Cyber Security Engineer jobs at Sentara Healthcare

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **For candidates residing within a 50-mile radius of a Highmark office, a hybrid work schedule of three days per week (Tuesday, Wednesday, and Thursday) in the office is required.** The Cyber User Behavior Engineer is a pivotal role at Highmark, dedicated to enhancing our organization's security by cultivating a robust "security-first" culture. This individual will lead the design, implementation, and ongoing management of comprehensive security awareness programs. Their primary responsibility will be to educate, train, and inspire all Highmark employees to effectively identify and report security threats, ensuring adherence to Highmark's security policies and industry best practices. This role is crucial in minimizing human-centric security risks and fostering a vigilant and informed workforce. **ESSENTIAL RESPONSIBILITIES** + Develop, implement, and continuously improve a proactive program to identifying internal threats. + Establish close relationships with business stakeholders outside of the security discipline, working closely with privacy, physical security, fraud, legal, human resources and senior leadership. + Perform predictive analysis of behavior, anomalies, and concerns to identify internal threats. + Execute campaigns designed to improve enterprise security posture. + Continually enhance insider risk program to increase efficiencies and measure program effectiveness and report accordingly on progress. + Utilize change management methodologies to mitigate identified security risks. + Provide insider threat support to security operations and incident response teams in advance of and during cyber security incidents. + Ensure clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, identifying impact to the business and to consumers, helping shape remediation, and developing external and internal communications. + Ensure the education and awareness program is aligned with the Information Security Program, Policies and Standards. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Business Education, Marketing or Information Systems **Substitutions** + Six (6) years relevant, progressive experience **Preferred** + Bachelors in Information Security **EXPERIENCE** **Required** + 3 years in IT or IT Security Focus + 3 years of Insider Threat Program focus To include: + 3 years with Human Intelligence (HUMINT) **OR** as an Open-source Intelligence Analyst **Preferred** + 1-3 years in a Security Awareness or adjacent role **LICENSES or CERTIFICATIONS** **Required** + None **Preferred** + Security + **OR** + GSEC **OR** + CISSP **OR** + CERT Insider Threat + SANS Security Awareness Professional (SSAP) Proofpoint Certified Security Awareness Specialist **SKILLS** + Change Management + Presentation Delivery + Prioritizing + Analytical and Logical Reasoning/Thinking + Communication Skills + Cyber Security + User Behavior + Continuous Improvement **Language (Other than English):** None **Travel Requirement:** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-based Teaches / trains others regularly Frequently Travel regularly from the office to various work sites or from site-to-site Rarely Works primarily out-of-the office selling products/services (sales employees) Never Physical work site required Yes Lifting: up to 10 pounds Occasionally Lifting: 10 to 25 pounds Rarely Lifting: 25 to 50 pounds Never **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272819

