Senior Security Engineer jobs at Tempus

Providence caregivers are not simply valued - they're invaluable. Join our team at Enterprise Information Services and thrive in our culture of patient-focused, whole-person care built on understanding, commitment, and mutual respect. Your voice matters here, because we know that to inspire and retain the best people, we must empower them. Providence is looking for a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence. In this pivotal role, you'll be the strategic force behind identifying and neutralizing emerging threats, safeguarding critical systems, and empowering Providence's Global Security Operations Center. Your insights will directly inform risk strategies and guide executive decision-making -making you a key player in protecting millions of lives through secure healthcare technology. If you're passionate about staying ahead of adversaries and driving innovation in cybersecurity, this is your chance to lead at the highest level. Providence offers hybrid work options for candidates living within a daily commuting distance -up to 65 miles-from any of our primary office locations listed below. + Washington: Seattle, Redmond, Renton, Vancouver + California: Los Angeles, Irvine + Oregon: Portland Please note the following important details regarding this position: + This is a hybrid role, involving a combination of in-office and remote work each week. + The weekly hybrid schedule will be determined by the manager based on departmental needs. Essential Functions: + Conduct in-depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization. + Prepare and deliver well researched, impactful analytic findings that combine self-driven research and findings from team threat hunting efforts to convey cyber threat risk and impact, tailored appropriately to technical and non-technical stakeholders, including executives + Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques + Ability to classify, categorize, and analyze malware and threats. Translate this into actionable detections using frameworks such as MITRE ATT&CK + Maintain strong breadth and depth of knowledge about the healthcare industry threat landscape, including threat actors, malware, hacking techniques, emerging threats, and trends that may impact the organization + Collaborate with internal teams to provide timely and actionable intelligence, aligned with operational needs, that support CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives + Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat hunting operations. + Perform root cause analysis and provide recommendations for proactive measures to help prevent cyber intrusions. + Continuously update and refine existing threat intelligence processes and methodologies to ensure the organization remains at the forefront of cyber defense. + Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations. + Monitor and assess emerging technologies, such as AI and machine learning capabilities to augment and enhance threat detection, triage, and analysis. Required Qualifications: + Bachelor's Degree in Computer Engineering, Computer Science, Mathematics, Engineering -OR- a combination of equivalent education / experience + Upon Hire: CISSP, CEH, or an equivalent certification + 8 or more years of related experience + Experience designing security controls and countermeasures for operating systems, databases, applications, Web services, user devices, and wireless networks. Preferred Qualifications: + Master's Degree in Computer Engineering, Computer Science, Mathematics, Engineering + Experience in a Healthcare environment + 8 or more years of cyber threat intelligence analysis experience + Experience conducting in-depth analysis and research on cyber threats, including identifying threat actors' motivations, intent, and TTPs + Skilled in correlating intelligence from multiple sources to assess potential organizational impact + Familiarity with reverse engineering and categorizing malware + Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply chain vulnerabilities + Demonstrated experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model of Intrusion Analysis, others + Experience working cross-functionally with CIRT/IR teams, vulnerability management, and SOC operations teams. + Experience working with insider threat teams a plus + Capability to develop threat profiles and integrate tactical intelligence into detection rules + Ability to influence risk-based decision-making with clear, concise reporting Salary Range by Location: + California: Los Angeles and Irvine: Min: $71.23, Max: $121.29 + Oregon: Portland Service Area: Min: $68.33, Max: $116.36 + Washington: Seattle, Renton, Redmond: Min: $71.23, Max: $121.29 + Washington: Vancouver: Min: $68.33, Max: $116.36 Why Join Providence? Our best-in-class benefits are uniquely designed to support you and your family in staying well, growing professionally, and achieving financial security. We take care of you, so you can focus on delivering our Mission of caring for everyone, especially the most vulnerable in our communities. About Providence At Providence, our strength lies in Our Promise of "Know me, care for me, ease my way." Working at our family of organizations means that regardless of your role, we'll walk alongside you in your career, supporting you so you can support others. We provide best-in-class benefits and we foster an inclusive workplace where diversity is valued, and everyone is essential, heard and respected. Together, our 120,000 caregivers (all employees) serve in over 50 hospitals, over 1,000 clinics and a full range of health and social services across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. As a comprehensive health care organization, we are serving more people, advancing best practices and continuing our more than 100-year tradition of serving the poor and vulnerable. The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities. Providence offers a comprehensive benefits package including a retirement 401(k) Savings Plan with employer matching, health care benefits (medical, dental, vision), life insurance, disability insurance, time off benefits (paid parental leave, vacations, holidays, health issues), voluntary benefits, well-being resources and much more. Learn more at providence.jobs/benefits. Applicants in the Unincorporated County of Los Angeles: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Unincorporated Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act." About the Team Providence Shared Services is a service line within Providence that provides a variety of functional and system support services for our family of organizations across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. We are focused on supporting our Mission by delivering a robust foundation of services and sharing of specialized expertise. Providence is proud to be an Equal Opportunity Employer. We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law. We believe diversity makes us stronger, so we are dedicated to shaping an inclusive workforce, learning from each other, and creating equal opportunities for advancement. Requsition ID: 401760 Company: Providence Jobs Job Category: Information Security Job Function: Information Technology Job Schedule: Full time Job Shift: Day Career Track: Business Professional Department: 4011 CYBERSECURITY Address: CA Irvine 15480 Laguna Canyon Rd Work Location: Providence System Offices Discovery Park-Irvine Workplace Type: Hybrid Pay Range: $See Job Posting - $See Job Posting The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.

Providence caregivers are not simply valued - they're invaluable. Join our team at Enterprise Information Services and thrive in our culture of patient-focused, whole-person care built on understanding, commitment, and mutual respect. Your voice matters here, because we know that to inspire and retain the best people, we must empower them. Providence is looking for a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence. In this pivotal role, you'll be the strategic force behind identifying and neutralizing emerging threats, safeguarding critical systems, and empowering Providence's Global Security Operations Center. Your insights will directly inform risk strategies and guide executive decision-making -making you a key player in protecting millions of lives through secure healthcare technology. If you're passionate about staying ahead of adversaries and driving innovation in cybersecurity, this is your chance to lead at the highest level. Providence offers hybrid work options for candidates living within a daily commuting distance -up to 65 miles-from any of our primary office locations listed below. + Washington: Seattle, Redmond, Renton, Vancouver + California: Los Angeles, Irvine + Oregon: Portland Please note the following important details regarding this position: + This is a hybrid role, involving a combination of in-office and remote work each week. + The weekly hybrid schedule will be determined by the manager based on departmental needs. Essential Functions: + Conduct in-depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization. + Prepare and deliver well researched, impactful analytic findings that combine self-driven research and findings from team threat hunting efforts to convey cyber threat risk and impact, tailored appropriately to technical and non-technical stakeholders, including executives + Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques + Ability to classify, categorize, and analyze malware and threats. Translate this into actionable detections using frameworks such as MITRE ATT&CK + Maintain strong breadth and depth of knowledge about the healthcare industry threat landscape, including threat actors, malware, hacking techniques, emerging threats, and trends that may impact the organization + Collaborate with internal teams to provide timely and actionable intelligence, aligned with operational needs, that support CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives + Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat hunting operations. + Perform root cause analysis and provide recommendations for proactive measures to help prevent cyber intrusions. + Continuously update and refine existing threat intelligence processes and methodologies to ensure the organization remains at the forefront of cyber defense. + Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations. + Monitor and assess emerging technologies, such as AI and machine learning capabilities to augment and enhance threat detection, triage, and analysis. Required Qualifications: + Bachelor's Degree in Computer Engineering, Computer Science, Mathematics, Engineering -OR- a combination of equivalent education / experience + Upon Hire: CISSP, CEH, or an equivalent certification + 8 or more years of related experience + Experience designing security controls and countermeasures for operating systems, databases, applications, Web services, user devices, and wireless networks. Preferred Qualifications: + Master's Degree in Computer Engineering, Computer Science, Mathematics, Engineering + Experience in a Healthcare environment + 8 or more years of cyber threat intelligence analysis experience + Experience conducting in-depth analysis and research on cyber threats, including identifying threat actors' motivations, intent, and TTPs + Skilled in correlating intelligence from multiple sources to assess potential organizational impact + Familiarity with reverse engineering and categorizing malware + Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply chain vulnerabilities + Demonstrated experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model of Intrusion Analysis, others + Experience working cross-functionally with CIRT/IR teams, vulnerability management, and SOC operations teams. + Experience working with insider threat teams a plus + Capability to develop threat profiles and integrate tactical intelligence into detection rules + Ability to influence risk-based decision-making with clear, concise reporting Salary Range by Location: + California: Los Angeles and Irvine: Min: $71.23, Max: $121.29 + Oregon: Portland Service Area: Min: $68.33, Max: $116.36 + Washington: Seattle, Renton, Redmond: Min: $71.23, Max: $121.29 + Washington: Vancouver: Min: $68.33, Max: $116.36 Why Join Providence? Our best-in-class benefits are uniquely designed to support you and your family in staying well, growing professionally, and achieving financial security. We take care of you, so you can focus on delivering our Mission of caring for everyone, especially the most vulnerable in our communities. About Providence At Providence, our strength lies in Our Promise of "Know me, care for me, ease my way." Working at our family of organizations means that regardless of your role, we'll walk alongside you in your career, supporting you so you can support others. We provide best-in-class benefits and we foster an inclusive workplace where diversity is valued, and everyone is essential, heard and respected. Together, our 120,000 caregivers (all employees) serve in over 50 hospitals, over 1,000 clinics and a full range of health and social services across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. As a comprehensive health care organization, we are serving more people, advancing best practices and continuing our more than 100-year tradition of serving the poor and vulnerable. The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities. Providence offers a comprehensive benefits package including a retirement 401(k) Savings Plan with employer matching, health care benefits (medical, dental, vision), life insurance, disability insurance, time off benefits (paid parental leave, vacations, holidays, health issues), voluntary benefits, well-being resources and much more. Learn more at providence.jobs/benefits. Applicants in the Unincorporated County of Los Angeles: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Unincorporated Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act." About the Team Providence Shared Services is a service line within Providence that provides a variety of functional and system support services for our family of organizations across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. We are focused on supporting our Mission by delivering a robust foundation of services and sharing of specialized expertise. Providence is proud to be an Equal Opportunity Employer. We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law. We believe diversity makes us stronger, so we are dedicated to shaping an inclusive workforce, learning from each other, and creating equal opportunities for advancement. Requsition ID: 401760 Company: Providence Jobs Job Category: Information Security Job Function: Information Technology Job Schedule: Full time Job Shift: Day Career Track: Business Professional Department: 4011 CYBERSECURITY Address: CA Irvine 15480 Laguna Canyon Rd Work Location: Providence System Offices Discovery Park-Irvine Workplace Type: Hybrid Pay Range: $See Job Posting - $See Job Posting The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.

