Senior Security Engineer jobs at Tempus

Providence caregivers are not simply valued - they're invaluable. Join our team at Enterprise Information Services and thrive in our culture of patient-focused, whole-person care built on understanding, commitment, and mutual respect. Your voice matters here, because we know that to inspire and retain the best people, we must empower them. Providence is looking for a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence. In this pivotal role, you'll be the strategic force behind identifying and neutralizing emerging threats, safeguarding critical systems, and empowering Providence's Global Security Operations Center. Your insights will directly inform risk strategies and guide executive decision-making -making you a key player in protecting millions of lives through secure healthcare technology. If you're passionate about staying ahead of adversaries and driving innovation in cybersecurity, this is your chance to lead at the highest level. Providence offers hybrid work options for candidates living within a daily commuting distance -up to 65 miles-from any of our primary office locations listed below. + Washington: Seattle, Redmond, Renton, Vancouver + California: Los Angeles, Irvine + Oregon: Portland Please note the following important details regarding this position: + This is a hybrid role, involving a combination of in-office and remote work each week. + The weekly hybrid schedule will be determined by the manager based on departmental needs. Essential Functions: + Conduct in-depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization. + Prepare and deliver well researched, impactful analytic findings that combine self-driven research and findings from team threat hunting efforts to convey cyber threat risk and impact, tailored appropriately to technical and non-technical stakeholders, including executives + Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques + Ability to classify, categorize, and analyze malware and threats. Translate this into actionable detections using frameworks such as MITRE ATT&CK + Maintain strong breadth and depth of knowledge about the healthcare industry threat landscape, including threat actors, malware, hacking techniques, emerging threats, and trends that may impact the organization + Collaborate with internal teams to provide timely and actionable intelligence, aligned with operational needs, that support CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives + Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat hunting operations. + Perform root cause analysis and provide recommendations for proactive measures to help prevent cyber intrusions. + Continuously update and refine existing threat intelligence processes and methodologies to ensure the organization remains at the forefront of cyber defense. + Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations. + Monitor and assess emerging technologies, such as AI and machine learning capabilities to augment and enhance threat detection, triage, and analysis. Required Qualifications: + Bachelor's Degree in Computer Engineering, Computer Science, Mathematics, Engineering -OR- a combination of equivalent education / experience + Upon Hire: CISSP, CEH, or an equivalent certification + 8 or more years of related experience + Experience designing security controls and countermeasures for operating systems, databases, applications, Web services, user devices, and wireless networks. Preferred Qualifications: + Master's Degree in Computer Engineering, Computer Science, Mathematics, Engineering + Experience in a Healthcare environment + 8 or more years of cyber threat intelligence analysis experience + Experience conducting in-depth analysis and research on cyber threats, including identifying threat actors' motivations, intent, and TTPs + Skilled in correlating intelligence from multiple sources to assess potential organizational impact + Familiarity with reverse engineering and categorizing malware + Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply chain vulnerabilities + Demonstrated experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model of Intrusion Analysis, others + Experience working cross-functionally with CIRT/IR teams, vulnerability management, and SOC operations teams. + Experience working with insider threat teams a plus + Capability to develop threat profiles and integrate tactical intelligence into detection rules + Ability to influence risk-based decision-making with clear, concise reporting Salary Range by Location: + California: Los Angeles and Irvine: Min: $71.23, Max: $121.29 + Oregon: Portland Service Area: Min: $68.33, Max: $116.36 + Washington: Seattle, Renton, Redmond: Min: $71.23, Max: $121.29 + Washington: Vancouver: Min: $68.33, Max: $116.36 Why Join Providence? Our best-in-class benefits are uniquely designed to support you and your family in staying well, growing professionally, and achieving financial security. We take care of you, so you can focus on delivering our Mission of caring for everyone, especially the most vulnerable in our communities. About Providence At Providence, our strength lies in Our Promise of "Know me, care for me, ease my way." Working at our family of organizations means that regardless of your role, we'll walk alongside you in your career, supporting you so you can support others. We provide best-in-class benefits and we foster an inclusive workplace where diversity is valued, and everyone is essential, heard and respected. Together, our 120,000 caregivers (all employees) serve in over 50 hospitals, over 1,000 clinics and a full range of health and social services across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. As a comprehensive health care organization, we are serving more people, advancing best practices and continuing our more than 100-year tradition of serving the poor and vulnerable. The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities. Providence offers a comprehensive benefits package including a retirement 401(k) Savings Plan with employer matching, health care benefits (medical, dental, vision), life insurance, disability insurance, time off benefits (paid parental leave, vacations, holidays, health issues), voluntary benefits, well-being resources and much more. Learn more at providence.jobs/benefits. Applicants in the Unincorporated County of Los Angeles: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Unincorporated Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act." About the Team Providence Shared Services is a service line within Providence that provides a variety of functional and system support services for our family of organizations across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. We are focused on supporting our Mission by delivering a robust foundation of services and sharing of specialized expertise. Providence is proud to be an Equal Opportunity Employer. We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law. We believe diversity makes us stronger, so we are dedicated to shaping an inclusive workforce, learning from each other, and creating equal opportunities for advancement. Requsition ID: 401760 Company: Providence Jobs Job Category: Information Security Job Function: Information Technology Job Schedule: Full time Job Shift: Day Career Track: Business Professional Department: 4011 CYBERSECURITY Address: CA Irvine 15480 Laguna Canyon Rd Work Location: Providence System Offices Discovery Park-Irvine Workplace Type: Hybrid Pay Range: $See Job Posting - $See Job Posting The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.