Providence caregivers are not simply valued - they're invaluable. Join our team at Enterprise Information Services and thrive in our culture of patient-focused, whole-person care built on understanding, commitment, and mutual respect. Your voice matters here, because we know that to inspire and retain the best people, we must empower them. Providence is looking for a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence. In this pivotal role, you'll be the strategic force behind identifying and neutralizing emerging threats, safeguarding critical systems, and empowering Providence's Global Security Operations Center. Your insights will directly inform risk strategies and guide executive decision-making -making you a key player in protecting millions of lives through secure healthcare technology. If you're passionate about staying ahead of adversaries and driving innovation in cybersecurity, this is your chance to lead at the highest level. Providence offers hybrid work options for candidates living within a daily commuting distance -up to 65 miles-from any of our primary office locations listed below. + Washington: Seattle, Redmond, Renton, Vancouver + California: Los Angeles, Irvine + Oregon: Portland Please note the following important details regarding this position: + This is a hybrid role, involving a combination of in-office and remote work each week. + The weekly hybrid schedule will be determined by the manager based on departmental needs. Essential Functions: + Conduct in-depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization. + Prepare and deliver well researched, impactful analytic findings that combine self-driven research and findings from team threat hunting efforts to convey cyber threat risk and impact, tailored appropriately to technical and non-technical stakeholders, including executives + Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques + Ability to classify, categorize, and analyze malware and threats. Translate this into actionable detections using frameworks such as MITRE ATT&CK + Maintain strong breadth and depth of knowledge about the healthcare industry threat landscape, including threat actors, malware, hacking techniques, emerging threats, and trends that may impact the organization + Collaborate with internal teams to provide timely and actionable intelligence, aligned with operational needs, that support CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives + Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat hunting operations. + Perform root cause analysis and provide recommendations for proactive measures to help prevent cyber intrusions. + Continuously update and refine existing threat intelligence processes and methodologies to ensure the organization remains at the forefront of cyber defense. + Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations. + Monitor and assess emerging technologies, such as AI and machine learning capabilities to augment and enhance threat detection, triage, and analysis. Required Qualifications: + Bachelor's Degree in Computer Engineering, Computer Science, Mathematics, Engineering -OR- a combination of equivalent education / experience + Upon Hire: CISSP, CEH, or an equivalent certification + 8 or more years of related experience + Experience designing security controls and countermeasures for operating systems, databases, applications, Web services, user devices, and wireless networks. Preferred Qualifications: + Master's Degree in Computer Engineering, Computer Science, Mathematics, Engineering + Experience in a Healthcare environment + 8 or more years of cyber threat intelligence analysis experience + Experience conducting in-depth analysis and research on cyber threats, including identifying threat actors' motivations, intent, and TTPs + Skilled in correlating intelligence from multiple sources to assess potential organizational impact + Familiarity with reverse engineering and categorizing malware + Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply chain vulnerabilities + Demonstrated experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model of Intrusion Analysis, others + Experience working cross-functionally with CIRT/IR teams, vulnerability management, and SOC operations teams. + Experience working with insider threat teams a plus + Capability to develop threat profiles and integrate tactical intelligence into detection rules + Ability to influence risk-based decision-making with clear, concise reporting Salary Range by Location: + California: Los Angeles and Irvine: Min: $71.23, Max: $121.29 + Oregon: Portland Service Area: Min: $68.33, Max: $116.36 + Washington: Seattle, Renton, Redmond: Min: $71.23, Max: $121.29 + Washington: Vancouver: Min: $68.33, Max: $116.36 Why Join Providence? Our best-in-class benefits are uniquely designed to support you and your family in staying well, growing professionally, and achieving financial security. We take care of you, so you can focus on delivering our Mission of caring for everyone, especially the most vulnerable in our communities. About Providence At Providence, our strength lies in Our Promise of "Know me, care for me, ease my way." Working at our family of organizations means that regardless of your role, we'll walk alongside you in your career, supporting you so you can support others. We provide best-in-class benefits and we foster an inclusive workplace where diversity is valued, and everyone is essential, heard and respected. Together, our 120,000 caregivers (all employees) serve in over 50 hospitals, over 1,000 clinics and a full range of health and social services across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. As a comprehensive health care organization, we are serving more people, advancing best practices and continuing our more than 100-year tradition of serving the poor and vulnerable. The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities. Providence offers a comprehensive benefits package including a retirement 401(k) Savings Plan with employer matching, health care benefits (medical, dental, vision), life insurance, disability insurance, time off benefits (paid parental leave, vacations, holidays, health issues), voluntary benefits, well-being resources and much more. Learn more at providence.jobs/benefits. Applicants in the Unincorporated County of Los Angeles: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Unincorporated Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act." About the Team Providence Shared Services is a service line within Providence that provides a variety of functional and system support services for our family of organizations across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. We are focused on supporting our Mission by delivering a robust foundation of services and sharing of specialized expertise. Providence is proud to be an Equal Opportunity Employer. We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law. We believe diversity makes us stronger, so we are dedicated to shaping an inclusive workforce, learning from each other, and creating equal opportunities for advancement. Requsition ID: 401760 Company: Providence Jobs Job Category: Information Security Job Function: Information Technology Job Schedule: Full time Job Shift: Day Career Track: Business Professional Department: 4011 CYBERSECURITY Address: CA Irvine 15480 Laguna Canyon Rd Work Location: Providence System Offices Discovery Park-Irvine Workplace Type: Hybrid Pay Range: $See Job Posting - $See Job Posting The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We're proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint. Work Shift: Scheduled Weekly Hours: 40Salary Range: $40.00 - $66.00Pay starts at $40 and increases according to years of applicable experience. Union Position: No Department Details ***Working remotely is an option if you currently live in SD, ND, MN, IA, NE or WI. Required Skills and Qualifications: Strong communication skills to explain complex concepts to various stakeholders Excellent documentation skills for development of diagram, requirements, process mapping and overall design solutions Strong team player with curious and flexible nature. Strong understanding of network protocols (TCP/IP, OSI model) and network security concepts Expertise in network switch, routing, and security technologies (firewalls, VPNs, IDS/IPS, etc.) Experience with security frameworks and standards (NIST, CIS, ISO 27001) Proficiency in scripting languages (Python, Perl, PowerShell) Strong problem-solving and analytical skills Excellent communication and interpersonal skills Summary Responsible for the technical and operational delivery of enterprise cybersecurity solutions. Focuses on the development and implementation of processes and tools for identifying, evaluating, implementing, troubleshooting, and maintaining technical security controls for the organization. These controls are designed to prevent, detect, and contain security threats; enabling Sanford to be productive while maintaining a secure environment that optimizes Sanford's return on investment. Job Description Lead the building, configuring, and maintaining of cybersecurity systems to ensure our operational environments stay compliant and secure. Implements security controls using industry best practices across numerous technologies including, but not limited to SIEM, email filtering, web and content filtering, firewall, IPS/IDS systems, identity and access management, SSO/MFA, vulnerability management, and data protection. Skillfully maintains the existing security systems, including implementing new features, performing upgrades, and managing technical configurations/policies across a variety of business-critical systems. Proficiently monitors and responds to security system health alerts. Respond to day-to-day operational work such as managing security tools while simultaneously multitasking with strategic project initiatives. Provide security consulting services to other Sanford health groups. Provide assistance to a 24x7 team of dedicated security engineers focused on maintaining operational stability while reducing risk. Build and maintain key vendor and supplier relationships. Lead strategic project initiatives ensuring the processes and procedures are well defined and documented. Recognize both internal and external threats and understand/communicate risks to Sanford Assets. Make strategic recommendations to enhance and improve overall security posture. Advise on methods to increase efficiency of current toolsets (such as script automation or process improvement recommendations). Mentor others within the team as well as receive instruction and guidance from others within the team. Write documentation that can be used by all team members and other employees. Identify gaps in established/documented process and update as needed. Works under limited guidance due to previous experience/breadth of knowledge of processes and organizational knowledge. Acts independently to determine methods and procedures on new assignments. Regularly presented with new assignments and projects that require the application of independent judgement/interpretation of policies/practices. Checks own work and the work of other team members. Qualifications Bachelor's degree in cyber security or an information technology related field. Minimum of 4 years experience working in Cyber Security field. Security Certifications (CISSP, CISA, CISM, Security+, CEH, etc.) are highly desired Sanford is an EEO/AA Employer M/F/Disability/Vet. If you are an individual with a disability and would like to request an accommodation for help with your online application, please call ************** or send an email to ************************.

Is cyber security your passion? If so, Leidos is the place to be! We're thrilled to announce an exciting career opportunity for a Cyber Security Analyst at Tyndall AFB, FL. This role is part of a high‑impact program supporting Air Combat Command's (ACC) Intelligence, Surveillance, and Reconnaissance (ISR) mission-a chance to make a real difference at the cutting edge of national defense. Candidates must currently hold a TS/SCI security clearance. Primary Responsibilities: Evaluates SCI system risks and vulnerabilities. Recommends mitigation actions on network vulnerability scans. Performs audits on networked devices and individual user accounts. Works with external agencies at the Base, MAJCOM, and Service levels. Validates and approves higher level privileged access to SCI accounts. Updates, manages, and oversees Risk Management Framework security controls. Writes, staffs, and submits Security Impact Analysis reports for HHQ approval. Manages SCI system and network Authority to Operate requirements for Site. Validates, audits, and manages user system access accounts. Develops, distributes, and enforces Site-wide SCI system security policy. Interacts with and helps SCI system customers daily as needed. Provides incident response to HQ ACC security personal as required. Qualifications: Current Top Secret/SCI security clearance on day 1. Current IAM level II (i.e.CAP, CASP+CE, CISM, CISSP, GSLC, CCISO, or HCISPP) Bachelor's degree and 5+ years or Associate's degree and 8+ years (of experience in system Cyber Security and Information Assurance). Experience may be considered in lieu of degree. EIO2024 If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. Original Posting:December 9, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range:Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