Click here to view our 2026 Benefits Guide Hybrid - Geneva, IL About the Opportunity We are seeking an experienced ERP & CRM Administrator to own the configuration, optimization, and governance of SAP ByDesign and Salesforce. This role is mission-critical to building operational maturity and automating end-to-end business processes across finance, accounting, operations, supply chain, manufacturing, sales, marketing, and customer success. Acting as both a high-level business administration process architect, and a technical system steward, this individual needs a high level of alignment between system functionality to real-world business operations. Deep understanding of master data, revenue lifecycle management, ERP/CRM integrations, and cross-functional process mapping is essential. This role also supports M&A readiness and execution, serving as a key leader in system integration, process harmonization, and post-acquisition ERP alignment. About Bravida Medical Bravida Medical is a purpose-driven company committed to redefining patient care through its innovative portfolio of wound care and infection prevention products. The company's core mission is to provide healthcare professionals with transformative technologies that are clinically proven to offer uncompromising freedom and protection, ultimately improving patient outcomes. Bravida's flagship product line, Silverlon, is a testament to this commitment. Originally developed for the U.S. military to treat burn and blast injuries in hostile environments, this silver-plated nylon technology has become an evidence-based choice for surgeons and clinicians worldwide, with a broad range of applications from surgical and chronic wounds to IV and catheter-related sites. The company's innovative products serve a critical need in the healthcare market. With chronic wounds affecting millions of people in the U.S. alone, and hospital-acquired infections remaining a significant challenge, Bravida's solutions directly address major clinical and economic burdens. The company's focus on infection prevention and wound care extends to key market segments, including vascular access, urology, and surgical sites. Bravida's products are not only effective but are backed by extensive published research and clinical studies, solidifying its reputation as a leader in advanced antimicrobial solutions. The Bravida Medical team is committed to continuous improvement in both the “what” and “how” of its execution. Central to this commitment is leading and living by its core values of Being a Champion, Feeling the Urgency, Owning Your Impact and Acting with Compassion and Integrity. The company welcomes new team members with the goal of helping adopt and bring these values forward in all we do. Essential Functions Reasonable accommodation may be made to enable individuals with disabilities to perform these essential functions. Own system configuration and governance of SAP ByDesign and Salesforce, ensuring they accurately reflect business processes and support scalable growth. Collaborate with functional teams to drive business process standardization and maturity by optimizing existing end-to-end workflows across quote-to-cash, procure-to-pay, plan-to-produce, inventory, fulfillment, and financial reporting cycles supporting both B2B distribution and D2C commerce operations. Maintain master data integrity across ERP/CRM platforms, including customers, vendors, items, pricing, GL accounts, and cost centers to be shuttled between enterprise business intelligence and data analytics platforms. Troubleshoot system issues and lead root-cause analysis, ensuring reliable performance, compliance, and auditability. Document processes, configuration changes, workflows, and SOPs, while training users and improving system adoption across departments. Serve as the liaison between business units and technology, translating operational needs into system capabilities and configuration improvements. Develop dashboards, reports, and KPIs using SAP Analytics Cloud, Salesforce, or Power BI to support financial accuracy, operational visibility, and leadership decision-making. Lead system enhancements, integrations, and upgrades, working with internal stakeholders and external vendors/consultants when required. Support M&A activities by harmonizing processes, migrating data, and aligning acquired entities into the ERP/CRM ecosystem. How you get things done Communicates effectively . Values diversity. Builds and maintains relationships. Manages teams effectively. Analysis skills . Identifies challenges and opportunities. Analyzes issues and situations in depth. Sorts the wheat from the chaff, determining the most appropriate action. Excellent problem-solving, analytical, and quantitative skills. Driving results . Pursues everything with energy, drive, and a need to finish. Does not give up before finishing, even in the face of resistance or setbacks. Steadfastly pushes self and others for results. Promote alignment. Empowers. Excellent interpersonal skills . Ability to interact with a variety of personalities leveraging strong social and emotional intelligence, ensuring that common goals, not individual differences, are emphasized. A good listener who is committed to open, direct, and constructive communication. Work environment Works in office; temperature regulated Headquarters office in Geneva IL. Remote work from home may be available as needed. Physical demands Visual and hearing acuity correctable; manual dexterity with office equipment Travel required Travel to satellite offices as needed Education and experience Bachelor's degree in accounting, Finance, Business Administration, IT, or related analytical field Five or more years of experience in ERP & CRM technology required SAP/ERP manufacturing experience in the DME or Life Sciences space highly desired Excellent communication and leadership skills Preferred systems experience - SAP HANA, Salesforce, Fivetran, Google Big Query Scope, develop and manage project plans Develop and maintain project business cases Provide periodic updates to management as to the progress of implementations Consulting experience preferred PMP certification preferred Additional eligibility requirements Authorized to work in the United States only Work authorization/security clearance requirements None Affirmative Action/EEO statement We are an Equal Opportunity Employer that does not discriminate based on actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, sex, marital status, veteran status, sexual orientation, genetic information, arrest record, or any other characteristic protected by applicable federal, state or local laws. Our management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities and general treatment during employment. Other duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