Providence caregivers are not simply valued - they're invaluable. Join our team at Enterprise Information Services and thrive in our culture of patient-focused, whole-person care built on understanding, commitment, and mutual respect. Your voice matters here, because we know that to inspire and retain the best people, we must empower them. Providence is looking for a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence. In this pivotal role, you'll be the strategic force behind identifying and neutralizing emerging threats, safeguarding critical systems, and empowering Providence's Global Security Operations Center. Your insights will directly inform risk strategies and guide executive decision-making -making you a key player in protecting millions of lives through secure healthcare technology. If you're passionate about staying ahead of adversaries and driving innovation in cybersecurity, this is your chance to lead at the highest level. Providence offers hybrid work options for candidates living within a daily commuting distance -up to 65 miles-from any of our primary office locations listed below. + Washington: Seattle, Redmond, Renton, Vancouver + California: Los Angeles, Irvine + Oregon: Portland Please note the following important details regarding this position: + This is a hybrid role, involving a combination of in-office and remote work each week. + The weekly hybrid schedule will be determined by the manager based on departmental needs. Essential Functions: + Conduct in-depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization. + Prepare and deliver well researched, impactful analytic findings that combine self-driven research and findings from team threat hunting efforts to convey cyber threat risk and impact, tailored appropriately to technical and non-technical stakeholders, including executives + Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques + Ability to classify, categorize, and analyze malware and threats. Translate this into actionable detections using frameworks such as MITRE ATT&CK + Maintain strong breadth and depth of knowledge about the healthcare industry threat landscape, including threat actors, malware, hacking techniques, emerging threats, and trends that may impact the organization + Collaborate with internal teams to provide timely and actionable intelligence, aligned with operational needs, that support CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives + Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat hunting operations. + Perform root cause analysis and provide recommendations for proactive measures to help prevent cyber intrusions. + Continuously update and refine existing threat intelligence processes and methodologies to ensure the organization remains at the forefront of cyber defense. + Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations. + Monitor and assess emerging technologies, such as AI and machine learning capabilities to augment and enhance threat detection, triage, and analysis. Required Qualifications: + Bachelor's Degree in Computer Engineering, Computer Science, Mathematics, Engineering -OR- a combination of equivalent education / experience + Upon Hire: CISSP, CEH, or an equivalent certification + 8 or more years of related experience + Experience designing security controls and countermeasures for operating systems, databases, applications, Web services, user devices, and wireless networks. Preferred Qualifications: + Master's Degree in Computer Engineering, Computer Science, Mathematics, Engineering + Experience in a Healthcare environment + 8 or more years of cyber threat intelligence analysis experience + Experience conducting in-depth analysis and research on cyber threats, including identifying threat actors' motivations, intent, and TTPs + Skilled in correlating intelligence from multiple sources to assess potential organizational impact + Familiarity with reverse engineering and categorizing malware + Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply chain vulnerabilities + Demonstrated experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model of Intrusion Analysis, others + Experience working cross-functionally with CIRT/IR teams, vulnerability management, and SOC operations teams. + Experience working with insider threat teams a plus + Capability to develop threat profiles and integrate tactical intelligence into detection rules + Ability to influence risk-based decision-making with clear, concise reporting Salary Range by Location: + California: Los Angeles and Irvine: Min: $71.23, Max: $121.29 + Oregon: Portland Service Area: Min: $68.33, Max: $116.36 + Washington: Seattle, Renton, Redmond: Min: $71.23, Max: $121.29 + Washington: Vancouver: Min: $68.33, Max: $116.36 Why Join Providence? Our best-in-class benefits are uniquely designed to support you and your family in staying well, growing professionally, and achieving financial security. We take care of you, so you can focus on delivering our Mission of caring for everyone, especially the most vulnerable in our communities. About Providence At Providence, our strength lies in Our Promise of "Know me, care for me, ease my way." Working at our family of organizations means that regardless of your role, we'll walk alongside you in your career, supporting you so you can support others. We provide best-in-class benefits and we foster an inclusive workplace where diversity is valued, and everyone is essential, heard and respected. Together, our 120,000 caregivers (all employees) serve in over 50 hospitals, over 1,000 clinics and a full range of health and social services across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. As a comprehensive health care organization, we are serving more people, advancing best practices and continuing our more than 100-year tradition of serving the poor and vulnerable. The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities. Providence offers a comprehensive benefits package including a retirement 401(k) Savings Plan with employer matching, health care benefits (medical, dental, vision), life insurance, disability insurance, time off benefits (paid parental leave, vacations, holidays, health issues), voluntary benefits, well-being resources and much more. Learn more at providence.jobs/benefits. Applicants in the Unincorporated County of Los Angeles: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Unincorporated Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act." About the Team Providence Shared Services is a service line within Providence that provides a variety of functional and system support services for our family of organizations across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. We are focused on supporting our Mission by delivering a robust foundation of services and sharing of specialized expertise. Providence is proud to be an Equal Opportunity Employer. We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law. We believe diversity makes us stronger, so we are dedicated to shaping an inclusive workforce, learning from each other, and creating equal opportunities for advancement. Requsition ID: 401760 Company: Providence Jobs Job Category: Information Security Job Function: Information Technology Job Schedule: Full time Job Shift: Day Career Track: Business Professional Department: 4011 CYBERSECURITY Address: CA Irvine 15480 Laguna Canyon Rd Work Location: Providence System Offices Discovery Park-Irvine Workplace Type: Hybrid Pay Range: $See Job Posting - $See Job Posting The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.

EnableComp provides Specialty Revenue Cycle Management solutions for healthcare organizations, leveraging over 24 years of industry-leading expertise and its unified E360 RCM ™ intelligent automation platform to improve financial sustainability for hospitals, health systems, and ambulatory surgery centers (ASCs) nationwide. Powered by proprietary algorithms, iterative intelligence from 10M+ processed claims, and expert human-in-the-loop integration, EnableComp provides solutions across the revenue lifecycle for Veterans Administration, Workers' Compensation, Motor Vehicle Accidents, and Out-of-State Medicaid claims as well as denials for all payer classes. By partnering with clients to supercharge the reimbursement process, EnableComp removes the burden of payment from patients and provider organizations while enabling accelerated cash, higher and more accurate yield, clean AR management, reduced denials, and data-rich performance management. EnableComp is a multi-year recipient the Top Workplaces award and was recognized as Black Book's #1 Specialty Revenue Cycle Management Solution provider in 2024 and is among the top one percent of companies to make the Inc. 5000 list of the fastest-growing private companies in the United States for the last eleven years. Position Summary The Security Engineer (Application & AI Security) will serve as the technical implementation bridge between our security policy team and development operations. The Security Engineer will be embedded with development teams, writing code, configuring systems, and directly implementing security controls across applications, databases, and AI systems during a major Agentic AI platform transformation.Key Responsibilities Bridge security policy and technical execution by translating organizational security requirements into practical, deployable solutions across applications, data environments, and AI systems. Design, build, and deploy security controls across web applications, data pipelines, APIs, and Agentic AI systems to ensure confidentiality, integrity, and availability. Implement secure-by-design practices throughout the software development lifecycle, including code-level remediations, configuration hardening, and secure infrastructure deployment. Develop automation scripts and infrastructure-as-code to integrate security into CI/CD pipelines, enabling continuous compliance, secrets management, vulnerability scanning, and environment hardening. Implement and operationalize AI-specific security frameworks by building guardrails for agentic models, securing data flows, and integrating AI security tooling into development workflows. Perform hands-on technical security assessments, including penetration testing, threat modeling, and code reviews, and directly remediate identified vulnerabilities. Collaborate with cloud and DevOps teams to deploy monitoring and detection controls and ensure secure configuration baselines across environments. Provide practical security guidance and training to developers and engineers during architecture reviews, sprint planning, and project delivery. Continuously evaluate and improve the organization's security posture through testing, feedback loops, and adoption of emerging best practices for AI and distributed systems. Document security architectures, configurations, and implementation patterns to support ongoing operations, compliance, and knowledge sharing. Other duties as required Requirements & Qualifications Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field required 3+ years in hands-on application security, DevSecOps, or security engineering roles. Proven experience building and configuring secure CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions, Azure DevOps). Equivalent combination of education and experience will be considered. Deep proficiency with cloud security in AWS, Azure, or GCP environments. Strong implementation experience with infrastructure as code (Terraform, CloudFormation) and container security (Docker, Kubernetes). Strong scripting and automation skills (Python, Bash, PowerShell) for security tooling. Versatility across web/API security, data pipeline security, microservices, and database security. Understanding of security frameworks (NIST, ISO 27001, SOC 2) and compliance requirements (GDPR, HIPAA, PCI-DSS). Hands-on experience deploying and configuring security scanning tools (SAST, DAST, SCA). Excellent communication skills-ability to translate security requirements into working technical implementations. Experience working embedded within cross-functional development teams. Proven track record of hands-on problem-solving in fast-paced development environments. Regular and predictable attendance. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions Special Considerations & Prerequisites Practices and adheres to EnableComp's Core Values, Vision and Mission. Hands-on experience with AI/ML security, model security, and data governance Technical knowledge of LLM security, prompt injection prevention, and AI agent safety Security certifications (CISSP, CEH, OSCP, CSSLP, or cloud security certifications) Strong coding background in Python, Go, or similar languages. Background in software development or engineering transitioning to security. Direct experience implementing secrets management solutions (HashiCorp Vault, AWS Secrets Manager). Practical experience with zero trust architecture implementation. Familiarity with data security, ETL processes, and data warehouse security. Experience with microservices architectures and distributed systems security. EnableComp is an Equal Opportunity Employer M/F/D/V. All applicants will be considered for this position based upon experience and knowledge, without regard to race, color, religion, national origin, sexual orientation, ancestry, marital, disabled or veteran status. We are committed to creating and maintaining a workforce environment that is free from any form of discrimination or harassment. EnableComp recruits, develops and retains the industry's top talent. As the employer of choice in the complex claims industry, EnableComp takes pride in our continuous commitment to building and maintaining a culture centered around fostering the professional growth and development of our people. We believe that investing in our employees is the key to our success, and we are dedicated to providing them with the tools, resources, and support they need to thrive and grow their career here. At EnableComp, we are committed to living up to our core values each and every day, and we believe that this commitment is what sets us apart from other companies. If you are looking for a company that values its employees and is dedicated to helping them achieve their full potential, then EnableComp is the place for you. Don't just take our word for it! Hear what our people are saying: “I love my job because everyone shares the same vision and is determined and dedicated. People care about you as a person and your professional growth. There is a genuine spirit of cooperation and shared goals all revolving around helping each other.” - Revenue Specialist “I enjoy working for EnableComp because of the Core Values we believe in. EnableComp stands true to these values from empowering employees to ecstatic clients. This company is family oriented and flexible, along with understanding the balance of work, life, and fun.” - Supervisor, Operations