The Principal Information Security Engineer on the Incident Response Team is a critical leadership role responsible for overseeing, coordinating, and enhancing the organization's response to cyber threats and security incidents. Leads the technical aspects of incident detection, analysis, containment, eradication, and recovery for information security incidents. Develops and maintains incident response plans, playbooks, and procedures, ensuring alignment with industry best practices and regulatory requirements. Coordinates and drive investigations into suspicious activities, malware attacks, and advanced persistent threats (APTs). Serves as the primary escalation point for complex incidents, providing expert guidance and decision-making during critical events. Collaborates with security operations, threat intelligence, and IT teams to improve detection capabilities and reduce response times. Conducts post-incident reviews, root cause analyses, and lessons-learned sessions to strengthen the organization's security posture. Mentors and trains incident response team members, fostering technical growth and knowledge sharing. Stays current with emerging threats, vulnerabilities, and attack techniques, recommending proactive measures to mitigate risks. Prepares and delivers detailed reports, metrics, and presentations to senior leadership and stakeholders. Technical expertise in incident response and digital forensics. Deep knowledge of cybersecurity frameworks, security technologies, and threat landscape. Proficiency in forensic analysis, malware reverse engineering, and network security monitoring tools. Strong analytical, problem-solving, and communication skills. Strong ethical standards and attention to detail. The Information Security Principal Engineer acts as an information security liaison to various business units and the Information Technology Department to provide direction, training, and guidance for OIS staff. The Information Security Principal Engineer is considered an expert, leader and mentor; identifying and resolving technology related information security gaps based on the organization's risk posture. Specifically, the Information Security Principal Engineer is knowledgeable, proficient and experienced in: •Working with business partners across the organization to achieve organizational and OIS goals •Working collaboratively with team members and other leaders to develop and implement cybersecurity strategy based on industry best practice •Developing secure network and systems architecture •Analyzing technology security posture and appropriate use of security defenses •Matching technical solutions with business requirements and then designing and implementing them; •Software development, testing, support/problem solving, and overall technology administration; •Organizational procedures such as the system development lifecycle; •Use of defensive measures and information to identify, analyze and report security events; •Researching and understanding pertinent information technology laws, policies and procedures •Providing direct support for acquiring information security technology and applications •Applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle •Collecting and analyzing information to identify vulnerabilities and potential for exploitation •Managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content •Executing duties governing hardware, software, and information system acquisition programs and other program management policies This is a full time, remote position within the United States. Mayo Clinic will not sponsor or transfer visas for this position including F1 OPT STEM. Master's degree with three (3) years' experience OR Bachelor's degree in Computer Science, Information Systems, Engineering or related major and a minimum five (5) years' experience in the information security field required.The Information Security Principal Engineer also requires the following skills/abilities. •Understands the use and efficacy of information security tools, server configurations and controls with the ability to install, configure, test and operate them. •Able to test, implement, deploy, maintain, review and administer the infrastructure hardware and software required to effectively secure the enterprise, protect data, identify and mitigate risks •Ability to collect, process, preserve, analyze and present computer related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence or law enforcement investigations. •Provides advanced technical opinions/conclusions re. security tools, trends, and controls which are supported by documented evidence, based on multiple perspectives and leverage of a variety of resources •Demonstrates a deep and broad knowledge of standard operating procedures, workflows and supporting technology across numerous critical user areas and an in-depth knowledge of multiple computing technologies either being actively used or of significant interest to Mayo; understands how systems fit into larger picture of technology at Mayo. •Capacity to work independently and willingness to seek advice/assistance. Must have one of the following certifications (or equivalent) at time of hire. • CISSP • GSEC • CISM • HCISPP • OSCP

Hello Heart is on a mission to change the way people care for their hearts. The company provides the first app and connected heart monitor to help people track and manage their heart health. With Hello Heart, users take steps to control their risk of heart attacks and stroke - the leading cause of death in the United States. Peer-reviewed studies have shown that high-risk users of Hello Heart have seen meaningful drops in blood pressure, cholesterol and even weight. Recognized as the digital leader in preventive heart health, Hello Heart is trusted by more than 130 leading Fortune 500 and government employers, national health plans, and labor organizations. Founded in 2013, Hello Heart has raised more than $138 million from top venture firms and is a best-in-class solution on the American Heart Association's Innovators' Network and CVS Health Point Solutions Management platform. Visit ****************** for more information. About the Role: As our Cloud Security Engineer, you'll play a critical role in securing and scaling our cloud infrastructure to meet the highest standards of trust and compliance. Reporting to our Cloud Infrastructure Lead, you'll collaborate with our Information Security Officer and distributed engineering teams to design, implement, and automate cloud security controls that protect sensitive data and systems across environments. You'll lead efforts to detect and remediate vulnerabilities, strengthen our containerized workloads, and build tools that provide visibility into our security posture. If you thrive at the intersection of infrastructure, security, and automation, and you enjoy turning complex challenges into streamlined, secure systems, this role is for you. Responsibilities: Collaborate with our Information Security Officer to implement and maintain cloud security controls aligned with compliance frameworks and audit requirements. Drive vulnerability management and prevention across containerized workloads and cloud-native services. Build and operate systems that monitor and report on security posture, compliance status, and incident metrics. Automate critical security operations, including scanning, policy enforcement, and secret management. Integrate security best practices into CI/CD pipelines and infrastructure-as-code workflows. Collaborate with the security team regularly on security reviews, audits, and risk assessments. Contribute to security policies, documentation, and awareness initiatives. Partner closely with development teams to deliver secure-by-design solutions. Participate in the on-call rotation with the Cloud Infrastructure team. Qualifications Currently located in an Eastern Time Zone US state, as well as previous experience working with globally-distributed teams 5+ years of experience in security engineering or security operations in cloud environments. Hands-on expertise with AWS (or other cloud platforms) and Kubernetes. Deep understanding of container infrastructure, IAM, and secure network design. Experience with Terraform, Helm, or other infrastructure-as-code tools. Familiarity with cloud-native monitoring, logging, and vulnerability management tools. Proven ability to automate and scale security processes through scripting or workflow tools. Experience in threat modeling and penetration testing. Certifications such as AWS Certified Security, GCP Professional Cloud Security Engineer, or CISSP. Bachelor's degree in computer science, information security, or a related field (or equivalent practical experience). Experience supporting SOC 2, HIPAA, ISO 27001, NIST, or other regulatory frameworks. The US base salary range for this full-time position is $145,000.00 to $160,000.00. Salary ranges are determined by role and level. Compensation is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the salary only, and do not include equity or benefits. Hello Heart has a positive, diverse, and supportive culture - we look for people who are collaborative, creative, and courageous. Oh, and if you want to see some recent evidence of the fun things we do at Hello Heart, check out our Instagram page.