EnableComp provides Specialty Revenue Cycle Management solutions for healthcare organizations, leveraging over 24 years of industry-leading expertise and its unified E360 RCM ™ intelligent automation platform to improve financial sustainability for hospitals, health systems, and ambulatory surgery centers (ASCs) nationwide. Powered by proprietary algorithms, iterative intelligence from 10M+ processed claims, and expert human-in-the-loop integration, EnableComp provides solutions across the revenue lifecycle for Veterans Administration, Workers' Compensation, Motor Vehicle Accidents, and Out-of-State Medicaid claims as well as denials for all payer classes. By partnering with clients to supercharge the reimbursement process, EnableComp removes the burden of payment from patients and provider organizations while enabling accelerated cash, higher and more accurate yield, clean AR management, reduced denials, and data-rich performance management. EnableComp is a multi-year recipient the Top Workplaces award and was recognized as Black Book's #1 Specialty Revenue Cycle Management Solution provider in 2024 and is among the top one percent of companies to make the Inc. 5000 list of the fastest-growing private companies in the United States for the last eleven years. Position Summary The Security Engineer (Application & AI Security) will serve as the technical implementation bridge between our security policy team and development operations. The Security Engineer will be embedded with development teams, writing code, configuring systems, and directly implementing security controls across applications, databases, and AI systems during a major Agentic AI platform transformation.Key Responsibilities Bridge security policy and technical execution by translating organizational security requirements into practical, deployable solutions across applications, data environments, and AI systems. Design, build, and deploy security controls across web applications, data pipelines, APIs, and Agentic AI systems to ensure confidentiality, integrity, and availability. Implement secure-by-design practices throughout the software development lifecycle, including code-level remediations, configuration hardening, and secure infrastructure deployment. Develop automation scripts and infrastructure-as-code to integrate security into CI/CD pipelines, enabling continuous compliance, secrets management, vulnerability scanning, and environment hardening. Implement and operationalize AI-specific security frameworks by building guardrails for agentic models, securing data flows, and integrating AI security tooling into development workflows. Perform hands-on technical security assessments, including penetration testing, threat modeling, and code reviews, and directly remediate identified vulnerabilities. Collaborate with cloud and DevOps teams to deploy monitoring and detection controls and ensure secure configuration baselines across environments. Provide practical security guidance and training to developers and engineers during architecture reviews, sprint planning, and project delivery. Continuously evaluate and improve the organization's security posture through testing, feedback loops, and adoption of emerging best practices for AI and distributed systems. Document security architectures, configurations, and implementation patterns to support ongoing operations, compliance, and knowledge sharing. Other duties as required Requirements & Qualifications Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field required 3+ years in hands-on application security, DevSecOps, or security engineering roles. Proven experience building and configuring secure CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions, Azure DevOps). Equivalent combination of education and experience will be considered. Deep proficiency with cloud security in AWS, Azure, or GCP environments. Strong implementation experience with infrastructure as code (Terraform, CloudFormation) and container security (Docker, Kubernetes). Strong scripting and automation skills (Python, Bash, PowerShell) for security tooling. Versatility across web/API security, data pipeline security, microservices, and database security. Understanding of security frameworks (NIST, ISO 27001, SOC 2) and compliance requirements (GDPR, HIPAA, PCI-DSS). Hands-on experience deploying and configuring security scanning tools (SAST, DAST, SCA). Excellent communication skills-ability to translate security requirements into working technical implementations. Experience working embedded within cross-functional development teams. Proven track record of hands-on problem-solving in fast-paced development environments. Regular and predictable attendance. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions Special Considerations & Prerequisites Practices and adheres to EnableComp's Core Values, Vision and Mission. Hands-on experience with AI/ML security, model security, and data governance Technical knowledge of LLM security, prompt injection prevention, and AI agent safety Security certifications (CISSP, CEH, OSCP, CSSLP, or cloud security certifications) Strong coding background in Python, Go, or similar languages. Background in software development or engineering transitioning to security. Direct experience implementing secrets management solutions (HashiCorp Vault, AWS Secrets Manager). Practical experience with zero trust architecture implementation. Familiarity with data security, ETL processes, and data warehouse security. Experience with microservices architectures and distributed systems security. EnableComp is an Equal Opportunity Employer M/F/D/V. All applicants will be considered for this position based upon experience and knowledge, without regard to race, color, religion, national origin, sexual orientation, ancestry, marital, disabled or veteran status. We are committed to creating and maintaining a workforce environment that is free from any form of discrimination or harassment. EnableComp recruits, develops and retains the industry's top talent. As the employer of choice in the complex claims industry, EnableComp takes pride in our continuous commitment to building and maintaining a culture centered around fostering the professional growth and development of our people. We believe that investing in our employees is the key to our success, and we are dedicated to providing them with the tools, resources, and support they need to thrive and grow their career here. At EnableComp, we are committed to living up to our core values each and every day, and we believe that this commitment is what sets us apart from other companies. If you are looking for a company that values its employees and is dedicated to helping them achieve their full potential, then EnableComp is the place for you. Don't just take our word for it! Hear what our people are saying: “I love my job because everyone shares the same vision and is determined and dedicated. People care about you as a person and your professional growth. There is a genuine spirit of cooperation and shared goals all revolving around helping each other.” - Revenue Specialist “I enjoy working for EnableComp because of the Core Values we believe in. EnableComp stands true to these values from empowering employees to ecstatic clients. This company is family oriented and flexible, along with understanding the balance of work, life, and fun.” - Supervisor, Operations

Full Time 12238 Silicon Drive Information/Technology Day Shift /RESPONSIBILITIES The Senior Cyber Security Analyst must have a deep understanding of information security protocols and a passion for protecting Community First Health Plans Inc. (Community First) healthcare data. In this role, the Senior Analyst will be instrumental in establishing and maintaining security standards across Community First. The Senior Analyst will be required to develop, implement, and manage security solutions; and must demonstrate the ability to communicate complex security concepts to both technical and non-technical audiences. The Senior Analyst champions awareness and influences compliance with security policies and provides solutions for business-specific security issues. Oversees day-to-day identity access management and quarterly required audits. Owns and oversees the disaster recovery plans; coordinates business continuity plans with the compliance and risk management team. Serves as a thought leader and enterprise subject matter expert (SME) for federal and state information security regulations and standards. EDUCATION/EXPERIENCE Bachelor's degree plus five years of progressive experience working in information technology, security, or risk management. Must possess one or more of the following certifications: CISSP, CASP+, CRISC, CISA. Healthcare experience is highly desirable. Must have a functional understanding of federal/state regulations and compliance mandates, including but not limited to HIPAA, HITRUST, SOC, and other regulatory audits. MITRE ATT&CK experience in building threat detections, performing threat hunting and/or conducting incident response. Familiarity with enterprise logging technologies such as Splunk. Must have Business Continuity Plan and Disaster Recovery planning and testing experience. Five years minimum with below technologies or areas: Network Security: IDS/IPS, NGFW, NGAV Operating Systems: Windows, Linux, mac OS. Security: EDR/XDR, SIEMs, Data Loss and Prevention (DLP), Vulnerability Scanning and Assessment tools.

Hello Heart is on a mission to change the way people care for their hearts. The company provides the first app and connected heart monitor to help people track and manage their heart health. With Hello Heart, users take steps to control their risk of heart attacks and stroke - the leading cause of death in the United States. Peer-reviewed studies have shown that high-risk users of Hello Heart have seen meaningful drops in blood pressure, cholesterol and even weight. Recognized as the digital leader in preventive heart health, Hello Heart is trusted by more than 130 leading Fortune 500 and government employers, national health plans, and labor organizations. Founded in 2013, Hello Heart has raised more than $138 million from top venture firms and is a best-in-class solution on the American Heart Association's Innovators' Network and CVS Health Point Solutions Management platform. Visit ****************** for more information. About the Role We are seeking a Cyber Security Analyst to strengthen our security operations and compliance posture. Reporting into our Information Security Officer, you will play a key role in protecting sensitive data, ensuring regulatory compliance, and supporting the secure adoption of new technologies such as AI. You will work cross-functionally with IT, Engineering, Compliance, and HR to build and maintain secure, resilient processes across the organization. Responsibilities Support secure access lifecycle processes, including provisioning, deprovisioning, role-based access, and MFA/SSO management Conduct periodic access reviews and ensure identity data quality Perform vulnerability scans across systems and applications, track remediation progress, and partner with teams to prioritize risk-based fixes Assist with security assessments of cloud systems and applications, aligning with HIPAA, HITECH, NIST, and HITRUST frameworks Support internal and external audit preparation and execution Enforce encryption, access controls, and data loss prevention strategies for sensitive data Conduct third-party vendor risk assessments and oversee remediation efforts Support secure adoption of AI tools by monitoring for risks such as data leakage and prompt injection, establishing governance guardrails, and delivering awareness training Participate in endpoint security monitoring, disaster recovery exercises, tabletop simulations, and awareness training initiatives Contribute to ongoing security operations, risk management efforts, and special security projects Qualifications 3+ years of experience in IAM, IAM operations, or security analyst roles (healthcare technology or other regulated environments preferred) Hands-on experience with identity platforms such as Okta, Azure AD, or Google IdP, plus SCIM, SAML/OIDC/OAuth, directory services, group policy, and conditional access Experience with vulnerability management platforms (Tenable, Qualys, Rapid7, AWS Inspect, Kandji) and patch orchestration workflows Working knowledge of HIPAA, HITECH, NIST CSF/800-66, and CIS Controls (familiarity with HITRUST CSF is a plus) Knowledge of cloud security basics (AWS, Azure, GCP), least-privilege IAM, and networking fundamentals (TCP/IP, DNS, HTTP, VPN, segmentation) Familiarity with endpoint security solutions (CrowdStrike Falcon, Cynet, SentinelOne) and DLP tools Familiarity with GenAI, keeping up to date with innovative security programs and artificial intelligence systems Proactive communication and documentation skills, with the ability to collaborate across technical and non-technical teams globally The US base salary range for this full-time position is $130,000.00 to $145,000.00. Salary ranges are determined by role and level. Compensation is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the salary only, and do not include equity or benefits. #LI-DNP Hello Heart has a positive, diverse, and supportive culture - we look for people who are collaborative, creative, and courageous. Oh, and if you want to see some recent evidence of the fun things we do at Hello Heart, check out our Instagram page.