Site: Mass General Brigham Incorporated Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham. MGB Digital is hiring a vital member of the team, Payment Card Industry Data Security Standard (PCI DSS) Information Security Analyst III Full Time Comprehensive Benefits PTO starts to accrue day 1 Hybrid Working Model Job Summary Summary The Payment Card Industry Data Security Standard (PCI DSS) Information Security Analyst III serves as the lead of Mass General Brigham's PCI DSS compliance program within Digital Information Security. The incumbent will be a subject matter expert in Payment Card Industry Standards, related technical infrastructure, and audit compliance. They will be responsible for leading Mass General Brigham up to the next level of PCI Compliance as an organization that processes payment card data. This role is responsible for assessing if MGB's information assets are protected in accordance with all PCI-DSS policies, controls, industry standards, and frameworks. They will work to develop, implement, and maintain a comprehensive information compliance program that encompasses all aspects of the PCI compliance management lifecycle-including scoping, control validation, evidence collection, remediation tracking, and annual third-party assessments. The PCI Information Security Analyst III will act as a strategic partner to internal stakeholders and external assessors, ensuring that cardholder data is properly secured, regulatory obligations are met, and enterprise risk is minimized. Essential Functions * Acts as a subject matter expert leader within the team, guiding and mentoring junior and mid-level teammates. * Drives innovation by researching and proposing improved security solutions and technologies within their domain. * Solves complex business problems, including system-wide issues and critical incidents by applying technical and security subject matter expertise in support of business goals. * Drives cross-functional collaboration with vendors, partners and stakeholders to maximize the effectiveness of our solutions. Qualifications * Associate's Degree Related Field of Study required * Bachelor's Degree Related Field of Study highly preferred * Can this role consider and review experience in lieu of a degree? Yes * Relevant experience 5-7 years required Skills For Success * Expertise in cybersecurity concepts within their domain. * Strong understanding of cybersecurity concepts outside of specific individual domain. * Expertise with the tools and solutions supported by the team. * An ability to apply original and innovative thinking to produce new ideas. * Strong leadership, communication and project management skills. * Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one. Additional Job Details (if applicable) Working Model & Additional Details * M-F Eastern Business Hours required * Hybrid onsite Flexible working model required weekly includes onsite in office (number of days weekly can vary, must be flexible for business needs) * 1-2 onsite days per week generally, must be flexible for business needs * Remote working days require stable, secure, quiet, compliant working station with MGB issued equipment The salary range for this position is $92,102.14 to $155,032,25 annually. At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience, if applicable, education, certifications, and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums, and bonuses as applicable, and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package Remote Type Hybrid Work Location 399 Revolution Drive Scheduled Weekly Hours 40 Employee Type Regular Work Shift Day (United States of America) Pay Range $92,102.40 - $134,056.00/Annual Grade 7 At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience if applicable, education, certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. EEO Statement: Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veteran's Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact Human Resources at **************. Mass General Brigham Competency Framework At Mass General Brigham, our competency framework defines what effective leadership "looks like" by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused, half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance, make hiring decisions, identify development needs, mobilize employees across our system, and establish a strong talent pipeline.

Full Time 12238 Silicon Drive Information/Technology Day Shift /RESPONSIBILITIES The Senior Cyber Security Analyst must have a deep understanding of information security protocols and a passion for protecting Community First Health Plans Inc. (Community First) healthcare data. In this role, the Senior Analyst will be instrumental in establishing and maintaining security standards across Community First. The Senior Analyst will be required to develop, implement, and manage security solutions; and must demonstrate the ability to communicate complex security concepts to both technical and non-technical audiences. The Senior Analyst champions awareness and influences compliance with security policies and provides solutions for business-specific security issues. Oversees day-to-day identity access management and quarterly required audits. Owns and oversees the disaster recovery plans; coordinates business continuity plans with the compliance and risk management team. Serves as a thought leader and enterprise subject matter expert (SME) for federal and state information security regulations and standards. EDUCATION/EXPERIENCE Bachelor's degree plus five years of progressive experience working in information technology, security, or risk management. Must possess one or more of the following certifications: CISSP, CASP+, CRISC, CISA. Healthcare experience is highly desirable. Must have a functional understanding of federal/state regulations and compliance mandates, including but not limited to HIPAA, HITRUST, SOC, and other regulatory audits. MITRE ATT&CK experience in building threat detections, performing threat hunting and/or conducting incident response. Familiarity with enterprise logging technologies such as Splunk. Must have Business Continuity Plan and Disaster Recovery planning and testing experience. Five years minimum with below technologies or areas: Network Security: IDS/IPS, NGFW, NGAV Operating Systems: Windows, Linux, mac OS. Security: EDR/XDR, SIEMs, Data Loss and Prevention (DLP), Vulnerability Scanning and Assessment tools.

Hello Heart is on a mission to change the way people care for their hearts. The company provides the first app and connected heart monitor to help people track and manage their heart health. With Hello Heart, users take steps to control their risk of heart attacks and stroke - the leading cause of death in the United States. Peer-reviewed studies have shown that high-risk users of Hello Heart have seen meaningful drops in blood pressure, cholesterol and even weight. Recognized as the digital leader in preventive heart health, Hello Heart is trusted by more than 130 leading Fortune 500 and government employers, national health plans, and labor organizations. Founded in 2013, Hello Heart has raised more than $138 million from top venture firms and is a best-in-class solution on the American Heart Association's Innovators' Network and CVS Health Point Solutions Management platform. Visit ****************** for more information. About the Role We are seeking a Cyber Security Analyst to strengthen our security operations and compliance posture. Reporting into our Information Security Officer, you will play a key role in protecting sensitive data, ensuring regulatory compliance, and supporting the secure adoption of new technologies such as AI. You will work cross-functionally with IT, Engineering, Compliance, and HR to build and maintain secure, resilient processes across the organization. Responsibilities Support secure access lifecycle processes, including provisioning, deprovisioning, role-based access, and MFA/SSO management Conduct periodic access reviews and ensure identity data quality Perform vulnerability scans across systems and applications, track remediation progress, and partner with teams to prioritize risk-based fixes Assist with security assessments of cloud systems and applications, aligning with HIPAA, HITECH, NIST, and HITRUST frameworks Support internal and external audit preparation and execution Enforce encryption, access controls, and data loss prevention strategies for sensitive data Conduct third-party vendor risk assessments and oversee remediation efforts Support secure adoption of AI tools by monitoring for risks such as data leakage and prompt injection, establishing governance guardrails, and delivering awareness training Participate in endpoint security monitoring, disaster recovery exercises, tabletop simulations, and awareness training initiatives Contribute to ongoing security operations, risk management efforts, and special security projects Qualifications 3+ years of experience in IAM, IAM operations, or security analyst roles (healthcare technology or other regulated environments preferred) Hands-on experience with identity platforms such as Okta, Azure AD, or Google IdP, plus SCIM, SAML/OIDC/OAuth, directory services, group policy, and conditional access Experience with vulnerability management platforms (Tenable, Qualys, Rapid7, AWS Inspect, Kandji) and patch orchestration workflows Working knowledge of HIPAA, HITECH, NIST CSF/800-66, and CIS Controls (familiarity with HITRUST CSF is a plus) Knowledge of cloud security basics (AWS, Azure, GCP), least-privilege IAM, and networking fundamentals (TCP/IP, DNS, HTTP, VPN, segmentation) Familiarity with endpoint security solutions (CrowdStrike Falcon, Cynet, SentinelOne) and DLP tools Familiarity with GenAI, keeping up to date with innovative security programs and artificial intelligence systems Proactive communication and documentation skills, with the ability to collaborate across technical and non-technical teams globally The US base salary range for this full-time position is $130,000.00 to $145,000.00. Salary ranges are determined by role and level. Compensation is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the salary only, and do not include equity or benefits. #LI-DNP Hello Heart has a positive, diverse, and supportive culture - we look for people who are collaborative, creative, and courageous. Oh, and if you want to see some recent evidence of the fun things we do at Hello Heart, check out our Instagram page.

