects EA by reducing our exposure to security risks by raising awareness and providing a measured, proportionate set of security and risk management controls, services and solutions. EA is looking for a security engineer to join EA's Enterprise Red Team. You will help us identify threat vectors before they can be exploited in our systems, services, cloud infrastructure or applications. We're a team that can find the worst of the worst, knows what's most likely to be attractive to attackers, and we're motivated to make things better. You will report to the Enterprise Red Team Director to work on an offensive security-driven application security program that scales enterprise-wide with a focus on automation, exploitation and best-practices. What You'll Do * Be part of the offense! Find and exploit security vulnerabilities for defensive purposes to help identify risks and lead mitigations * Perform architecture and threat model reviews to identify security vulnerabilities with a focus on AI applications, agents, and infrastructure * Build automation to scale penetration testing and to test threat detection and response capabilities * Develop, pilot and operate flexible and creative security testing automation * Collaborate with engineers across EA to identify automation gaps and rapid prototyping of new ideas and mitigations * Support traditional red team assessments, adversarial emulation campaigns and penetration tests of EA's systems to discover and document high risk vulnerabilities * Support incident response activities as required What You'll Need * 4+ years' experience in penetration testing and/or red team operations * 2+ years programming experience in at least one of the following: Golang, Python, Java, C#, C/C++ * Working knowledge of DevSecOps and CI/CD pipelines and related tooling (Gitlab, Github, Jenkins,…) * Application Analysis (fuzzing, static analysis, app scanning) * Familiarity with reviewing source code for security vulnerabilities and related tooling (Code QL, semgrep,…) * Basic understanding of machine learning its attack surface * Advanced knowledge in application security, network security, authentication protocols * Proficiency in one or more operating systems: Linux, Windows, mac OS * Experience with tooling such as Metasploit, Bloodhound, Burp, PromptFoo, ZAP, Sliver,… * Web and Database Penetration Testing Experience About Electronic Arts We're proud to have an extensive portfolio of games and experiences, locations around the world, and opportunities across EA. We value adaptability, resilience, creativity, and curiosity. From leadership that brings out your potential, to creating space for learning and experimenting, we empower you to do great work and pursue opportunities for growth. We adopt a holistic approach to our benefits programs, emphasizing physical, emotional, financial, career, and community wellness to support a balanced life. Our packages are tailored to meet local needs and may include healthcare coverage, mental well-being support, retirement savings, paid time off, family leaves, complimentary games, and more. We nurture environments where our teams can always bring their best to what they do. Electronic Arts is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. We will also consider employment qualified applicants with criminal records in accordance with applicable law. EA also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.

Information Security Specialist IV Location: Fort Hood, Texas (Killeen) Job Summary Kiakahi, LLC has an immediate opening for an Information Security Specialist to join our rapidly growing team. The Information Security Specialist performs under general direction and uses current information security technology disciplines and practices to ensure the confidentiality, integrity and availability of Government information assets in accordance with established standards and procedures. Develops and maintains knowledgebase on changing regulatory, threat, and technology landscapes to continually develop or maintain security policies and standards, and ensures compliance throughout the organization; Provides Risk Management Framework, circuit/system accreditation and certification policy services; Participates in the development or modification of the computer environment IA security program plans and requirements; Develops procedures to ensure system users are aware of their IA responsibilities before granting access to DoD information systems; Recognizes possible security violations and takes appropriate action to report the incident, as required; Ensures IA security requirements are appropriately identified in computer environment operation procedures; and collects and maintains data needed to meet system IA reporting requirements. Responsibilities (Not listed in order of importance; other duties may be assigned) and must be able to perform the following with minimal guidance: Provide oversight for the Computer Network Defense-Service Provider (CNDSP) Work with system owners to close IAVMs/ICVMs and open Plan of Action and Milestones (POA&Ms) in a rapid fashion, in accordance with DoD instructions/directives. Review all POA&MS with the Program Manager on at least a quarterly basis and update the POA&Ms accordingly. Provide Defense in Depth principles and technology in security engineering designs and implementation Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis Engineer and deploy network defense countermeasures such as anti-virus, anti-spam, and