Sr. Information Security Engineer External Description: Alignment Healthcare is a data and technology driven healthcare company focused on partnering with health systems, health plans and provider groups to provide care delivery that is preventative, convenient, coordinated, and that results in improved clinical outcomes for seniors. We are experiencing rapid growth (backed by top private equity firms), and our team is looking for the best and brightest individuals. We love our customers and understanding them better makes it possible to provide the best clinical outcomes and care experience. Are you an Information Security Engineer with experience in automation, cloud technologies, and endpoint security? Would you like to work in an environment where your skills can be utilized effectively, and you have opportunities to make significant impact? If you are passionate about security and can reduce risk in practical ways that scale, we want to hear from you! Major Responsibilities Contributes to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective. Assists with break/fix of tools and automation that are owned by the Information Security Team. Works with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS. Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables. Contributes to the design, implementation, and documentation of new security tools. Collaborates with other internal information technology teams (networking, cloud, traditional architecture, developers, and data scientists) to support internal and external systems. Utilizes scripting and DevOps to provide automation and orchestration between: information security tools, such as the SIEM (Logstash, FortiSIEM, IBM QRadar, etc.); endpoint protection (Symantec, McAfee, Cylance, CrowdStrike Falcon, etc.); vulnerability scanners (Rapid7, Nessus, etc.); patch management (SCCM, Altiris, PDQ, etc.); other applications; OS' (Windows, MacOS, Linux, iOS, Android); cloud platforms (AWS, Azure); and IAM platforms (Active Directory, Okta, Auth0, PingIdentity, SAML, OIDC). Clearly documents designed automation and system relationships. Contributes and participates in the Information Security Team daily stand-ups and other meetings as necessary. Participates in regular reporting, maintaining accountability and transparency within the Information Security Team. Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS) and regulatory requirements (HIPAA, HITECH, HITRUST, etc.) Technical knowledge of common information security tools and systems: DLP, MAM/MDM, Firewall/VPN, endpoint protection, PKI, RBAC, IAM, etc. Demonstrated practical experience with one or more programming or scripting languages. (PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc.) We're not picky, but you must be able to deliver practical automation! Demonstrated practical experience with one or more of the major cloud providers (AWS, Azure, GCP). Excellent oral and written communication skills, and an ability to present and discuss technical information in a way that establishes rapport and trust. Detail orientated, with an ability and desire to build to 100%, but being ok with building to 90% as tasked. An ability to be productive as an individual contributor with little supervision to meet agreed upon deliverables. Preferred Prior experience in the healthcare or a related HIPAA regulated industry. A working knowledge of the NIST CSF and/or CIS Critical Security Controls (CSC). A working knowledge of Git and GitHub. Previous experience contributing to projects using agile tools (Jira, Azure DevOps, Pivotal) and processes (Scrum, Kanban). One or more cloud security certifications. Education Bachelor's degree in Computer Science, Computer Engineering, or related technical discipline, and/or equivalent work experience. 3+ years' experience working in a technical, hands-on, information security role. One or more current security related certifications (e.g., CISSP, SANS GIAC, etc.) City: Orange State: California Location City: Orange Schedule: Full Time Location State: California Community / Marketing Title: Sr. Information Security Engineer Company Profile: Alignment Healthcare was founded with a mission to revolutionize health care with a serving heart culture. Through its unique integrated care delivery models, deep physician partnerships and use of proprietary technologies, Alignment is committed to transforming health care one person at a time. By becoming a part of the Alignment Healthcare team, you will provide members with the quality of care they truly need and deserve. We believe that great work comes from people who are inspired to be their best. We have built a team of talented and experienced people who are passionate about transforming the lives of the seniors we serve. In this fast-growing company, you will find ample room for growth and innovation alongside the Alignment community. EEO Employer Verbiage: On August 17, 2021, Alignment implemented a policy requiring all new hires to receive the COVID-19 vaccine. Proof of vaccination will be required as a condition of employment subject to applicable laws concerning exemptions/accommodations. This policy is part of Alignment's ongoing efforts to ensure the safety and well-being of our staff and community, and to support public health efforts. Alignment Healthcare, LLC is proud to practice Equal Employment Opportunity and Affirmative Action. We are looking for diversity in qualified candidates for employment: Minority/Female/Disable/Protected Veteran. If you require any reasonable accommodation under the Americans with Disabilities Act (ADA) in completing the online application, interviewing, completing any pre-employment testing or otherwise participating in the employee selection process, please contact ******************.

Alignment Health is breaking the mold in conventional health care, committed to serving seniors and those who need it most: the chronically ill and frail. It takes an entire team of passionate and caring people, united in our mission to put the senior first. We have built a team of talented and experienced people who are passionate about transforming the lives of the seniors we serve. In this fast-growing company, you will find ample room for growth and innovation alongside the Alignment Health community. Working at Alignment Health provides an opportunity to do work that really matters, not only changing lives but saving them. Together. This position is responsible for identifying, analyzing, and helping with remediate security vulnerabilities within our applications. This role requires a strong understanding of application security principles, hands-on experience with various security testing methodologies, and excellent communication skills to collaborate effectively with development teams and other stakeholders. Job Responsibilities: Conduct static application security testing (SAST), dynamic application security testing (DAST), and interactive application security testing (IAST) on a continuous basis. Identify, triage, and validate security vulnerabilities using both automated tools and manual review. Work closely with software development and DevOps teams to provide clear, actionable guidance on how to fix vulnerabilities and implement secure coding practices. Help integrate security controls and checks into the software development lifecycle (SDLC) and CI/CD pipelines. Drive and support application security reviews and threat modeling. Manage and configure a suite of application security tools, ensuring their effective use and reporting. Stay up-to-date with the latest security threats, trends, and technologies, and conduct research on new vulnerabilities and attack vectors. Contribute to the creation and maintenance of application security policies, standards, and procedures to guide development teams and ensure compliance. Develop and deliver security awareness and secure coding training to engineering teams. Support and lead third-party penetration testing. Job Requirements: Experience: Required: 5-7+ years of progressive experience in information security, with a strong focus on application security testing and vulnerability management. Proven track record of working directly with developers and engineering teams to identify and remediate security vulnerabilities in a fast-paced environment. Experience in a large-scale enterprise environment with complex application portfolios. Preferred: Experience in healthcare or another highly regulated field. Education: Required: Bachelor's degree or equivalent work experience in Computer Science, Information Security, or a related technical discipline. Preferred: Relevant professional certifications such as Offensive Security Certified Professional (OSCP), GIAC Web Application Penetration Tester (GWAPT), or Certified Secure Software Lifecycle Professional (CSSLP) are highly desirable. ISC2 Certified Information Systems Security Professional (CISSP) Specialized Skills: Required: Experience with general threat hunting techniques and tools. Experience with one or more programming languages (i.e., C#, Scala, Python). Essential Physical Functions: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. 1. While performing the duties of this job, the employee is regularly required to talk or hear. The employee regularly is required to stand, walk, sit, use hand to finger, handle or feel objects, tools, or controls; and reach with hands and arms. 2. The employee frequently lifts and/or moves up to 10 pounds. Specific vision abilities required by this job include close vision and the ability to adjust focus. Pay Range: $113,332.00 - $169,999.00 Pay range may be based on a number of factors including market location, education, responsibilities, experience, etc. Alignment Health is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, age, protected veteran status, gender identity, or sexual orientation. *DISCLAIMER: Please beware of recruitment phishing scams affecting Alignment Health and other employers where individuals receive fraudulent employment-related offers in exchange for money or other sensitive personal information. Please be advised that Alignment Health and its subsidiaries will never ask you for a credit card, send you a check, or ask you for any type of payment as part of consideration for employment with our company. If you feel that you have been the victim of a scam such as this, please report the incident to the Federal Trade Commission at ******************************* If you would like to verify the legitimacy of an email sent by or on behalf of Alignment Health's talent acquisition team, please email ******************.

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. WHOOP is seeking a Senior Information Security Engineer to serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users' biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies. RESPONSIBILITIES: Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness. Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role. Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements. Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling. Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance. Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance. Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows. Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization. Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies. Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes. QUALIFICATIONS: Bachelor's degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.). 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity. Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG). Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools. Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems. Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices. Demonstrated leadership in security incident response, investigations, and root cause analysis. Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences. Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment. Experience mentoring engineers and setting operational standards. Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws) is a plus. Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success. The U.S. base salary range for this full-time position is $150,000 - $190,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements. Learn more about WHOOP.

**NATIONAL LEADERS IN PEDIATRIC CARE** Ranked among the top 10 pediatric hospitals in the nation, Children's Hospital Los Angeles (CHLA) provides the best care for kids in California. Here world-class experts in medicine, education and research work together to deliver family-centered care half a million times each year. From primary to complex critical care, more than 350 programs and services are offered, each one specially designed for children. The CHLA of the future is brighter than can be imagined. Investments in technology, research and innovation will create care that is personal, convenient and empowering. Our scientists will work with clinical experts to take laboratory discoveries and create treatments that are a perfect match for every patient. And together, CHLA team members will turn health care into health transformation. Join a hospital where the work you do will matter-to you, to your colleagues, and above all, to our patients and families. The work will be challenging, but always rewarding. **It's Work That Matters.** **Overview** **PLEASE NOTE: This is a remote position. In accordance with CHLA policy, candidates must establish primary residency in California prior to their start date.** **Purpose Statement/Position Summary:** The Information Security Analyst II is responsible for monitoring and addressing information security alerts, improving detection and response capabilities, and participating in efforts to streamline processes and improve efficiency. They will also be responsible for conducting security training and awareness campaigns, reporting on results, and conducting remedial training. The analyst will contribute to information security policies and standards as they are developed and maintained, in accordance with NIST CSF and HIPAA. They will be a mentor for Information Security Analyst I and peers. **Minimum Qualifications/Work Experience:** _Required:_ 5 years of progressive experience in computing and information security, including experience with information security operations, utilization of multiple security tools to conduct investigations, and security training, preferably in a healthcare environment. · Management of information security tools. · Knowledge of vulnerability resolution. · Skills in risk analysis and hands-on issue resolution. · General awareness of NIST CSF and HIPAA security rule. · Experience analyzing security incidents utilizing multiple security tools for discovery. · Strong analytical and problem-solving skills **Education/Licensure/Certification:** _Required:_ Associate degree in a related field or equivalent combination of education and experience may be considered. **Certifications in two of the following required:** · ISACA · CompTIA · EC-Council · Azure Security · AWS Security · Cisco · (ISC)² · GIAC **Pay Scale Information** $75,712.00-$124,384.00 CHLA values the contribution each Team Member brings to our organization. Final determination of a successful candidate's starting pay will vary based on a number of factors, including, but not limited to education and experience within the job or the industry. The pay scale listed for this position is generally for candidates that meet the specified qualifications and requirements listed on this specific job description. Additional pay may be determined for those candidates that exceed these specified qualifications and requirements. We provide a competitive compensation package that recognizes your experience, credentials, and education alongside a robust benefits program to meet your needs. CHLA looks forward to introducing you to our world-class organization where we create hope and build healthier futures. Children's Hospital Los Angeles (CHLA) is a leader in pediatric and adolescent health both here and across the globe. As a premier Magnet teaching hospital, you'll find an environment that's alive with learning, rooted in care and compassion, and home to thought leadership and unwavering support. CHLA is dedicated to creating hope and building healthier futures - for our patients, as well as for you and your career! CHLA has been affiliated with the Keck School of Medicine of the University of Southern California since 1932. At Children's Hospital Los Angeles, our work matters. And so do each and every one of our valued team members. CHLA is an Equal Employment Opportunity employer. We consider qualified applicants for all positions without regard to race, color, religion, creed, national origin, sex, gender identity, age, physical or mental disability, sexual orientation, marital status, veteran or military status, genetic information or any other legally protected basis under federal, state or local laws, regulations or ordinances. We will also consider for employment qualified applicants with criminal history, in a manner consistent with the requirements of state and local laws, including the LA City Fair Chance Ordinance and SF Fair Chance Ordinance. Qualified Applicants with disabilities are entitled to reasonable accommodation under the California Fair Employment and Housing Act and the Americans with Disabilities Act. Please contact CHLA Human Resources if you need assistance completing the application process. Our various experiences, perspectives and backgrounds allow us to better serve our patients and create a strong community at CHLA. Information Security