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. WHOOP is seeking a Senior Information Security Engineer to serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users' biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies. RESPONSIBILITIES: Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness. Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role. Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements. Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling. Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance. Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance. Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows. Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization. Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies. Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes. QUALIFICATIONS: Bachelor's degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.). 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity. Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG). Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools. Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems. Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices. Demonstrated leadership in security incident response, investigations, and root cause analysis. Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences. Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment. Experience mentoring engineers and setting operational standards. Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws) is a plus. Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success. The U.S. base salary range for this full-time position is $150,000 - $190,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements. Learn more about WHOOP.

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. WHOOP is seeking a Senior Information Security Engineer to serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users' biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies. RESPONSIBILITIES: * Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness. * Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role. * Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements. * Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling. * Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance. * Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance. * Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows. * Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization. * Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies. * Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes. QUALIFICATIONS: * Bachelor's degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.). * 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity. * Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG). * Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools. * Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems. * Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices. * Demonstrated leadership in security incident response, investigations, and root cause analysis. * Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences. * Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment. * Experience mentoring engineers and setting operational standards. * Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws) is a plus. Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success. The U.S. base salary range for this full-time position is $150,000 - $190,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements. Learn more about WHOOP.

**NATIONAL LEADERS IN PEDIATRIC CARE** Ranked among the top 10 pediatric hospitals in the nation, Children's Hospital Los Angeles (CHLA) provides the best care for kids in California. Here world-class experts in medicine, education and research work together to deliver family-centered care half a million times each year. From primary to complex critical care, more than 350 programs and services are offered, each one specially designed for children. The CHLA of the future is brighter than can be imagined. Investments in technology, research and innovation will create care that is personal, convenient and empowering. Our scientists will work with clinical experts to take laboratory discoveries and create treatments that are a perfect match for every patient. And together, CHLA team members will turn health care into health transformation. Join a hospital where the work you do will matter-to you, to your colleagues, and above all, to our patients and families. The work will be challenging, but always rewarding. **It's Work That Matters.** **Overview** **PLEASE NOTE: This is a remote position. In accordance with CHLA policy, candidates must establish primary residency in California prior to their start date.** **Purpose Statement/Position Summary:** The Information Security Analyst II is responsible for monitoring and addressing information security alerts, improving detection and response capabilities, and participating in efforts to streamline processes and improve efficiency. They will also be responsible for conducting security training and awareness campaigns, reporting on results, and conducting remedial training. The analyst will contribute to information security policies and standards as they are developed and maintained, in accordance with NIST CSF and HIPAA. They will be a mentor for Information Security Analyst I and peers. **Minimum Qualifications/Work Experience:** _Required:_ 5 years of progressive experience in computing and information security, including experience with information security operations, utilization of multiple security tools to conduct investigations, and security training, preferably in a healthcare environment. · Management of information security tools. · Knowledge of vulnerability resolution. · Skills in risk analysis and hands-on issue resolution. · General awareness of NIST CSF and HIPAA security rule. · Experience analyzing security incidents utilizing multiple security tools for discovery. · Strong analytical and problem-solving skills **Education/Licensure/Certification:** _Required:_ Associate degree in a related field or equivalent combination of education and experience may be considered. **Certifications in two of the following required:** · ISACA · CompTIA · EC-Council · Azure Security · AWS Security · Cisco · (ISC)² · GIAC **Pay Scale Information** $75,712.00-$124,384.00 CHLA values the contribution each Team Member brings to our organization. Final determination of a successful candidate's starting pay will vary based on a number of factors, including, but not limited to education and experience within the job or the industry. The pay scale listed for this position is generally for candidates that meet the specified qualifications and requirements listed on this specific job description. Additional pay may be determined for those candidates that exceed these specified qualifications and requirements. We provide a competitive compensation package that recognizes your experience, credentials, and education alongside a robust benefits program to meet your needs. CHLA looks forward to introducing you to our world-class organization where we create hope and build healthier futures. Children's Hospital Los Angeles (CHLA) is a leader in pediatric and adolescent health both here and across the globe. As a premier Magnet teaching hospital, you'll find an environment that's alive with learning, rooted in care and compassion, and home to thought leadership and unwavering support. CHLA is dedicated to creating hope and building healthier futures - for our patients, as well as for you and your career! CHLA has been affiliated with the Keck School of Medicine of the University of Southern California since 1932. At Children's Hospital Los Angeles, our work matters. And so do each and every one of our valued team members. CHLA is an Equal Employment Opportunity employer. We consider qualified applicants for all positions without regard to race, color, religion, creed, national origin, sex, gender identity, age, physical or mental disability, sexual orientation, marital status, veteran or military status, genetic information or any other legally protected basis under federal, state or local laws, regulations or ordinances. We will also consider for employment qualified applicants with criminal history, in a manner consistent with the requirements of state and local laws, including the LA City Fair Chance Ordinance and SF Fair Chance Ordinance. Qualified Applicants with disabilities are entitled to reasonable accommodation under the California Fair Employment and Housing Act and the Americans with Disabilities Act. Please contact CHLA Human Resources if you need assistance completing the application process. Our various experiences, perspectives and backgrounds allow us to better serve our patients and create a strong community at CHLA. Information Security