**Is cyber security your passion?** If so, Leidos is the place to be! We're thrilled to announce an exciting career opportunity for a **Cyber Security Analyst** at **Tyndall AFB, FL** . This role is part of a high‑impact program supporting **Air Combat Command's (ACC) Intelligence, Surveillance, and Reconnaissance (ISR) mission** -a chance to make a real difference at the cutting edge of national defense. Candidates must currently hold a **TS/SCI security clearance** . Primary Responsibilities: + Evaluates SCI system risks and vulnerabilities. + Recommends mitigation actions on network vulnerability scans. + Performs audits on networked devices and individual user accounts. + Works with external agencies at the Base, MAJCOM, and Service levels. + Validates and approves higher level privileged access to SCI accounts. + Updates, manages, and oversees Risk Management Framework security controls. + Writes, staffs, and submits Security Impact Analysis reports for HHQ approval. + Manages SCI system and network Authority to Operate requirements for Site. + Validates, audits, and manages user system access accounts. + Develops, distributes, and enforces Site-wide SCI system security policy. + Interacts with and helps SCI system customers daily as needed. + Provides incident response to HQ ACC security personal as required. Qualifications: + Current Top Secret/SCI security clearance on day 1. + Current IAM level II (i.e.CAP, CASP+CE, CISM, CISSP, GSLC, CCISO, or HCISPP) + Bachelor's degree and 5+ years or Associate's degree and 8+ years (of experience in system Cyber Security and Information Assurance). Experience may be considered in lieu of degree. **EIO2024** If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. **Original Posting:** December 9, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. **Pay Range:** Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. **About Leidos** Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit ************** . **Pay and Benefits** Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at **************/careers/pay-benefits . **Securing Your Data** Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at ***************************** . If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission (******************************* . **Commitment to Non-Discrimination** All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. REQNUMBER: R-00171790 All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.

**Is cyber security your passion?** If so, Leidos is the place to be! We're thrilled to announce an exciting career opportunity for a **Cyber Security Analyst** at **Tyndall AFB, FL** . This role is part of a high‑impact program supporting **Air Combat Command's (ACC) Intelligence, Surveillance, and Reconnaissance (ISR) mission** -a chance to make a real difference at the cutting edge of national defense. Candidates must currently hold a **TS/SCI security clearance** . Primary Responsibilities: + Evaluates SCI system risks and vulnerabilities. + Recommends mitigation actions on network vulnerability scans. + Performs audits on networked devices and individual user accounts. + Works with external agencies at the Base, MAJCOM, and Service levels. + Validates and approves higher level privileged access to SCI accounts. + Updates, manages, and oversees Risk Management Framework security controls. + Writes, staffs, and submits Security Impact Analysis reports for HHQ approval. + Manages SCI system and network Authority to Operate requirements for Site. + Validates, audits, and manages user system access accounts. + Develops, distributes, and enforces Site-wide SCI system security policy. + Interacts with and helps SCI system customers daily as needed. + Provides incident response to HQ ACC security personal as required. Qualifications: + Current Top Secret/SCI security clearance on day 1. + Current IAM level II (i.e.CAP, CASP+CE, CISM, CISSP, GSLC, CCISO, or HCISPP) + Bachelor's degree and 5+ years or Associate's degree and 8+ years (of experience in system Cyber Security and Information Assurance). Experience may be considered in lieu of degree. **EIO2024** If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. **Original Posting:** December 9, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. **Pay Range:** Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. **About Leidos** Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit ************** . **Pay and Benefits** Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at **************/careers/pay-benefits . **Securing Your Data** Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at ***************************** . If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission (******************************* . **Commitment to Non-Discrimination** All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. REQNUMBER: R-00171815 All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.

7+ years of experience in information security, application security, or infrastructure security. Strong knowledge of: Network security fundamentals (TCP/IP, firewalls, VPN, proxies) Web/app security (OWASP Top 10, API security, authentication/authorization) Cloud security (AWS, Azure, or GCP) CI/CD and DevSecOps practices Hands-on experience with tools such as: SAST/DAST/SCA tools (SonarQube, Checkmarx, Veracode, Burp Suite) Vulnerability scanners (Nessus, Qualys, OpenVAS) SIEM/EDR (Splunk, Sentinel, CrowdStrike) Container/Kubernetes security (Trivy, Aqua, Falco) Knowledge of secure coding practices in at least one language (Python, Java, Go, JavaScript, etc.). Strong analytical, problem-solving, and communication skills. Nice-to-Have Certifications: CEH, OSCP, CISSP, CCSP, GSEC, GCIH. Experience with automation (Python, Bash, Terraform). Experience with Zero Trust architecture and SSO solutions. Exposure to threat intelligence and red/blue team operations. Compensation, Benefits and Duration Minimum Compensation: USD 41,000 Maximum Compensation: USD 145,000 Compensation is based on actual experience and qualifications of the candidate. The above is a reasonable and a good faith estimate for the role. Medical, vision, and dental benefits, 401k retirement plan, variable pay/incentives, paid time off, and paid holidays are available for full time employees. This position is not available for independent contractors No applications will be considered if received more than 120 days after the date of this post