NATIONAL LEADERS IN PEDIATRIC CARE Ranked among the top 10 pediatric hospitals in the nation, Children's Hospital Los Angeles (CHLA) provides the best care for kids in California. Here world-class experts in medicine, education and research work together to deliver family-centered care half a million times each year. From primary to complex critical care, more than 350 programs and services are offered, each one specially designed for children. The CHLA of the future is brighter than can be imagined. Investments in technology, research and innovation will create care that is personal, convenient and empowering. Our scientists will work with clinical experts to take laboratory discoveries and create treatments that are a perfect match for every patient. And together, CHLA team members will turn health care into health transformation. Join a hospital where the work you do will matter-to you, to your colleagues, and above all, to our patients and families. The work will be challenging, but always rewarding. It's Work That Matters. Overview PLEASE NOTE: This is a remote position. In accordance with CHLA policy, candidates must establish primary residency in California prior to their start date. Purpose Statement/Position Summary: The Information Security Analyst II is responsible for monitoring and addressing information security alerts, improving detection and response capabilities, and participating in efforts to streamline processes and improve efficiency. They will also be responsible for conducting security training and awareness campaigns, reporting on results, and conducting remedial training. The analyst will contribute to information security policies and standards as they are developed and maintained, in accordance with NIST CSF and HIPAA. They will be a mentor for Information Security Analyst I and peers. Minimum Qualifications/Work Experience: Required: 5 years of progressive experience in computing and information security, including experience with information security operations, utilization of multiple security tools to conduct investigations, and security training, preferably in a healthcare environment. * Management of information security tools. * Knowledge of vulnerability resolution. * Skills in risk analysis and hands-on issue resolution. * General awareness of NIST CSF and HIPAA security rule. * Experience analyzing security incidents utilizing multiple security tools for discovery. * Strong analytical and problem-solving skills Education/Licensure/Certification: Required: Associate degree in a related field or equivalent combination of education and experience may be considered. Certifications in two of the following required: * ISACA * CompTIA * EC-Council * Azure Security * AWS Security * Cisco * (ISC)² * GIAC Pay Scale Information $75,712.00-$124,384.00 CHLA values the contribution each Team Member brings to our organization. Final determination of a successful candidate's starting pay will vary based on a number of factors, including, but not limited to education and experience within the job or the industry. The pay scale listed for this position is generally for candidates that meet the specified qualifications and requirements listed on this specific job description. Additional pay may be determined for those candidates that exceed these specified qualifications and requirements. We provide a competitive compensation package that recognizes your experience, credentials, and education alongside a robust benefits program to meet your needs. CHLA looks forward to introducing you to our world-class organization where we create hope and build healthier futures. Children's Hospital Los Angeles (CHLA) is a leader in pediatric and adolescent health both here and across the globe. As a premier Magnet teaching hospital, you'll find an environment that's alive with learning, rooted in care and compassion, and home to thought leadership and unwavering support. CHLA is dedicated to creating hope and building healthier futures - for our patients, as well as for you and your career! CHLA has been affiliated with the Keck School of Medicine of the University of Southern California since 1932. At Children's Hospital Los Angeles, our work matters. And so do each and every one of our valued team members. CHLA is an Equal Employment Opportunity employer. We consider qualified applicants for all positions without regard to race, color, religion, creed, national origin, sex, gender identity, age, physical or mental disability, sexual orientation, marital status, veteran or military status, genetic information or any other legally protected basis under federal, state or local laws, regulations or ordinances. We will also consider for employment qualified applicants with criminal history, in a manner consistent with the requirements of state and local laws, including the LA City Fair Chance Ordinance and SF Fair Chance Ordinance. Qualified Applicants with disabilities are entitled to reasonable accommodation under the California Fair Employment and Housing Act and the Americans with Disabilities Act. Please contact CHLA Human Resources if you need assistance completing the application process. Our various experiences, perspectives and backgrounds allow us to better serve our patients and create a strong community at CHLA. Information Security

General Description The Chief of Pediatrics provides primary medical care to infants, children, and adolescents and leads all pediatric clinical operations within the Health Center. This role oversees pediatric program development, quality improvement, regulatory compliance, and community-based initiatives, ensuring high standards of care, safety, and operational efficiency. The Chief of Pediatrics works closely with the Chief Medical Officer and other clinical leaders to strengthen access, team-based care, workflows, and clinical programs that advance Caring Health Center's mission to serve a diverse and underserved community. Reports to: Chief Medical Officer Supervises: Pediatricians and other pediatric care providers Salary/Status: Exempt Minimum Requirements * Unrestricted Massachusetts medical license or the ability to obtain one prior to the start date. * Completion of an M.D. or D.O. degree. * Completion of an accredited pediatric residency or medicine-pediatrics residency program. * Board certification in Pediatrics. * Current DEA and Massachusetts Controlled Substances registrations or the ability to obtain them prior to the start date. * Demonstrated ability to provide high-quality clinical care in a high-volume, multicultural setting. * Eligibility for and maintenance of hospital privileges at designated partner hospitals. * Eligibility as an in-network provider for all major insurers. * Experience in caring for underserved and culturally diverse populations. * Experience or strong interest in clinical leadership, quality improvement, and team-based primary care. Preferred Qualifications: * Experience working in or with an FQHC, community health care setting, underserved populations, population health, accountable care organizations, value-based care, or integrated care models. * Experience supervising or mentoring clinicians such as NPs, PAs, or physicians. * Advanced degrees, such as an MPH, or relevant experience are desirable. Principal Responsibilities and Duties Clinical Care and Leadership * Provide direct clinical care to pediatric and adolescent patients. * Participate in the pediatric on-call schedule. Work with the Chief Clinical Officer to develop and maintain the pediatric on-call schedule to ensure adequate coverage and continuity of care. * Ensure appropriate and continuous peer review for all pediatric providers, including physicians, nurse practitioners, and physician assistants. * Guide integration of pediatric care with family medicine and other departments. * Collaborate with the Chief Clinical Officer, Chief of Adult Medicine, and Chief Medical Officer to ensure smooth and developmentally appropriate transitions of pediatric patients to adult practitioners. * Develop and maintain protocols for referrals to pediatric specialists to ensure timely and coordinated specialty care. Regulatory Compliance * Ensure that all pediatric providers and staff follow Massachusetts and Federal pediatric regulatory standards, including informed consent and assent procedures, disclosure requirements, mandated reporting laws, immunization documentation and reporting, adolescent confidentiality regulations, and telehealth and parental authorization requirements. * Provide training and updates to staff on regulatory changes affecting pediatric care. Program Management and Quality Improvement * Identify program needs and communicate them to the CMO and administration. Contribute to budget development. * Review, write, and update pediatric clinical policies, procedures, and prevention and screening schedules. * Lead pediatric quality improvement initiatives in collaboration with the CMO. * Participate as a key member of multidisciplinary teams, including PCMH integration efforts. * Build and maintain partnerships with local schools to support care coordination, health education, and improved access to pediatric services for Health Center patients. * Contribute to organizational initiatives and responsibilities required of all Health Center providers. Education, Training, and Community Engagement * Provide clinical teaching and mentorship for nurse practitioners, physician assistants, students, and trainees, and serve as the liaison between the Health Center and schools and universities. * Assist in developing standardized evaluation tools, training modules, and pre-operative or specialty evaluation protocols. * Oversee educational activities, pediatric rotations, and case-based learning. Serve as a mentor to pediatric providers. * Represent the Health Center in community activities, collaborative initiatives, and professional organizations. Administrative Responsibilities * Assist the Chief Medical Officer in developing clinical policies, care pathways, operational initiatives, and strategic priorities. * Participate in hiring, evaluation, and support of clinical staff. * Assist with managing provider schedules, staffing models, and call coverage. * Provide clinical leadership coverage in the absence of the Chief Medical Officer. * Support electronic medical record optimization, documentation improvement, and productivity enhancement. Communication and Professional Standards * Demonstrate sensitivity in all patient, family, and staff interactions and maintain strict confidentiality and privacy. * Use sound judgment in resolving clinical and operational issues. * Maintain professionalism and composure under pressure. Career Development * Attend and actively participate in staff meetings and provider education sessions. * Maintain clinical competency through ongoing medical education. * Maintain required hospital admitting privileges. Working Conditions * On-call coverage may be required based on departmental needs. * Potential exposure to patient blood and body fluids. * Use of a computer workstation for clinical and administrative duties is required. Salary Range: $230,000 to $265,000