NATIONAL LEADERS IN PEDIATRIC CARE Ranked among the top 10 pediatric hospitals in the nation, Children's Hospital Los Angeles (CHLA) provides the best care for kids in California. Here world-class experts in medicine, education and research work together to deliver family-centered care half a million times each year. From primary to complex critical care, more than 350 programs and services are offered, each one specially designed for children. The CHLA of the future is brighter than can be imagined. Investments in technology, research and innovation will create care that is personal, convenient and empowering. Our scientists will work with clinical experts to take laboratory discoveries and create treatments that are a perfect match for every patient. And together, CHLA team members will turn health care into health transformation. Join a hospital where the work you do will matter-to you, to your colleagues, and above all, to our patients and families. The work will be challenging, but always rewarding. It's Work That Matters. Overview PLEASE NOTE: This is a remote position. In accordance with CHLA policy, candidates must establish primary residency in California prior to their start date. Purpose Statement/Position Summary: The Information Security Analyst II is responsible for monitoring and addressing information security alerts, improving detection and response capabilities, and participating in efforts to streamline processes and improve efficiency. They will also be responsible for conducting security training and awareness campaigns, reporting on results, and conducting remedial training. The analyst will contribute to information security policies and standards as they are developed and maintained, in accordance with NIST CSF and HIPAA. They will be a mentor for Information Security Analyst I and peers. Minimum Qualifications/Work Experience: Required: 5 years of progressive experience in computing and information security, including experience with information security operations, utilization of multiple security tools to conduct investigations, and security training, preferably in a healthcare environment. * Management of information security tools. * Knowledge of vulnerability resolution. * Skills in risk analysis and hands-on issue resolution. * General awareness of NIST CSF and HIPAA security rule. * Experience analyzing security incidents utilizing multiple security tools for discovery. * Strong analytical and problem-solving skills Education/Licensure/Certification: Required: Associate degree in a related field or equivalent combination of education and experience may be considered. Certifications in two of the following required: * ISACA * CompTIA * EC-Council * Azure Security * AWS Security * Cisco * (ISC)² * GIAC Pay Scale Information $75,712.00-$124,384.00 CHLA values the contribution each Team Member brings to our organization. Final determination of a successful candidate's starting pay will vary based on a number of factors, including, but not limited to education and experience within the job or the industry. The pay scale listed for this position is generally for candidates that meet the specified qualifications and requirements listed on this specific job description. Additional pay may be determined for those candidates that exceed these specified qualifications and requirements. We provide a competitive compensation package that recognizes your experience, credentials, and education alongside a robust benefits program to meet your needs. CHLA looks forward to introducing you to our world-class organization where we create hope and build healthier futures. Children's Hospital Los Angeles (CHLA) is a leader in pediatric and adolescent health both here and across the globe. As a premier Magnet teaching hospital, you'll find an environment that's alive with learning, rooted in care and compassion, and home to thought leadership and unwavering support. CHLA is dedicated to creating hope and building healthier futures - for our patients, as well as for you and your career! CHLA has been affiliated with the Keck School of Medicine of the University of Southern California since 1932. At Children's Hospital Los Angeles, our work matters. And so do each and every one of our valued team members. CHLA is an Equal Employment Opportunity employer. We consider qualified applicants for all positions without regard to race, color, religion, creed, national origin, sex, gender identity, age, physical or mental disability, sexual orientation, marital status, veteran or military status, genetic information or any other legally protected basis under federal, state or local laws, regulations or ordinances. We will also consider for employment qualified applicants with criminal history, in a manner consistent with the requirements of state and local laws, including the LA City Fair Chance Ordinance and SF Fair Chance Ordinance. Qualified Applicants with disabilities are entitled to reasonable accommodation under the California Fair Employment and Housing Act and the Americans with Disabilities Act. Please contact CHLA Human Resources if you need assistance completing the application process. Our various experiences, perspectives and backgrounds allow us to better serve our patients and create a strong community at CHLA. Information Security

Are you a hands-on security leader ready to make a measurable impact in a mission-driven organization? We're looking for a Director of Information Security to lead and scale our security operations, incident response, and engineering efforts. In this role, you'll oversee our security ecosystem - from real-time monitoring to proactive threat hunting - and help shape the future of enterprise security at a growing company. This is a highly collaborative position where you'll work cross-functionally with teams across the business to protect our information assets, infrastructure, and services - especially within a SaaS and life sciences environment. What will you do? Shape and drive the enterprise security operations strategy in alignment with broader company goals. Serve as a trusted advisor to senior leadership on all things security. Manage our Security Operations Center (SOC), ensuring rapid incident detection, triage, and response. Oversee threat intelligence, vulnerability management, and operational risk mitigation initiatives. Partner with IT and engineering teams to deploy, tune, and optimize tools like SIEM, SOAR, EDR, and DLP. Implement automation and integrations that improve speed and efficiency. Lead cyber incident response efforts and continuously test and improve our disaster recovery and response plans. Coordinate cross-functional teams (e.g., Legal, HR, Communications) during major security events. Lead, mentor, and grow a high-performing team of security and infrastructure professionals. Support the development of a resilient, inclusive, and learning-driven culture across the department. Align programs with regulatory standards (HIPAA, SOX, GDPR, PCI-DSS) and frameworks (NIST, MITRE ATT&CK). Support audits and ensure documentation is ready and accurate. How will you get there? Bachelor's degree in Computer Science, Information Security, or related field (Master's a plus). 12+ years of relevant experience, including 4+ years leading teams in complex enterprise environments. Hands-on expertise in SOC management, incident response, and threat intelligence. Experience in the Medical Device, Life Sciences, or highly regulated industries preferred. Professional certifications such as CISSP, CISM, GIAC, or CEH. Proficiency with security tools including SIEM, EDR, SOAR, IDS/IPS, and vulnerability management platforms. Strong knowledge of cloud (AWS, Azure, GCP), Windows/Linux systems, and network protocols. Familiarity with security frameworks and standards (NIST, MITRE, ISO 27001). Proven ability to build, lead, and retain high-performing technical teams. A proactive, solutions-oriented mindset with excellent communication and collaboration skills. #GKOSUS

Interested in a career with both meaning and growth? Whether your abilities are in direct patient care or one of the many other areas of healthcare administration and support, everyone at Parkland works together to fulfill our mission: the health and well-being of individuals and communities entrusted to our care. By joining Parkland, you become part of a diverse healthcare legacy that's served our community for more than 125 years. Put your skills to work with us, seek opportunities to learn and join a talented team where patient care is more than a job. It's our passion. Primary Purpose The primary responsibility of this position is to ensure the confidentiality, availability and integrity of Parkland's data, computer systems and network devices by recommending, implementing and utilizing security defense systems to reduce the opportunity of cyber attacks. Minimum Specifications Education Must have a Bachelors degree in Management Information Systems. Experience Must have six years of experience in an information systems security domain with a background in mobile device security, endpoint protection, wireless protection, vulnerability management, incident response and mitigation, threat research and cyber intelligence analysis or other cyber security domain. Equivalent Education and/or Experience May have an equivalent combination of education and experience to substitute for both the education and the experience requirements. Certification/Registration/Licensure Must have a current CompTIA Security+ Certification or equivalent in industry certification, background and knowledge within 6 months of placement into the position. CISSP Preferred. Required Tests for Placement Skills or Special Abilities Knowledge of NIST, HITRUST, PCI, HIPAA Security Rule and associated common security frameworks Professional experience in a system administration role supporting multiple platforms and applications Must have the ability to perform complex research in order to determine industry standard products and solutions in response to security requirements Must have the ability to develop project plans, organize and monitor tasks, and be able to produce quality results in a timely manner. Must be able to perform technical risk assessments and implement corrective actions regarding the safeguarding of information systems. Must be able to independently implement and maintain complex information security tools and provide guidance to other technical staff on proper use of the tools. Must have superior writing skills and the ability to communicate effectively. Working knowledge of design, implementation, and maintenance of: Local area networks, Microsoft Active Directory / GPO, Data Loss Prevention, Encryption Technologies, Intrusion Detection Systems, Intrusion Prevention Virtual Private Network, Linux Operating Systems, Windows Operating Systems, Communication Protocols, Multi-factor authentication, Cloud Access Security Broker, Endpoint Detection and Response Technologies, Security Information and Event Management Tools Must have advanced working knowledge of network and vulnerability assessments, malware analysis, threat intelligence and vulnerability management. Must be able to listen and communicate effectively with executive level staff and leadership teams. Direct experience with anti-virus software, intrusion detection, firewalls and content filtering Experience with hacker techniques and network security principles. Responsibilities 1. Research and investigate the potential impact of new threats and exploits. Conducts log analysis and other network forensic investigations. 2. Identify, design and execute security projects that improve detection and response capabilities. 3. Collect threat intelligence and automate systems to consume threat feeds and track adversaries. 4. Develop alerting and detection strategies to investigate any unusual behavior. 5. Conduct various network security scans and penetration tests to detect cybersecurity threats and identify weaknesses that may be exploited by malicious parties. 6. Solely performs implementation analysis and technical risk assessments on systems to ensure conformity to current security standards and operational support requirements are being met. 7. Manages on-time delivery of assigned tasks against existing plans and schedules. 8. Design, implement and support Information Security tools and infrastructure systems maintained by the Parkland Information Security Organization. Examples of such tools are web filtering technology, IDS/IPS appliances, SIEM tools, anti-spam/antivirus systems, data leakage appliances, content screening servers, VPN systems and firewalls. 9. Maintains knowledge of applicable rules, regulations, policies, laws and guidelines that impact Parkland. Participates in the creation of effective security controls designed to promote adherence with applicable laws and accreditation agency requirements. Seeks advice and guidance as needed to ensure proper understanding. 10. Stays abreast of new developments in the field of technology and security by attending seminars/workshops, reading professional journals, and actively participating in professional organizations. Integrates knowledge gained into current work practices. #LI-SS2 Parkland Health and Hospital System prohibits discrimination based on age (40 or over), race, color, religion, sex (including pregnancy), sexual orientation, gender identity, gender expression, genetic information, disability, national origin, marital status, political belief, or veteran status. As part of our commitment to our patients and employees' wellness, Parkland Health is a tobacco and smoke-free campus. Nearest Major Market: Dallas Nearest Secondary Market: Fort Worth Job Segment: Healthcare Administration, Patient Care, Healthcare