intrusion detection and prevention system solutions Analyze IA security events, including threat model development and resulting security risk analysis of systems Review and assess information security events and logs via sophisticated security information/event manager Plan, implement, and manage a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, firewalls, proxy servers, web cache, virus programs, vulnerability scanning, content filtering, remote dial in protection, Host Based Security Services, Directory Services, and Certification and Accreditation, DoD Instruction 5200.40, accreditation guidance and advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond, investigate, and report undisclosed classified incident remediation. Assess and mitigate system security threats/risks throughout the program life cycle Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures Maintain Agency public key infrastructure system Implement security designs in hardware, software, data and procedures Provide support for the Department of Defense (DoD) Public Key Infrastructure (PKI) service. Responsible for requesting, receiving, installation, and accountability of system (server) PKI certificates and providing technical support for PKI. Provide Certification and Accreditation, as well as provide Automated Information System Accreditation support Provide Security Risk Assessment. Perform risk analysis of resources, controls, vulnerabilities, impact of losing systems' capabilities and threats to the mission objective; provide analysis to facilitate decisions to implement security countermeasures or mitigate risk; implement countermeasures; periodically review program. Recognize possible threats and review evaluations for compliance and non-compliance. Responsibilities Requirements To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Bachelor's Degree in Computer Science, Cybersecurity, Computer Engineering, or related discipline preferred 5-7 years of experience performing Information Assurance functions and using RMF IT security controls and policies preferred Must possess and maintain an IT-I level certification IAW AR 25-2 and IAT-II certification IAW DoD 8570.01-M Abilities Ability to organize, prioritize and meet deadlines Capable of conveying complex information in a simplistic manner Strong critical thinking and problem-solving skills Strong self-starter requiring minimal supervision Able to take proactive measures to prevent problems rather than reactive by nature Strong verbal and written communication to effectively express concepts, plans, and proposals Security Clearance Position requires an active DoD security clearance. Must be a US citizen. Physical Requirements Work may involve sitting or standing for extended periods of time. Position may require typing and reading from a computer screen. Must have sufficient mobility, including but not limited to bending, reaching, and kneeling to complete daily duties in a timely and efficient manner. May include lifting weight up to thirty (30) pounds as necessary. A valid driver's license with a clean driving record may be required Occasional use of company vehicle while on work site Benefits Medical, dental, vision, disability, and life insurance Flexible Spending Accounts 401(k) PTO Tuition reimbursement Paid federal holidays Paid Parental Leave Company Headquartered in San Diego, CA, Kiakahi, LLC is a Native Hawaiian Organization (NHO) owned SBA Small Disadvantaged Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services. Leveraging over 30 years of providing IT services to the federal & commercial market with projects located around the world, our team possesses innovative expertise in the development of a wide range of technology solutions. Kiakahi, LLC is an equal opportunity employer. Our service commitment is to be - "Your Supreme Partner for Success." Kiakahi LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position's functions and qualifications may vary depending on business needs. Kiakahi LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics. Posted Salary Range USD $75,000.00 - USD $80,000.00 /Yr.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

About GoodLeap:GoodLeap is a technology company delivering best-in-class financing and software products for sustainable solutions, from solar panels and batteries to energy-efficient HVAC, heat pumps, roofing, windows, and more. Over 1 million homeowners have benefited from our simple, fast, and frictionless technology that makes the adoption of these products more affordable, accessible, and easier to understand. Thousands of professionals deploying home efficiency and solar solutions rely on GoodLeap's proprietary, AI-powered applications and developer tools to drive more transparent customer communication, deeper business intelligence, and streamlined payment and operations. Our platform has led to more than $30 billion in financing for sustainable solutions since 2018. GoodLeap is also proud to support our award-winning nonprofit, GivePower, which is building and deploying life-saving water and clean electricity systems, changing the lives of more than 1.6 million people across Africa, Asia, and South America. Position Summary The GoodLeap security team is responsible for both business enablement and safeguarding the organization's information assets; it is involved in virtually all aspects of the business, from product safety and resilience, to building security paved roads, customer, partner, and