Are you a hands-on security leader ready to make a measurable impact in a mission-driven organization? We're looking for a Director of Information Security to lead and scale our security operations, incident response, and engineering efforts. In this role, you'll oversee our security ecosystem - from real-time monitoring to proactive threat hunting - and help shape the future of enterprise security at a growing company. This is a highly collaborative position where you'll work cross-functionally with teams across the business to protect our information assets, infrastructure, and services - especially within a SaaS and life sciences environment. What will you do? Shape and drive the enterprise security operations strategy in alignment with broader company goals. Serve as a trusted advisor to senior leadership on all things security. Manage our Security Operations Center (SOC), ensuring rapid incident detection, triage, and response. Oversee threat intelligence, vulnerability management, and operational risk mitigation initiatives. Partner with IT and engineering teams to deploy, tune, and optimize tools like SIEM, SOAR, EDR, and DLP. Implement automation and integrations that improve speed and efficiency. Lead cyber incident response efforts and continuously test and improve our disaster recovery and response plans. Coordinate cross-functional teams (e.g., Legal, HR, Communications) during major security events. Lead, mentor, and grow a high-performing team of security and infrastructure professionals. Support the development of a resilient, inclusive, and learning-driven culture across the department. Align programs with regulatory standards (HIPAA, SOX, GDPR, PCI-DSS) and frameworks (NIST, MITRE ATT&CK). Support audits and ensure documentation is ready and accurate. How will you get there? Bachelor's degree in Computer Science, Information Security, or related field (Master's a plus). 12+ years of relevant experience, including 4+ years leading teams in complex enterprise environments. Hands-on expertise in SOC management, incident response, and threat intelligence. Experience in the Medical Device, Life Sciences, or highly regulated industries preferred. Professional certifications such as CISSP, CISM, GIAC, or CEH. Proficiency with security tools including SIEM, EDR, SOAR, IDS/IPS, and vulnerability management platforms. Strong knowledge of cloud (AWS, Azure, GCP), Windows/Linux systems, and network protocols. Familiarity with security frameworks and standards (NIST, MITRE, ISO 27001). Proven ability to build, lead, and retain high-performing technical teams. A proactive, solutions-oriented mindset with excellent communication and collaboration skills. #GKOSUS

WORK ENVIRONMENT When you join our team, you'll experience the flexibility, autonomy, trust, and collaboration we believe creates a safe, innovative, and thriving environment. After all, we[re hiring you not only for the skills and experiences you possess today, but also where you'll grow tomorrow. * Collaborative environment * Continuous Learning education and conference allocation * Business casual dress code RESPONSIBILITIES You'll primarily work with various information security-related technologies as we solve some of the biggest challenges facing the organizations we serve. You will be extected to approach technical decisions pragmatically to ensure the value of the work is the top priority. You'll demonstrate a strong aptitude for learning new skills as well as sharing and teaching your area of expertise. You'll plany an integral role in impacting team culture, practice, and engagement. * Serve as lead for Legislature-wide information security initiatives * Implement and operate security tools, working closely with Legislative IT teams to ensure timely remediation of vulnerabilities and exposures * Collaborate with other LIS engineers to ensure operational excellence * Create configuration and troubleshooting documentation * Contribute to troubleshooting and technical support QUALIFICATIONS Human Skills: * Strong Communication Skills - written, verbal, listening, and questioning - ability to explain security concepts to both technical and non-technical audiences * Problem Solver - understanding the problem, rather than just executing a task * Self-starter, initiative, drive, willingness to engage in improving the team * Continuous learning mindset - stay updated on the latest security risks and best practices * Collaborative - building partnerships with LIS Engineering teams and Legislative agencies * Passionate about advocating for improving security practices across the organization * Able to work with business systems owners to identify critical assets, security posture Technical skills: Experience with enterprise networks, IDS/IPS, firewalls, and network security. * NAC, identity management, authentication, and access management controls * Implementing hardening techniques for Windows, Linux, and mobile devices * Identifying, assessing, and mitigating vulnerabilities in applications and networks * Analyzing security logs to identify malicious activity and potential threats * Detecting, analyzing, containing, and recovering from security incidents * Experience configuring and using SIEM solutions * In-depth understanding of cloud security policies and implement them in an organization * Ability to build security policies and implement them in an organization * Certifications desired: CISSP or SSCP