Evolus is a performance beauty company with a customer-centric approach focused on delivering breakthrough products. We are seeking an experienced and driven Chief Commercial Officer to join our executive team reporting to our Chief Executive Officer. The Chief Commercial Officer (CCO) drives the commercial vision for Evolus, leading bold, consumer-forward strategies to accelerate growth and redefine the aesthetics experience. This executive role leads revenue-generating functions, including sales, marketing, and commercial operations, with a deep focus on building Evolus brand loyalty among healthcare professionals and end-consumers. The CCO will drive market expansion, customer acquisition, and product adoption through innovative, compliant, and patient-centric strategies. As part of our leadership team, you will play a pivotal role in shaping and executing solutions to some of our most strategic opportunities and challenges-within a culture that prioritizes growth, recognizes performance, and fosters trusted collaboration! In this role, you will be challenged to drive the success of Evolus in an effort to build a brand like no other. Essential duties and responsibilities where you'll make the biggest impact… * Commercial Strategy & Leadership * Define and lead the company's commercial strategy across the US and International channels * Align sales and marketing plans with the company's mission to provide high-quality portfolio of aesthetic solutions * Act as a key member of the executive leadership team, contributing to company direction, funding strategy, and operational alignment * Sales Leadership * In partnership with the SVP, Sales the CCO will manage and scale a high-performance global sales organization targeting dermatologists, plastic surgeons, med spas, and other aesthetic healthcare providers * Consistently analyze sales data and market information to drive new programs to increase share and lead the team to meet strategic, tactical, and financial commitments * Establish a customer-first culture with a focus on education, consultative selling, and long-term relationships * Drive expansion into new geographies and practices while supporting sales representatives with tools, training, and analytics * Provide strategic direction and guidance to commercial leaders and cross-functional leadership * Marketing Leadership (HCP and DTC) * Oversee all facets of marketing, including: * Healthcare Provider (HCP) Marketing: KOL strategy, medical education, in-office support materials, clinical data promotion, and presence * Direct-to-Consumer (DTC) Marketing: Branding, digital media, influencer strategy, patient awareness campaigns, and conversion tools * Medical Education: Evolus Academy and all promotional customer training * Creative Function: Full branding and creative capabilities housed under Evolus head of creative * Champion patient-centric messaging and ensure alignment across customer touchpoints * Oversee development and execution of cohesive annual marketing plans that drive revenue, including professional and consumer loyalty programs, sales promotions, new account acquisition strategies, product branding, creative, co-branded marketing/DTC campaigns, social and digital media * Establish the Marketing team goals, tactical plans, market research / analytics plans, program effectiveness and campaign ROI to drive constant improvement and revenue attainment * Lead competitive strategies to protect and grow existing customer base * Amplify Evolus' co-branded DTC marketing strategy to turn flagship product into a high-profile consumer brand * Build, manage and coach high-performing marketing team comprised of HCP and consumer marketers * Maintain leadership within industry with customers, associations, and other stakeholders * Commercial Operations & Excellence * Lead forecasting, CRM optimization, sales enablement tools, and performance analytics * Optimize pricing strategies, promotional programs, and loyalty initiatives (e.g., consumer rewards or provider incentives) * Ensure compliance with all healthcare marketing and promotional regulations, including FDA, FTC, and HIPAA * Cross-Functional Collaboration * Collaborate closely with Regulatory, Medical Affairs, Clinical, and Product Development teams to align commercial efforts with scientific innovation and safety standards * Translate customer and market insights into actionable feedback loops for product improvements and pipeline planning * Office Location - Newport Beach (hybrid onsite Tuesday, Wednesday and Thursday) * Up to 50% travel * Other duties as assigned Qualifications and Skills You'll Bring to the Team… * Bachelor's degree required * 15+ years of progressive commercial leadership experience in medical aesthetics, dermatology, injectables, or closely related healthcare verticals * Proven track record of leading successful aesthetic product launches and scaling revenue through both HCP and consumer channels * Deep understanding of the aesthetics customer journey (both provider and patient) and the unique dynamics of elective medical procedures * Familiarity with FDA marketing regulations, anti-kickback statutes, and industry compliance standards * Experience in aesthetics, beauty or consumer products with digital marketing, and brand building * Energized by building, innovating, and executing what's next * A proven leader able to coach, grow and engage teams * A creative thinker with a disciplined approach to execution * Organized and able to multitask to effectively manage competing priorities * A highly effective communicator and influencer Preferred Qualifications… * MBA or advanced degree in healthcare/business preferred * Experience in aesthetics, highly preferred * Prior experience working with company Board of Directors Success Metrics (KPIs) * Revenue growth across core and new aesthetic products * HCP adoption rate and sales rep performance * Patient engagement and campaign conversion metrics * Brand equity and market share in the aesthetics category * Commercial team retention and productivity * Compliance audit outcomes and regulatory standing Compensation & Total Rewards This is an Exempt position. Your base salary will be determined on a case-by-case basis and may vary based on a number of considerations including but not limited to role-relevant knowledge and skills, experience, education, geographic location, certifications, and more. You are eligible for an annual bonus compensation plan, terms and conditions apply. We offer more than just a paycheck, and your base salary is just the start! Stay happy and healthy with our competitive suite of medical, dental and vision benefits to help you feel your best and be your best. We also provide those benefits you shouldn't have to worry about, from employer covered life insurance to short-term disability. Take advantage of the 401k match offered by Evolus and let us invest in your future. You may also be eligible for new hire equity and long-term incentives in the form of RSUs, stock options, and/or discretionary bonuses. We offer mental health and wellbeing resources for you to develop skills to find your calm, boost your confidence, and show up as your best self in work and life. Travel or relax and come back feeling refreshed with our flexible paid time off program for exempt employees and a paid time off accrual plan for non-exempt employees. Did we mention the holiday soft closure between the Christmas and New Years holidays? We have that, too. Additional perks include regularly catered team meals at our Evolus Headquarters, a fully stocked kitchen (Kombucha & Coffee included), and the opportunity to join an organization where our values of Grit, Impact, Fun, and Transparency are displayed daily. Evolus takes pride in being a company on the forefront of innovation, while being committed to conducting its business with the highest degrees of integrity, professionalism, and social responsibility. We are also committed to complying with all laws and regulations that apply to our business. Employee welfare is no different. Here at Evolus, we don't just work together, we've built a culture of inclusion! Because of this, you'll find yourself immersed in an environment that not only promotes respect, collaboration and team building, but a community too. And that's just the tip of the iceberg. Join our team and see for yourself! EOE M/F/D/V. For more information, please visit our website at ************** or reach out to ******************. #LI-PB1 #LI-ONSITE