Persona is the configurable identity platform built for businesses in a digital-first world. Verifying individuals and organizations is harder - but more important - than ever, with AI enabling fraudsters to launch sophisticated accounts at scale and regulations evolving rapidly. We've built Persona to support practically every use case and industry - that's why we're able to serve a wide range of leading companies. For example, Instacart relies on Persona to verify shoppers who onboard onto their platform before delivering groceries to your doorstep. Meanwhile, OpenAI relies on Persona to keep bad actors out, protecting one of the world's most powerful AI platforms from large-scale abuse in a time when AI is reshaping the way we work and live. We're growing rapidly and looking for exceptional people to join us! About the Role Persona's Security Team is looking for someone to lead our corporate security efforts. You'll play a pivotal role in fortifying our defenses against evolving threats. Your mission is to protect fellow Personerds and the systems we use to do our work. You'll have the opportunity to employ cutting-edge technologies, innovative strategies, and your expertise to thwart potential attacks before they disrupt our operations. This is a full-time position based in our headquarters in downtown San Francisco. Our in-office days are Tuesday - Thursday, with the option to work from home on Monday and Friday. What you'll do at Persona * Develop, enhance, and implement endpoint detection and response rules and tooling for endpoint devices * Collaborate cross-functionally with our TechOps Team in implementing security best practices for SaaS and endpoint environments and support security initiatives like 2-factor authentication, automated encryption of client devices, DLP, etc. * Build tools and processes for automating security controls and monitoring at scale * Support security initiatives across the organization and harden our corporate infrastructure against attack * Recommend endpoint and SaaS mitigations and controls based on generated telemetry * Provide recommendations and support for insider threat programs * Participate in the on-call rotation for the Security Team What you'll bring to Persona * 3+ years of experience in IT security or building endpoint security solutions, including experience supporting mac OS devices * Experience with planning and executing endpoint hardening initiatives * Experience with mobile device management (MDM) and endpoint detection and response (EDR) tools and technologies * Experience with data loss prevention (DLP) and insider threat concepts and mitigations * Experience with email security concepts and protecting a workforce against phishing * Ability to explain security topics clearly to non-technical business representatives * Ability to write code in Ruby, Python, or similar scripting languages, as well as SQL queries Full-time Employee Benefits and Perks For full-time employees (excluding internship and contractor opportunities), Persona offers a wide range of benefits, including medical, dental, and vision, 3% 401(k) contribution, unlimited PTO, quarterly mental health days, family planning benefits, professional development stipend, wellness benefits, among others. While we believe competitive compensation and benefits are a critical aspect of you deciding to join us, we do hope you consider why our core values and culture are right for you. If you'd like to better understand what it's like working at Persona, feel free to check out our reviews on Glassdoor.

Leidos is seeking multiple ConMon Analysts to be responsible for overseeing and monitoring authorized IT systems (re-authorization and new systems) throughout their lifecycle for security posture impact. These positions can be based out of any of our three locations - Alexandria, VA, Fort Meade, MD, or Chambersburg, PA. These positions are primarily on-site, but some partial telework may be available at the discretion of our customer and program management. Maximum starting salary for these positions is $70,000/year. Responsibilities: Analyze proposed or actual system changes to determine security impact, and assess security controls and their effectiveness. Utilize Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and ESS to assess, validate, and monitor enterprise and system-level security controls. Develop and maintain the DISA RE5 ConMon Strategy to support the A&A mission. Create and update the DISA RE5 ConMon SOP, outlining required activities and artifacts that include the oversight and monitoring of IT systems throughout their lifecycle. Conduct continuous assessments of security controls, perform automated/manual security control monitoring of information systems and provide IS / Security Control Status Reports based on live data from security monitoring tools. Ensure ongoing assessments are in compliance with industry auditor standards to monitor security, vulnerabilities, and threats. Ensure ConMon-related controls are properly implemented in RMF packages within eMASS. Report system risk status using the DISA-approved reporting tool. Maintain the ConMon Dashboard, tracking compliance, POA&M status, CMRS visibility, asset management, FISMA reviews, and annual validations. Track automated and manual security controls, identifying overdue assessments and validations. Coordinate with System, ACAS, and HBSS/ESS Administrators to resolve credentialing and data issues. Provide real-time security status metrics based on the ConMon Strategy and SOP and alert Leidos and government leadership of security posture changes with negative impact. Basic Qualifications: Active DoD Top Secret clearance with SCI eligibility required Current DoD 8570 IAM II or IAT II certification Bachelor's degree (IT-related field preferred) and three (3) years of overall experience in cybersecurity or network security position. Additional relevant experience may be considered in lieu of degree. Understanding of security architecture, system hardening, vulnerability management, and intrusion detection/preventio Proficiency in one or more of the following tools: Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and HBSS Understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253 VMP experience Strong communication, presentation, and customer service skills --- The maximum starting salary for this position is $70,000. Please note that the broader pay range displayed at the bottom of this page represents the total corporate salary band for similarly-leveled cyber positions across Leidos and does not account for specific contract/program funding and requirements. --- If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. Original Posting:September 30, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range:Pay Range $69,550.00 - $125,725.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Leidos is seeking multiple ConMon Analysts to be responsible for overseeing and monitoring authorized IT systems (re-authorization and new systems) throughout their lifecycle for security posture impact. These positions can be based out of any of our three locations - Alexandria, VA, Fort Meade, MD, or Chambersburg, PA. These positions are primarily on-site, but some partial telework may be available at the discretion of our customer and program management. **Maximum starting salary for these positions is $70,000/year** . Responsibilities: + Analyze proposed or actual system changes to determine security impact, and assess security controls and their effectiveness. + Utilize Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and ESS to assess, validate, and monitor enterprise and system-level security controls. + Develop and maintain the DISA RE5 ConMon Strategy to support the A&A mission. + Create and update the DISA RE5 ConMon SOP, outlining required activities and artifacts that include the oversight and monitoring of IT systems throughout their lifecycle. + Conduct continuous assessments of security controls, perform automated/manual security control monitoring of information systems and provide IS / Security Control Status Reports based on live data from security monitoring tools. + Ensure ongoing assessments are in compliance with industry auditor standards to monitor security, vulnerabilities, and threats. + Ensure ConMon-related controls are properly implemented in RMF packages within eMASS. + Report system risk status using the DISA-approved reporting tool. + Maintain the ConMon Dashboard, tracking compliance, POA&M status, CMRS visibility, asset management, FISMA reviews, and annual validations. + Track automated and manual security controls, identifying overdue assessments and validations. + Coordinate with System, ACAS, and HBSS/ESS Administrators to resolve credentialing and data issues. + Provide real-time security status metrics based on the ConMon Strategy and SOP and alert Leidos and government leadership of security posture changes with negative impact. Basic Qualifications: + Active DoD Top Secret clearance with SCI eligibility required + Current DoD 8570 IAM II or IAT II certification + Bachelor's degree (IT-related field preferred) and three (3) years of overall experience in cybersecurity or network security position. Additional relevant experience may be considered in lieu of degree. + Understanding of security architecture, system hardening, vulnerability management, and intrusion detection/preventio + Proficiency in one or more of the following tools: Qmulos, Splunk, ACAS, Axonius, CheckMark, BURP, and HBSS + Understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253 + VMP experience + Strong communication, presentation, and customer service skills --- **The maximum starting salary for this position is $70,000.** Please note that the broader pay range displayed at the bottom of this page represents the total corporate salary band for similarly-leveled cyber positions across Leidos and does not account for specific contract/program funding and requirements. --- If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. **Original Posting:** September 30, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. **Pay Range:** Pay Range $69,550.00 - $125,725.00 The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. **About Leidos** Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit ************** . **Pay and Benefits** Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at **************/careers/pay-benefits . **Securing Your Data** Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at ***************************** . If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission (******************************* . **Commitment to Non-Discrimination** All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. REQNUMBER: R-00167736 All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.