San Francisco is a vibrant and dynamic city, on the forefront of economic growth & innovation, urban development, arts & entertainment, as well as social issues & change. This rich tapestry of culture and ideas is sustained by our City's commitment to heighten the quality of life for the diverse population of San Franciscans and residents of the greater Bay Area. Our employees play an important role not only in making our City what it is today, but also in shaping the future of San Francisco. Application Opening: 5/25/2022 Application Reposted: 11/06/2023* *Announcement reposted to reflect changes in the minimum qualifications. Application Deadline: Continuous How to Apply: Applications for Senior Information Systems Engineer - Security Specialty are only accepted through an online process. Visit ************************************* to begin the application process. Select “Apply Now” at the top of the job ad and follow instructions on the screen. Applicants may be contacted by email about this announcement and, therefore, it is their responsibility to ensure that their registered email address is accurate and kept up-to-date. Also, applicants must ensure that email from CCSF is not blocked on their computer by a spam filter. To prevent blocking, applicants should set up their email to accept CCSF mail from the following addresses (@sfgov.org, @sfdpw.org, @sfport.com, @flysfo.com, @sfwater.org, @sfdph.org, @asianart.org, @sfmta.com, @sfpl.org, @dcyf.org, @first5sf.org). Applicants will receive a confirmation email that their online application has been received in response to every announcement for which they file. Applicants should retain this confirmation email for their records. Failure to receive this email means that the online application was not submitted or received. Job Description Under general supervision, assists in analyzing, planning, implementing, maintaining, troubleshooting and enhancing large complex systems or networks consisting of a combination that may include mainframes, mini-computers, personal computers, mobile devices, LANS, WANs, servers, data storage and the physical and logical components that integrate these systems together as an enterprise networking backbone. The 1043 Senior Security Engineer is the advanced journey level in the Engineer series. The class is distinguished from the journey level by the complexity and size of the tasks, projects or duties assigned. It is also distinguished from the Journey level by the amount of discretion exercised over technical issues, problems and resolutions, and that it possesses a significant level of specialized technical and functional expertise beyond that expected at the Journey level. This level is distinguished from the Principal level in that Senior level exercises no or limited supervisory responsibilities or the lower technical leadership displayed. Positions at this level require highly specialized knowledge, abilities, skills and experience and often exercise independent judgement in the performance of their duties. The Senior level formulates recommendations consistent with directives, policies, standards and regulations. Work is judged primarily on overall results with great latitude in determining work methods and assignment requirements. The Senior has greater authority over assignments and decisions required to complete the work than lower level classifications. Serves as a senior technical architect and systems integrator for large complex systems or networks, with a focus on securing vulnerabilities and reducing risk of system and/or asset compromises. Essential Duties: 1. Architects, designs, implements, maintains and operates information system security controls and countermeasures. 2. Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance. 3. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance. 4. Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities and trends. 5. Responds to information system security incidents, including investigation of, countermeasures to and recovery from computer-based attacks, unauthorized access and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement. 6. Administers authentication and access controls, including provisioning, changes and deprovisioning of user and system accounts, security/access roles and access permissions to information assets. 7. Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments. 8. Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems. 9. Develops and administers, or provides advice, evaluation and oversight for, information security training and awareness programs. *This position may include additional duties as assigned.* Qualifications These minimum qualifications establish the education, training, experience, special skills and/or license(s) which are required for employment in the classification. Education : An associate degree in computer science, computer engineering, information systems, or a closely-related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in one of the fields above or a closely-related field]. Experience: Three (3) years of experience analyzing, installing, configuring, enhancing and/or maintaining the components of an enterprise network. Substitution : Additional experience as described above may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in one of the fields above or a closely-related field. Completion of the 1010 Information Systems Trainee Program may be substituted for the required degree. Verification: Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process. If education verification is required, you must provide a copy of your diploma showing major or transcripts showing coursework completed. Information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at ************************************************** . If experience verification is required, you must submit a letter from your employer on the employer's business letterhead stating your name, job title(s), dates of service in complete form (mm/dd/yy), a detailed description of duties performed and the verification letter must be signed by the employer or appropriate designee, such as a Human Resources Representative. Performance evaluations showing duties performed and dates of employment may also be submitted as verification documentation. Resumes are NOT verification. All work experience, education, training and other information substantiating how you meet the minimum qualifications must be included on your application by the filing deadline. Information submitted after the filing deadline will not be considered in determining whether you meet the minimum qualifications. Resumes will not be accepted in lieu of a completed City and County of San Francisco application. Applications completed improperly may be cause for ineligibility, disqualification or may lead to lower scores. Note: Any applicant whose application is deemed not qualified may reapply after 1 month upon successfully meeting the minimum qualifications for the given specialty area. Note: Falsifying one's education, training or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco. Additional Department Specific Requirements Positions with the San Francisco Airport Transportation Security Administration (TSA) Security Clearance: Candidates for employment with the San Francisco Airport Commission are required to provide a complete employment history for the past ten (10) years and an explanation of all gaps in employment during that period. The past ten (10) years of the candidate's employment will be verified. In addition, candidates will be required to undergo a criminal history check, including FBI fingerprints, in order to determine eligibility for security clearance and may be required to undergo drug/alcohol screening. Per Civil Service Commission Rule Section 110.9.1, every applicant for an examination must possess and maintain the qualifications required by law and by the examination announcement for the examination. Failure to obtain and maintain security clearance may be basis for termination from employment with the Airport Commission. Customs Clearance: This position with the San Francisco Airport Commission requires that the incumbent be qualified for unescorted access to the San Francisco International Airport U.S. Customs Security Area. An application for a U.S. Custom Access Seal may be submitted to Customs ONLY after employment has commenced. Employment in this position requires that the incumbent submit an application for, successfully acquire and maintain a Customs Access Seal. Per Civil Service Commission Rule 110.9.1, every applicant must possess and maintain the qualifications required by law and by the examination announcement for this examination. Failure to acquire or maintain customs access, a requirement for this position, may be basis for termination from employment with the Airport Commission. Customs Access Seal requirements and procedures are located in the Code of Federal Regulations, Title 19, Part 122, Sections 181 or 189. Positions with the Sherriff's Department Security clearance issued by the Sheriff's Department is required prior to appointment of positions with Jail Health Services and must be maintained for continued employment. Failure to demonstrate/show proof of security clearance may result in dismissal and/or termination of employment. Positions with the Port Positions with the San Francisco Port Commission require that incumbents are able to obtain a Transportation Worker Identification Credential (TWIC) certificate as a condition of employment. Additionally, candidates must be insurable under the Port's automobile liability insurance policy. Insurability must be maintained throughout employment. Additional Information Supplemental Questionnaire: Applicants are required to complete a Supplemental Questionnaire as part of the online application process. The purpose of the Supplemental Questionnaire is to allow candidates to self-certify their qualifications for the position. Applicants must also complete the official application. Tech Engineer - Security Core Exam (Weight: 100%) Candidates self-certifying meeting the Minimum Qualifications will be invited to participate in the online Tech Engineer - Security Core Exam. Candidates will be sent a web link via email that will allow them to take the online Tech Engineer - Security Core Exam that is designed to measure basic analytical and technical abilities associated with the target job, which may include but not be limited to: • Knowledge of security operations including concepts, investigations and incident management • Knowledge of security engineering • Knowledge of communication and network security • Knowledge of asset security operations • Knowledge of identity and access management including controlling access and managing identity • Knowledge of mobile security including managing and securing mobile devices and software • Knowledge of security assessment and testing This computer-administered test can be taken at home or at a time and location of one's convenience, but only within a two-week period specified on the test notification. Candidates must have access to a computer and reliable internet connection to participate in this exam. The test consists of 20 questions and it must be completed within 50 minutes. Questions are presented one at a time on the computer screen. There is no penalty for guessing. Candidates may not return to questions presented earlier in the exam; they can only move forward. A passing score must be attained on this test in order to continue further in the selection process. Test questions and answers are not available for public inspection or review. Note: A passing score must be achieved on all examination components in order to be placed on the Eligible List. The hiring department may administer additional position-specific procedures to make final hiring decisions. Achieving a passing score in one class does not guarantee placement on eligible lists for the other classes. You must apply to each class for which you would like to be considered. There are different exams for each of the SF Civic Tech specialty areas (Applications, Networks, Security and Systems), and each class (1041, 1042, 1043 and 1044) has a different passing score for each exam. Candidates' scores on the Tech Engineer - Security Core Exam may also be applied to other announcements involving other job titles, when directed by the Human Resources Director. Score Banking: Scores attained on the Tech Engineer - Security Core Exam will be 'banked' for three years, starting from the date of the examination. This means that, during this three-year time period, candidates need not take this test again. Rather, if another announcement you applied to and are deemed qualified for requires the Tech Engineer - Security Core Exam and is held within one year of your Tech Engineer - Security Core Exam date your score will be automatically applied to that announcement. However, after one year, a candidate has the option to either (a) apply their test score to the other announcement or (b) re-take the test. Re-testing is permitted no sooner than one year from the date of the test and only in association with a candidate's eligibility for another announcement to which the candidate has applied and is deemed qualified. If a candidate opts to re-test, the re-test score becomes the candidate's official score since it is the most recent. If a significant modification is made to this exam in the future, the application of “banked” scores may no longer be appropriate. In such a rare circumstance, candidates with “banked” scores would be required to re-take the exam sooner than the three-year period specified above should they apply to another job opportunity where the modified exam is used. Eligible List/Score Report: A confidential eligible list of applicant names that have passed the civil service examination process will be created, and used for certification purposes only. An examination score report will be established, so applicants can view the ranks, final scores and number of eligible candidates. Applicant information, including names of applicants on the eligible list, shall not be made public unless required by law. However, an eligible list shall be made available for public inspection, upon request, once the eligible list is exhausted or expired and referrals resolved. The eligible list/score report resulting from this civil service examination process is subject to change after adoption (e.g., as a result of appeals), as directed by the Human Resources Director or the Civil Service Commission. Upon passing the exam, candidates will be placed on the eligible list for a period of 12 months. To find Departments which use this classification, please see ************************************************************************************************************************** . Certification: The certification rule for the eligible list resulting from this examination will be Rule of the List. Additional selection processes may be conducted by the hiring department prior to making final hiring decisions. Additional Information Regarding Employment with the City and County of San Francisco Information About The Hiring Process Conviction History Employee Benefits Overview Equal Employment Opportunity Disaster Service Worker ADA Accommodation Veterans Preference Seniority Credit in Promotional Exams Right to Work Copies of Application Documents Diversity Statement Terms of Announcement and Appeal Rights: Applicants must be guided solely by the provisions of this announcement, including requirements, time periods and other particulars, except when superseded by federal, state or local laws, rules or regulations. [Note: The correction of clerical errors in an announcement may be posted on the City's Career website at *********************** . The terms of this announcement may be appealed under Civil Service Rule 110.4. Such appeals must be submitted in writing to the Department of Human Resources, 1 S Van Ness Avenue, 4th Floor, San Francisco, CA 94103-5413 by close of business on the 5th business day following the issuance date of this examination announcement. Information concerning other Civil Service Commission Rules involving announcements, applications and examination policies, including applicant appeal rights, can be found on the Civil Service Commission website at *********************************** . The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.

We're not just a workplace - we're a Great Place to Work certified employer! Proudly certified as a Great Place to Work, we are dedicated to creating a supportive and inclusive environment. At Sonic Healthcare USA, we emphasize teamwork and innovation. Check out our job openings and advance your career with a company that values its team members! Position Summary The Information Security GRC Specialist supports Sonic Healthcare USA's Cybersecurity program by implementing and maintaining governance, risk, and compliance (GRC) practices that protect sensitive data and ensure regulatory alignment. This role leads internal audits, risk assessments, and policy development efforts, while serving as a technical resource across departments and external partners. The ideal candidate brings a strategic mindset, strong working knowledge of security frameworks, and a collaborative approach to problem-solving. Key Responsibilities Implement and monitor security controls aligned with HIPAA, ISO27001:2022, and NIST CSF Conduct internal and third-party risk assessments; support remediation and audit readiness Develop and maintain cybersecurity policies, procedures, and awareness training programs Respond to vendor security assessments and manage documentation for external audits Maintain GRC tools, dashboards, and evidence artifacts; define control ownership and track corrective actions Provide cross-functional guidance on compliance requirements and stay current with regulatory changes Qualifications Bachelor's degree in Computer Information Systems or related field (preferred) 4+ years of experience in cybersecurity risk assessments, audits, policy development, and compliance Familiarity with HIPAA, ISO27001:2022, and NIST CSF v2.0 frameworks Certifications such as CISA, CISSP, CISM, or CRISC (preferred) Core Competencies Strong understanding of security governance, compliance frameworks, and regulatory requirements Familiarity with IT infrastructure, data architecture, and cybersecurity technologies Skilled in GRC strategy development, data analysis, reporting, and maintaining technical standards Ability to communicate complex technical concepts clearly to varied audiences, including senior leadership Proven capacity to apply risk-based approaches to audits and assessments Comfortable working independently and collaboratively across teams and geographies Adaptable in fast-paced environments with shifting priorities Scheduled Weekly Hours: 40 Work Shift: Job Category: Information Technology Company: Sonic Healthcare USA, Inc Sonic Healthcare USA is an equal opportunity employer that celebrates diversity and is committed to an inclusive workplace for all employees. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, age, national origin, disability, genetics, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