WORK ENVIRONMENT When you join our team, you'll experience the flexibility, autonomy, trust, and collaboration we believe creates a safe, innovative, and thriving environment. After all, we[re hiring you not only for the skills and experiences you possess today, but also where you'll grow tomorrow. * Collaborative environment * Continuous Learning education and conference allocation * Business casual dress code RESPONSIBILITIES You'll primarily work with various information security-related technologies as we solve some of the biggest challenges facing the organizations we serve. You will be extected to approach technical decisions pragmatically to ensure the value of the work is the top priority. You'll demonstrate a strong aptitude for learning new skills as well as sharing and teaching your area of expertise. You'll plany an integral role in impacting team culture, practice, and engagement. * Serve as lead for Legislature-wide information security initiatives * Implement and operate security tools, working closely with Legislative IT teams to ensure timely remediation of vulnerabilities and exposures * Collaborate with other LIS engineers to ensure operational excellence * Create configuration and troubleshooting documentation * Contribute to troubleshooting and technical support QUALIFICATIONS Human Skills: * Strong Communication Skills - written, verbal, listening, and questioning - ability to explain security concepts to both technical and non-technical audiences * Problem Solver - understanding the problem, rather than just executing a task * Self-starter, initiative, drive, willingness to engage in improving the team * Continuous learning mindset - stay updated on the latest security risks and best practices * Collaborative - building partnerships with LIS Engineering teams and Legislative agencies * Passionate about advocating for improving security practices across the organization * Able to work with business systems owners to identify critical assets, security posture Technical skills: Experience with enterprise networks, IDS/IPS, firewalls, and network security. * NAC, identity management, authentication, and access management controls * Implementing hardening techniques for Windows, Linux, and mobile devices * Identifying, assessing, and mitigating vulnerabilities in applications and networks * Analyzing security logs to identify malicious activity and potential threats * Detecting, analyzing, containing, and recovering from security incidents * Experience configuring and using SIEM solutions * In-depth understanding of cloud security policies and implement them in an organization * Ability to build security policies and implement them in an organization * Certifications desired: CISSP or SSCP

San Francisco is a vibrant and dynamic city, on the forefront of economic growth & innovation, urban development, arts & entertainment, as well as social issues & change. This rich tapestry of culture and ideas is sustained by our City's commitment to heighten the quality of life for the diverse population of San Franciscans and residents of the greater Bay Area. Our employees play an important role not only in making our City what it is today, but also in shaping the future of San Francisco. Application Opening: 5/25/2022 Application Reposted: 11/06/2023* *Announcement reposted to reflect changes in the minimum qualifications. Application Deadline: Continuous How to Apply: Applications for Senior Information Systems Engineer - Applications Specialty are only accepted through an online process. Visit ************************************* to begin the application process. Select “Apply Now” at the top of the job ad and follow instructions on the screen. Applicants may be contacted by email about this announcement and, therefore, it is their responsibility to ensure that their registered email address is accurate and kept up-to-date. Also, applicants must ensure that email from CCSF is not blocked on their computer by a spam filter. To prevent blocking, applicants should set up their email to accept CCSF mail from the following addresses (@sfgov.org, @sfdpw.org, @sfport.com, @flysfo.com, @sfwater.org, @sfdph.org, @asianart.org, @sfmta.com, @sfpl.org, @dcyf.org, @first5sf.org). Applicants will receive a confirmation email that their online application has been received in response to every announcement for which they file. Applicants should retain this confirmation email for their records. Failure to receive this email means that the online application was not submitted or received. Job Description Under general supervision, assists in analyzing, planning, implementing, maintaining, troubleshooting and enhancing large complex systems or networks consisting of a combination that may include mainframes, mini-computers, LANS, WANs and the physical and logical components that integrate these systems together as an enterprise networking backbone. The 1043 Senior Applications Engineer is the advanced journey level in the Engineer series. The class is distinguished from the journey level by the complexity and size of the systems or network supported. It is also distinguished from the Journey level by the amount of discretion exercised over technical issues, problems and resolutions, and that it possesses a significant level of specialized technical and functional expertise beyond that expected at the Journey level. This level is distinguished from the Principal level in that Senior level exercises no or limited supervisory responsibilities or the lower technical leadership displayed. Positions at this level require highly specialized knowledge, abilities, skills and experience and often exercise independent judgement in the performance of their duties. The Senior level formulates recommendations consistent with directives, policies, standards and regulations. Work is judged primarily on overall results with great latitude in determining work methods and assignment requirements. The Senior has greater authority over assignments and decisions required to complete the work than lower-level classifications. Serves as a senior technical architect and systems integrator for large complex systems or networks. Essential Duties: 1. Leads in the configuration, maintenance, enhancement and support of commercial software packages, internally developed applications and web services. 2. Leads in the customization and addition of new features to commercial software packages and internally developed applications according to end user requests. 3. Leads the maintenance of day-to-day operations of various applications. 4. Leads in designing and building new applications based on customer's requirements and specifications. 5. Writes and performs tests for applications, fixes problems as they arise and assists with product launches. 6. Provides technical support and troubleshoots problems related to applications. 7. Writes technical documentation and uses best development practices regarding version control and testing. 8. Performs software upgrades and keeps track of software licensing. 9. Assists with managing vender relationships including scoping of application services and review of deliverables. *This position may include additional duties as assigned.* Qualifications These minimum qualifications establish the education, training, experience, special skills and/or license(s) which are required for employment in the classification. Education : An associate degree in computer science, computer engineering, information systems, or a closely-related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in one of the fields above or a closely-related field]. Experience: Three (3) years of experience analyzing, installing, configuring, enhancing and/or maintaining the components of an enterprise network. Substitution : Additional experience as described above may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in one of the fields above or a closely-related field. Completion of the 1010 Information Systems Trainee Program may be substituted for the required degree. Verification : Applicants may be required to submit verification of qualifying education and experience at any point during the recruitment and selection process. If education verification is required, you must provide a copy of your diploma showing major or transcripts showing coursework completed. Information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at ************************************************** . If experience verification is required, you must submit a letter from your employer on the employer's business letterhead stating your name, job title(s), dates of service in complete form (mm/dd/yy), a detailed description of duties performed and the verification letter must be signed by the employer or appropriate designee, such as a Human Resources Representative. Performance evaluations showing duties performed and dates of employment may also be submitted as verification documentation. Resumes are NOT verification. All work experience, education, training and other information substantiating how you meet the minimum qualifications must be included on your application by the filing deadline. Information submitted after the filing deadline will not be considered in determining whether you meet the minimum qualifications. Resumes will not be accepted in lieu of a completed City and County of San Francisco application. Applications completed improperly may be cause for ineligibility, disqualification or may lead to lower scores. Note : Any applicant whose application is deemed not qualified may reapply after 1 month upon successfully meeting the minimum qualifications for the given specialty area. Note : Falsifying one's education, training or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco. Additional Department Specific Requirements Positions with the San Francisco Airport Transportation Security Administration (TSA) Security Clearance: Candidates for employment with the San Francisco Airport Commission are required to provide a complete employment history for the past ten (10) years and an explanation of all gaps in employment during that period. The past ten (10) years of the candidate's employment will be verified. In addition, candidates will be required to undergo a criminal history check, including FBI fingerprints, in order to determine eligibility for security clearance and may be required to undergo drug/alcohol screening. Per Civil Service Commission Rule Section 110.9.1, every applicant for an examination must possess and maintain the qualifications required by law and by the examination announcement for the examination. Failure to obtain and maintain security clearance may be basis for termination from employment with the Airport Commission. Customs Clearance: This position with the San Francisco Airport Commission requires that the incumbent be qualified for unescorted access to the San Francisco International Airport U.S. Customs Security Area. An application for a U.S. Custom Access Seal may be submitted to Customs ONLY after employment has commenced. Employment in this position requires that the incumbent submit an application for, successfully acquire and maintain a Customs Access Seal. Per Civil Service Commission Rule 110.9.1, every applicant must possess and maintain the qualifications required by law and by the examination announcement for this examination. Failure to acquire or maintain customs access, a requirement for this position, may be basis for termination from employment with the Airport Commission. Customs Access Seal requirements and procedures are located in the Code of Federal Regulations, Title 19, Part 122, Sections 181 or 189. Positions with the Sherriff's Department Security clearance issued by the Sheriff's Department is required prior to appointment of positions with Jail Health Services and must be maintained for continued employment. Failure to demonstrate/show proof of security clearance may result in dismissal and/or termination of employment. Positions with the Port Positions with the San Francisco Port Commission require that incumbents are able to obtain a Transportation Worker Identification Credential (TWIC) certificate as a condition of employment. Additionally, candidates must be insurable under the Port's automobile liability insurance policy. Insurability must be maintained throughout employment. Additional Information Supplemental Questionnaire: Applicants are required to complete a Supplemental Questionnaire as part of the online application process. The purpose of the Supplemental Questionnaire is to allow candidates to self-certify their qualifications for the position. Applicants must also complete the official application. Tech Engineer - Applications Core Exam (Weight: 100%): Candidates self-certifying meeting the Minimum Qualifications will be invited to participate in the online Tech Engineer - Applications Core Exam. Candidates will be sent a web link via email that will allow them to take the online Tech Engineer - Applications Core Exam that is designed to measure basic analytical and technical abilities associated with the target job, which may include but not be limited to: • Ability to develop web apps using programming tools (e.g., Drupal) • Ability to troubleshoot problems • Analytical thinking • Knowledge of the functions of the hardware & software components that comprise application systems • Knowledge of analysis and evaluation techniques to design, implement & troubleshoot systems • Knowledge of standard database platforms (e.g., SQL) • Ability to identify complex problems and implement solutions with minimal disruption This computer-administered test can be taken at home or at a time and location of one's convenience, but only within a two-week period specified on the test notification. Candidates must have access to a computer and reliable internet connection to participate in this exam. The test consists of 25 questions and it must be completed within 60 minutes. Questions are presented one at a time on the computer screen. There is no penalty for guessing. Candidates may not return to questions presented earlier in the exam; they can only move forward. A passing score must be attained on this test in order to continue further in the selection process. Test questions and answers are not available for public inspection or review. Note: A passing score must be achieved on all examination components in order to be placed on the Eligible List. The hiring department may administer additional position-specific procedures to make final hiring decisions. Achieving a passing score in one class does not guarantee placement on eligible lists for the other classes. You must apply to each class for which you would like to be considered. There are different exams for each of the SF Civic Tech specialty areas (Applications, Networks, Security and Systems), and each class (1041, 1042, 1043 and 1044) has a different passing score for each exam. Candidates' scores on the Tech Engineer - Applications Core Exam may also be applied to other announcements involving other job titles, when directed by the Human Resources Director. Score Banking: Scores attained on the Tech Engineer - Applications Core Exam will be 'banked' for three years, starting from the date of the examination. This means that, during this three-year time period, candidates need not take this test again. Rather, if another announcement you applied to and are deemed qualified for requires the Tech Engineer - Applications Core Exam and is held within one year of your Tech Engineer - Applications Core Exam date your score will be automatically applied to that announcement. However, after one year, a candidate has the option to either (a) apply their test score to the other announcement or (b) re-take the test. Re-testing is permitted no sooner than one year from the date of the test and only in association with a candidate's eligibility for another announcement to which the candidate has applied and is deemed qualified. If a candidate opts to re-test, the re-test score becomes the candidate's official score since it is the most recent. If a significant modification is made to this exam in the future, the application of “banked” scores may no longer be appropriate. In such a rare circumstance, candidates with “banked” scores would be required to re-take the exam sooner than the three-year period specified above should they apply to another job opportunity where the modified exam is used. Eligible List/Score Report: A confidential eligible list of applicant names that have passed the civil service examination process will be created, and used for certification purposes only. An examination score report will be established, so applicants can view the ranks, final scores and number of eligible candidates. Applicant information, including names of applicants on the eligible list, shall not be made public unless required by law. However, an eligible list shall be made available for public inspection, upon request, once the eligible list is exhausted or expired and referrals resolved. The eligible list/score report resulting from this civil service examination process is subject to change after adoption (e.g., as a result of appeals), as directed by the Human Resources Director or the Civil Service Commission. Upon passing the exam, candidates will be placed on the eligible list for a period of 12 months. To find Departments which use this classification, please see ************************************************************************************************************************** . Certification: The certification rule for the eligible list resulting from this examination will be Rule of the List. Additional selection processes may be conducted by the hiring department prior to making final hiring decisions. Additional Information Regarding Employment with the City and County of San Francisco Information About The Hiring Process Conviction History Employee Benefits Overview Equal Employment Opportunity Disaster Service Worker ADA Accommodation Veterans Preference Seniority Credit in Promotional Exams Right to Work Copies of Application Documents Diversity Statement Terms of Announcement and Appeal Rights: Applicants must be guided solely by the provisions of this announcement, including requirements, time periods and other particulars, except when superseded by federal, state or local laws, rules or regulations. [Note: The correction of clerical errors in an announcement may be posted on the City's Career website at *********************** . The terms of this announcement may be appealed under Civil Service Rule 110.4. Such appeals must be submitted in writing to the Department of Human Resources, 1 S Van Ness Avenue, 4th Floor, San Francisco, CA 94103-5413 by close of business on the 5th business day following the issuance date of this examination announcement. Information concerning other Civil Service Commission Rules involving announcements, applications and examination policies, including applicant appeal rights, can be found on the Civil Service Commission website at *********************************** . The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.