Is cyber security your passion? If so, Leidos is the place to be! We're thrilled to announce an exciting career opportunity for a Cyber Security Analyst at Joint Base Langley‑Eustis, VA. This role is part of a high‑impact program supporting Air Combat Command's (ACC) Intelligence, Surveillance, and Reconnaissance (ISR) mission-a chance to make a real difference at the cutting edge of national defense. Candidates must currently hold a TS/SCI security clearance. Primary Responsibilities: Evaluates SCI system risks and vulnerabilities. Recommends mitigation actions on network vulnerability scans. Performs audits on networked devices and individual user accounts. Works with external agencies at the Base, MAJCOM, and Service levels. Validates and approves higher level privileged access to SCI accounts. Updates, manages, and oversees Risk Management Framework security controls. Writes, staffs, and submits Security Impact Analysis reports for HHQ approval. Manages SCI system and network Authority to Operate requirements for Site. Validates, audits, and manages user system access accounts. Develops, distributes, and enforces Site-wide SCI system security policy. Interacts with and helps SCI system customers daily as needed. Provides incident response to HQ ACC security personal as required. Qualifications: Current Top Secret/SCI security clearance on day 1. Current IAM level II (i.e.CAP, CASP+CE, CISM, CISSP, GSLC, CCISO, or HCISPP) Bachelor's degree and 5+ years or Associate's degree and 8+ years (of experience in system Cyber Security and Information Assurance). Experience may be considered in lieu of degree. EIO2024 If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. Original Posting:December 3, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range:Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

**Is cyber security your passion?** If so, Leidos is the place to be! We're thrilled to announce an exciting career opportunity for a **Cyber Security Analyst** at **Joint Base Langley‑Eustis, VA** . This role is part of a high‑impact program supporting **Air Combat Command's (ACC) Intelligence, Surveillance, and Reconnaissance (ISR) mission** -a chance to make a real difference at the cutting edge of national defense. Candidates must currently hold a **TS/SCI security clearance** . Primary Responsibilities: + Evaluates SCI system risks and vulnerabilities. + Recommends mitigation actions on network vulnerability scans. + Performs audits on networked devices and individual user accounts. + Works with external agencies at the Base, MAJCOM, and Service levels. + Validates and approves higher level privileged access to SCI accounts. + Updates, manages, and oversees Risk Management Framework security controls. + Writes, staffs, and submits Security Impact Analysis reports for HHQ approval. + Manages SCI system and network Authority to Operate requirements for Site. + Validates, audits, and manages user system access accounts. + Develops, distributes, and enforces Site-wide SCI system security policy. + Interacts with and helps SCI system customers daily as needed. + Provides incident response to HQ ACC security personal as required. Qualifications: + Current Top Secret/SCI security clearance on day 1. + Current IAM level II (i.e.CAP, CASP+CE, CISM, CISSP, GSLC, CCISO, or HCISPP) + Bachelor's degree and 5+ years or Associate's degree and 8+ years (of experience in system Cyber Security and Information Assurance). Experience may be considered in lieu of degree. **EIO2024** If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. **Original Posting:** December 3, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. **Pay Range:** Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. **About Leidos** Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit ************** . **Pay and Benefits** Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at **************/careers/pay-benefits . **Securing Your Data** Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at ***************************** . If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission (******************************* . **Commitment to Non-Discrimination** All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. REQNUMBER: R-00171428 All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.