At Moffitt Cancer Center, we strive to be the leader in understanding the complexity of cancer and applying these insights to contribute to the prevention and cure of cancer. Our diverse team of over 9,000 are dedicated to serving our patients and creating a workspace where every individual is recognized and appreciated. For this reason, Moffitt has been recognized on the 2023 Forbes list of America's Best Large Employers and America's Best Employers for Women, Computerworld magazine's list of 100 Best Places to Work in Information Technology, DiversityInc Top Hospitals & Health Systems and continually named one of the Tampa Bay Time's Top Workplace. Additionally, Moffitt is proud to have earned the prestigious Magnet designation in recognition of its nursing excellence. Moffitt is a National Cancer Institute-designated Comprehensive Cancer Center based in Florida, and the leading cancer hospital in both Florida and the Southeast. We are a top 10 nationally ranked cancer center by Newsweek and have been nationally ranked by U.S. News & World Report since 1999. Working at Moffitt is both a career and a mission: to contribute to the prevention and cure of cancer. Join our committed team and help shape the future we envision. Summary Security Systems Analyst II Position Highlights: * The Security Systems Analyst II, will maintain the architecture of security controls for applications of systems, such as infrastructure and web application firewalls. * The Security Systems Analyst II reviews alerts and data from network and server infrastructure and documents formal, technical incident reports. * Works with Security Systems Engineer on foundational technology security reviews and assessments. * The Security Systems Analyst II will also administer and maintain an organizational SIEM and log solution in concert with organizational monitoring platforms. * This position leverages experience with PKI and certificates and will also deliver XDR across the organization. Responsibilities: * Performs maintenance and management of security systems and applications, including firewalls, PKI and certificates, network security appliances and host-based security systems * This includes infrastructure and web applications firewalls, including physical and virtual firewalls, including day to day maintenance of firewall rules. Investigates and documents issues or incidents involving the enterprise firewall. * Participates in infrastructure projects to develop, plan and implement specifications for network and distributed system security technologies in support of key information systems * Assists remediation required by audits, and document exceptions as necessary Education and Experience: * High School Diploma/GED * Minimum of 5 years of experience in an IT support environment which could include experience in more than one of the following IT disciplines: * Complex IT Portfolio environment including large scale systems, servers, storage and networking. * High availability application layer and/or stateful inspection based firewalls. * VPN gateways & remote access clients. * Public key Infrastructures including Certificate Authority (CA), Registration Authority (RA) and Certificate Repository. * Securing Internet access, Intranet, and Extranet. * Technology background in systems, networking and/or data storage design, engineering and support. Plus * Experience delivering XDR across the organization. * Experience with PKI and certificates Share:

The use of IT (Information Technology) infrastructure in the company is vital for daily operation. The IS (Information Security) Specialist should Provide secure Information Technology infrastructure service to the company as well as companywide employees and staff. Role Description. Define and implement Macro (Servers, Groups and Shared resource) and Micro (Personal and Single) IT infrastructure. Analyze, Plan, Design, Develop and Implement IT Infrastructure and IT Security solutions to support company IT requirements. Analyze and prevent any Information risk ensuring the companys information integrity. Define, maintain and monitor the execution of IS and IT policies. Execute and monitor company IT/IS Compliance. Essential Duties and Responsibilities -Monitoring and maintaining computer systems and networks -Responding in a timely manner to service issues and requests -Providing technical support across the company -Support equipment repair and replacement service -Testing Benchmarking new technology -Maintain and execute IT Training program for new employs -Monitor IT/IS Infrastructure (including servers and network devices) to ensure data integrity -Reporting of daily system issues. -Analyze and propose system improvements. -Documentation related to IT/IS policies, issues, and procedures. -Participation and active analyst, designer, and developer in IT projects. -Monitoring of IT/IS infrastructure-related expenses. -Other duties as assigned. Requirements Qualifications: Listed below are the minimum and/or desired qualifications of the position including education, work experience, and knowledge & skills that are required to perform satisfactorily in the position: Education and Work Experience: -Vocational or undergraduate degree in information systems and computer science or related field. -One (1) to three (3) years of information systems, computer science and/or IT-related experience. Knowledge and Skills: -PC and Server management -IT Hardware and Software installation -Initiative skills -Problem-solving skills -Understanding of IT infrastructure and application architectures -Great Social and Communication Skills -Great Oral and Written Communication Skills -System process analysis and design capabilities/experience -Server Operating systems (Windows Server, Linux, HP-UX, Unix, Sun Solaris) -Antivirus, NAC, DLP, MDM and other IS Solutions -IS Related definition and policies (ex. ISO 27001) -Networking (Cisco/HP) and network devices (Routers and Switch) -VPN -TCP/IP, UDP, Network standards -LDAP, Active Directory and Exchange -Access Control -Security Cameras -Firewall, Web Filter and other network security appliance solutions -Database systems (SQL Server/MySQL/Oracle) and programming skill (is a plus) -MS Office skills (especially Excel skills) Physical Demands: -Position requires sitting at a desk working on a computer for at least 2/3 of time. -Position requires regular and reliable attendance. -Position requires local travel up to 10% of the time.

Applied Medical is a new generation medical device company with a proven business model and commitment to innovation fueled by rapid business growth and expansion. Our company has been developing and manufacturing advanced surgical technologies for over 35 years and has earned a strong reputation for excellence in the healthcare field. Our unique business model, combined with our dedication to delivering the highest quality products, enables team members to contribute in a larger capacity than is possible in typical positions. Position Description The Information Security Manager / Senior Manager leads the advancement of Applied Medical's global information security program. This role develops and implements strategies that protect organizational data, systems, and infrastructure while ensuring alignment with business objectives, regulatory standards, and frameworks such as the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) and International Organization for Standardization (ISO) 27001. The Information Security Manager / Senior Manager directs a team of security professionals in a collaborative environment, overseeing operations, risk management, and incident response. This position requires a proven leader who combines technical expertise with strategic vision, fosters cross-functional alignment, mentors high-performing teams, and promotes a strong culture of security awareness across the organization. Key Responsibilities * Lead and mentor a team of information security analysts to ensure effective daily operations across areas such as network security, endpoint protection, and identity and access management (IAM). * Oversee threat detection, incident response, and vulnerability management processes, ensuring timely investigation and resolution of security events. * Develop and implement security strategies that align with business objectives, compliance standards, and recognized frameworks including NIST CSF, ISO 27001, and SOC 2. * Collaborate with global IT, engineering, and application development teams to integrate security controls into infrastructure, cloud environments, and software systems. * Evaluate and manage third-party vendor risk, ensuring adherence to Applied Medical's information security standards and regulatory requirements. * Lead the review and continuous improvement of information security policies, procedures, and documentation. * Develop and deliver organization-wide security awareness and training programs that promote a proactive security culture. * Monitor industry trends, emerging threats, and new technologies to strengthen Applied Medical's security posture and resilience. Success in This Role Looks Like * Leads a cohesive and motivated information security team that demonstrates accountability, collaboration, and continuous improvement. * Aligns information security initiatives with business goals and ensures compliance with internal and external standards. * Builds trust and alignment across departments by communicating complex security concepts in clear, practical terms. * Anticipates evolving risks and proactively enhances the organization's ability to prevent, detect, and respond to security threats. * Demonstrates strong partnership with executive and technical teams to advance Applied Medical's long-term security strategy. Position Requirements This position requires the following skills and attributes * Bachelor's degree in information technology, computer science, or a related field. * Five or more years of information security experience, including at least three years in a leadership or management role. * Proven experience managing security operations, including oversight of a Security Operations Center (SOC) and related functions. * Strong understanding of cybersecurity principles, including network and cloud security, endpoint protection, identity and access management (IAM), and data protection. * Knowledge of security frameworks and regulations such as NIST CSF, ISO 27001, General Data Protection Regulation (GDPR), and Health Insurance Portability and Accountability Act (HIPAA). * Demonstrated ability to lead cross-functional teams, communicate effectively with non-technical stakeholders, and influence decision-making across levels. * Experience making risk-based decisions that balance security needs with business objectives. * Excellent analytical, organizational, and problem-solving skills. Preferred The following skills and attributes are preferred * Master's degree in information security, cybersecurity, or a related field. * Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP). * Experience managing information security programs within a regulated industry such as medical device, healthcare, or manufacturing. * Familiarity with Lean Six Sigma or other continuous improvement methodologies. * Strong understanding of budgeting, cost-benefit analysis, and security investment planning. Benefits * Competitive compensation range: $100000 - $150000 / year (California). * Comprehensive benefits package. * Training and mentorship opportunities. * On-campus wellness activities. * Education reimbursement program. * 401(k) program with discretionary employer match. * Generous vacation accrual and paid holiday schedule. Please note that the compensation range may be based on factors such as relevant education, qualifications, experience. The compensation range may be adjusted in the future, and special discretionary bonus or incentive compensation plans may apply. Our total reward package reflects our commitment to team member growth and well-being, as we invest in your development and offer a range of benefits designed to enhance your career and life. Equal Opportunity Employer Applied Medical is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), or sexual orientation, or any other basis protected by federal, state or local laws in the locations where Applied Medical operates.