regulatory trust, managing technology governance and compliance, and ensuring the privacy, and safety of GoodLeap's customers, partners, and employees information. The senior security engineer role provides a unique opportunity to shape the security and resilience of GoodLeap corporate systems, services, and operational processes. In this role, you will work closely with product, engineering, IT, and business teams within GoodLeap, acting as the key individual with both the authority and responsibility to ensure the safety and resilience of enterprise systems, products, and services. Your oversight will encompass: - Enterprise systems:Identifying potential misuse and abuse cases, proposing solutions to address these scenarios, and identifying product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. - Build-time controls: Managing applications/products security controls and activities during development. - Runtime controls: Overseeing security measures at runtime, from prevention to detection and response. Additionally, you will be involved with aspects of internally built products and represent all areas of security, spanning governance, risk, and compliance (GRC) to security monitoring, for a number of departments/teams. You will also have the authority and ability to involve other security team members as needed. While you will take on multiple responsibilities-from advisor to builder and beyond-your primary focus will be designing and building security patterns and practices for services and processes, and fostering strong relationships with product, business, and engineering. Essential Job Duties & Responsibilities Lead, participate in, and contribute to partnerships between security, IT, General & Administrative teams, engineering, product, and operations teams to build, orchestrate, and automate security controls and services in GoodLeap enterprise systems, products, services, and operational processes. Identify potential misuse and abuse cases in enterprise systems, propose solutions to address these scenarios, and identify product features, configuration settings, and/or mitigating or compensating controls to meet resilience requirements. Support or develop components of the security analytics platform. Contribute to investigations, threat hunting, and incident response activities in a supporting role. Collaborate with the monitoring and response team to create playbooks for specific incident response scenarios related to the products and services you oversee. These investigations, incidents, and playbooks may address security, fraud, privacy, resilience, and related concerns. Support the security operations team with the vulnerability management lifecycle for products and services under your purview. Ensure technical alignment for the products and services you oversee with team initiatives, including GRC, security operations, and monitoring and response activities. Required Skills, Knowledge & Abilities Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences. Expertise in agile product lifecycles. Ideally, you have experience in a product manager or engineering manager role and understand how SaaS products (B2B, B2B2C, and B2C) are built, including roadmap planning and feature and defect prioritization. Experience with threat modeling methodologies, with the ability to create efficient and scalable approaches to conducting such assessments. Familiarity with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus). Proven ability to establish credibility and build trust with business, engineers, and operational staff; confident yet humble. Hands-on experience with managing security for core enterprise systems, e.g., ERP, HCM, Salesforce, etc. Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases. Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK; GitHub and GitHub Actions; artifact management; and secrets management tools like Doppler and HashiCorp Vault. Passionate about learning new technologies. While you're not expected to know everything, you should demonstrate a willingness and ability to learn as needed. Prior experience interfacing and supporting with G&A teams, internal product teams, and other cross-functional areas. Proficiency in writing automation scripts in multiple languages, with prior experience automating security processes in cloud or SaaS environments. Experience engaging with vendors in design partnerships. Experience overseeing vulnerability and threat management at the platform and application levels. Familiarity with penetration testing and red team exercises, including manual verification, exploitation, and lateral movement. Ability to balance a high-level view of security strategy with attention to detail, ensuring thorough and effective execution. Additional Information Regarding Job Duties and s: Job duties include additional responsibilities as assigned by one's supervisor or other managers related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties and other skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job position or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by the law. If you are an extraordinary professional who thrives in a collaborative work culture and values a rewarding career, then we want to work with you! Apply today! We are committed to protecting your privacy. To learn more about how we collect, use, and safeguard your personal information during the application process, please review our Employment Privacy Policy and Recruiting Policy on AI.