Description & Requirements Maximus is looking for a Cyber Threat Analyst who can provide technical and analytical insights into information related to cyber incidents, vulnerabilities, and threat actor activity. They will also support daily operations management, communication with partners, and other administrative or program management duties as needed. This is an onsite position in Arlington, VA; candidates must be located in the National Capital Region and willing/able to work in-person up to several times per week. Essential Duties and Responsibilities: * Perform complex risk analyses and risk assessment. * Establish and satisfy Information Assurance (IA) and security requirements based upon the analysis of user, policy, regulatory, and resource demands. * Support customers in the development and implementation of doctrine and policies. * Advise information system owners on client/project security policies and requirements for systems. * Keep abreast of emerging security technologies and make appropriate recommendations regarding the enhancement of the security posture of systems and their implementation. Job-Specific Essential Duties and Responsibilities: * Assess threat and vulnerability information shared by partners for potential impact to federal agency systems and critical infrastructure * Determine validity and impact of threat information, provide analysis, and collaborate to determine necessary partner notifications and potential product development * Coordinate with internal and external stakeholders to facilitate timely and informed cyber incident response activities * Monitor inboxes and other real-time communication channels for partner communications, respond to cyber partner inquiries, coordinate cybersecurity products (alerts, advisories, etc.) among targeted partners for technical before public distribution * Apply knowledge of evolving cyber threat landscape, emerging threats, and geopolitical events and trends to enhance the organization's operational mission Job-Specific Minimum Requirements: * 5+ years of related professional experience * U.S. Citizenship required (required by federal government for position) * Active Top Secret/SCI security clearance required Preferred Skills and Qualifications: * Bachelor's degree in a relevant field * Industry standard certifications are a plus (CompTIA Sec+, CEH, etc.). * Cyber operations, analysis, and/or incident management response experience Successful candidates will have: * Excellent communications skills, both written and verbal, and ability to brief senior-level clients on operational activity * Experience supporting a federal government client, with preference for DHS or other national security agencies * Ability to apply knowledge of cybersecurity concepts, policies, and procedures in a high-paced operational environment * Customer service orientation with strong leadership, interpersonal, organizational, problem-solving, and strategic thinking skills * Ability to work well with other client and contractor team members in a hybrid environment * Proficiency with open-source and commercial threat intelligence tools * Prior experience supporting a federal government client, preferably in the national security field #clearance #techjobs #VeteransPage Minimum Requirements * Please refer to the additional information section of the job requisition for this opening to determine clearance eligibility required. * Bachelor's Degree in related field. * 5-7 years of relevant professional experience required. * Equivalent combination of education and experience considered in lieu of degree. EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************.

EnableComp provides Specialty Revenue Cycle Management solutions for healthcare organizations, leveraging over 24 years of industry-leading expertise and its unified E360 RCM ™ intelligent automation platform to improve financial sustainability for hospitals, health systems, and ambulatory surgery centers (ASCs) nationwide. Powered by proprietary algorithms, iterative intelligence from 10M+ processed claims, and expert human-in-the-loop integration, EnableComp provides solutions across the revenue lifecycle for Veterans Administration, Workers' Compensation, Motor Vehicle Accidents, and Out-of-State Medicaid claims as well as denials for all payer classes. By partnering with clients to supercharge the reimbursement process, EnableComp removes the burden of payment from patients and provider organizations while enabling accelerated cash, higher and more accurate yield, clean AR management, reduced denials, and data-rich performance management. EnableComp is a multi-year recipient the Top Workplaces award and was recognized as Black Book's #1 Specialty Revenue Cycle Management Solution provider in 2024 and is among the top one percent of companies to make the Inc. 5000 list of the fastest-growing private companies in the United States for the last eleven years. Position Summary The Security Engineer (Application & AI Security) will serve as the technical implementation bridge between our security policy team and development operations. The Security Engineer will be embedded with development teams, writing code, configuring systems, and directly implementing security controls across applications, databases, and AI systems during a major Agentic AI platform transformation.Key Responsibilities Bridge security policy and technical execution by translating organizational security requirements into practical, deployable solutions across applications, data environments, and AI systems. Design, build, and deploy security controls across web applications, data pipelines, APIs, and Agentic AI systems to ensure confidentiality, integrity, and availability. Implement secure-by-design practices throughout the software development lifecycle, including code-level remediations, configuration hardening, and secure infrastructure deployment. Develop automation scripts and infrastructure-as-code to integrate security into CI/CD pipelines, enabling continuous compliance, secrets management, vulnerability scanning, and environment hardening. Implement and operationalize AI-specific security frameworks by building guardrails for agentic models, securing data flows, and integrating AI security tooling into development workflows. Perform hands-on technical security assessments, including penetration testing, threat modeling, and code reviews, and directly remediate identified vulnerabilities. Collaborate with cloud and DevOps teams to deploy monitoring and detection controls and ensure secure configuration baselines across environments. Provide practical security guidance and training to developers and engineers during architecture reviews, sprint planning, and project delivery. Continuously evaluate and improve the organization's security posture through testing, feedback loops, and adoption of emerging best practices for AI and distributed systems. Document security architectures, configurations, and implementation patterns to support ongoing operations, compliance, and knowledge sharing. Other duties as required Requirements & Qualifications Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field required 3+ years in hands-on application security, DevSecOps, or security engineering roles. Proven experience building and configuring secure CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions, Azure DevOps). Equivalent combination of education and experience will be considered. Deep proficiency with cloud security in AWS, Azure, or GCP environments. Strong implementation experience with infrastructure as code (Terraform, CloudFormation) and container security (Docker, Kubernetes). Strong scripting and automation skills (Python, Bash, PowerShell) for security tooling. Versatility across web/API security, data pipeline security, microservices, and database security. Understanding of security frameworks (NIST, ISO 27001, SOC 2) and compliance requirements (GDPR, HIPAA, PCI-DSS). Hands-on experience deploying and configuring security scanning tools (SAST, DAST, SCA). Excellent communication skills-ability to translate security requirements into working technical implementations. Experience working embedded within cross-functional development teams. Proven track record of hands-on problem-solving in fast-paced development environments. Regular and predictable attendance. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions Special Considerations & Prerequisites Practices and adheres to EnableComp's Core Values, Vision and Mission. Hands-on experience with AI/ML security, model security, and data governance Technical knowledge of LLM security, prompt injection prevention, and AI agent safety Security certifications (CISSP, CEH, OSCP, CSSLP, or cloud security certifications) Strong coding background in Python, Go, or similar languages. Background in software development or engineering transitioning to security. Direct experience implementing secrets management solutions (HashiCorp Vault, AWS Secrets Manager). Practical experience with zero trust architecture implementation. Familiarity with data security, ETL processes, and data warehouse security. Experience with microservices architectures and distributed systems security. EnableComp is an Equal Opportunity Employer M/F/D/V. All applicants will be considered for this position based upon experience and knowledge, without regard to race, color, religion, national origin, sexual orientation, ancestry, marital, disabled or veteran status. We are committed to creating and maintaining a workforce environment that is free from any form of discrimination or harassment. EnableComp recruits, develops and retains the industry's top talent. As the employer of choice in the complex claims industry, EnableComp takes pride in our continuous commitment to building and maintaining a culture centered around fostering the professional growth and development of our people. We believe that investing in our employees is the key to our success, and we are dedicated to providing them with the tools, resources, and support they need to thrive and grow their career here. At EnableComp, we are committed to living up to our core values each and every day, and we believe that this commitment is what sets us apart from other companies. If you are looking for a company that values its employees and is dedicated to helping them achieve their full potential, then EnableComp is the place for you. Don't just take our word for it! Hear what our people are saying: “I love my job because everyone shares the same vision and is determined and dedicated. People care about you as a person and your professional growth. There is a genuine spirit of cooperation and shared goals all revolving around helping each other.” - Revenue Specialist “I enjoy working for EnableComp because of the Core Values we believe in. EnableComp stands true to these values from empowering employees to ecstatic clients. This company is family oriented and flexible, along with understanding the balance of work, life, and fun.” - Supervisor, Operations

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. WHOOP is seeking a Senior Information Security Engineer to serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users' biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies. RESPONSIBILITIES: Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness. Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role. Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements. Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling. Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance. Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance. Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows. Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization. Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies. Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes. QUALIFICATIONS: Bachelor's degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.). 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity. Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG). Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools. Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems. Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices. Demonstrated leadership in security incident response, investigations, and root cause analysis. Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences. Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment. Experience mentoring engineers and setting operational standards. Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws) is a plus. Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success. The U.S. base salary range for this full-time position is $150,000 - $190,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements. Learn more about WHOOP.

At Moffitt Cancer Center, we strive to be the leader in understanding the complexity of cancer and applying these insights to contribute to the prevention and cure of cancer. Our diverse team of over 9,000 are dedicated to serving our patients and creating a workspace where every individual is recognized and appreciated. For this reason, Moffitt has been recognized on the 2023 Forbes list of America's Best Large Employers and America's Best Employers for Women, Computerworld magazine's list of 100 Best Places to Work in Information Technology, DiversityInc Top Hospitals & Health Systems and continually named one of the Tampa Bay Time's Top Workplace. Additionally, Moffitt is proud to have earned the prestigious Magnet designation in recognition of its nursing excellence. Moffitt is a National Cancer Institute-designated Comprehensive Cancer Center based in Florida, and the leading cancer hospital in both Florida and the Southeast. We are a top 10 nationally ranked cancer center by Newsweek and have been nationally ranked by U.S. News & World Report since 1999. Working at Moffitt is both a career and a mission: to contribute to the prevention and cure of cancer. Join our committed team and help shape the future we envision. Summary Security Systems Analyst II Position Highlights: * The Security Systems Analyst II, will maintain the architecture of security controls for applications of systems, such as infrastructure and web application firewalls. * The Security Systems Analyst II reviews alerts and data from network and server infrastructure and documents formal, technical incident reports. * Works with Security Systems Engineer on foundational technology security reviews and assessments. * The Security Systems Analyst II will also administer and maintain an organizational SIEM and log solution in concert with organizational monitoring platforms. * This position leverages experience with PKI and certificates and will also deliver XDR across the organization. Responsibilities: * Performs maintenance and management of security systems and applications, including firewalls, PKI and certificates, network security appliances and host-based security systems * This includes infrastructure and web applications firewalls, including physical and virtual firewalls, including day to day maintenance of firewall rules. Investigates and documents issues or incidents involving the enterprise firewall. * Participates in infrastructure projects to develop, plan and implement specifications for network and distributed system security technologies in support of key information systems * Assists remediation required by audits, and document exceptions as necessary Education and Experience: * High School Diploma/GED * Minimum of 5 years of experience in an IT support environment which could include experience in more than one of the following IT disciplines: * Complex IT Portfolio environment including large scale systems, servers, storage and networking. * High availability application layer and/or stateful inspection based firewalls. * VPN gateways & remote access clients. * Public key Infrastructures including Certificate Authority (CA), Registration Authority (RA) and Certificate Repository. * Securing Internet access, Intranet, and Extranet. * Technology background in systems, networking and/or data storage design, engineering and support. Plus * Experience delivering XDR across the organization. * Experience with PKI and certificates Share:

Security Engineer - Cloud - Hybrid Opportunity This is a hybrid position based at our corporate office in Brentwood, TN, with on-site work required Monday through Wednesday. We are seeking a Cloud Security Engineer to join our cybersecurity team. This role will lead the design, implementation, and management of secure cloud environments while also contributing to broader security operations. In addition to cloud security responsibilities, this position will support functions like endpoint hardening, vulnerability management, Microsoft 365 security tickets, proactive investigations into potentially malicious domains, and other security tasks as assigned. Essential Duties and Responsibilities: The Security Engineer is expected to have competency in a variety of security platforms, potentially including the implementation & operation of several of the following: Cloud Security & Architecture: * Design, implement, and maintain secure cloud configurations in line with best practices. * Monitor and improve cloud security posture using available tools and platforms. Endpoint & Vulnerability Management: * Harden and secure enterprise endpoints across the organization. * Identify, assess, and remediate vulnerabilities in a timely manner. Threat Investigation & Response: * Investigate potential phishing domain registrations and other external threats. * Respond to and investigate security alerts across cloud and enterprise systems. Microsoft 365 & Security Support: * Address Microsoft 365 security-related tickets and requests. * Support security controls and configurations for enterprise collaboration tools. Also, the Security Engineer will participate in the following operational activities: * Incident response * Creating reports for management * Analyze security solutions and seek improvements on a continuous basis * Find cost-effective solutions to cybersecurity problems * Other duties as assigned Education Requirements: * High School diploma required. * Bachelor's or master's degree in security or technology field (or other related field), or equivalent work experience. Recommended Experience: * Cloud security hardening with platforms such as AWS, GCP and Microsoft Azure * Cloud Security platforms * Vulnerability management platforms * Workstation full disk encryption solutions * EDR consoles & deployments * SIEM monitoring and deployment * Firewall rule review/configuration * IPS (host, network) configuration & operation * Encryption tools & key management * Virtualized, Hybrid, & Cloud environments * NIST, ISO, or other security program frameworks * Holds a current security- or audit-focused certification such as CISSP, GIAC, CEH, etc. Required * Minimum 5 years of experience in cybersecurity principles, cyber threats and vulnerabilities. * Requires knowledge of regulatory compliance, including SOX, PCI, and HIPAA requirements for information systems, security and privacy. #100