We're not just a workplace - we're a Great Place to Work certified employer! Proudly certified as a Great Place to Work, we are dedicated to creating a supportive and inclusive environment. At Sonic Healthcare USA, we emphasize teamwork and innovation. Check out our job openings and advance your career with a company that values its team members! Position Summary The Information Security GRC Specialist supports Sonic Healthcare USA's Cybersecurity program by implementing and maintaining governance, risk, and compliance (GRC) practices that protect sensitive data and ensure regulatory alignment. This role leads internal audits, risk assessments, and policy development efforts, while serving as a technical resource across departments and external partners. The ideal candidate brings a strategic mindset, strong working knowledge of security frameworks, and a collaborative approach to problem-solving. Key Responsibilities Implement and monitor security controls aligned with HIPAA, ISO27001:2022, and NIST CSF Conduct internal and third-party risk assessments; support remediation and audit readiness Develop and maintain cybersecurity policies, procedures, and awareness training programs Respond to vendor security assessments and manage documentation for external audits Maintain GRC tools, dashboards, and evidence artifacts; define control ownership and track corrective actions Provide cross-functional guidance on compliance requirements and stay current with regulatory changes Qualifications Bachelor's degree in Computer Information Systems or related field (preferred) 4+ years of experience in cybersecurity risk assessments, audits, policy development, and compliance Familiarity with HIPAA, ISO27001:2022, and NIST CSF v2.0 frameworks Certifications such as CISA, CISSP, CISM, or CRISC (preferred) Core Competencies Strong understanding of security governance, compliance frameworks, and regulatory requirements Familiarity with IT infrastructure, data architecture, and cybersecurity technologies Skilled in GRC strategy development, data analysis, reporting, and maintaining technical standards Ability to communicate complex technical concepts clearly to varied audiences, including senior leadership Proven capacity to apply risk-based approaches to audits and assessments Comfortable working independently and collaboratively across teams and geographies Adaptable in fast-paced environments with shifting priorities Scheduled Weekly Hours: 40 Work Shift: Job Category: Information Technology Company: Sonic Healthcare USA, Inc Sonic Healthcare USA is an equal opportunity employer that celebrates diversity and is committed to an inclusive workplace for all employees. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, age, national origin, disability, genetics, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

At Moffitt Cancer Center, we strive to be the leader in understanding the complexity of cancer and applying these insights to contribute to the prevention and cure of cancer. Our diverse team of over 9,000 are dedicated to serving our patients and creating a workspace where every individual is recognized and appreciated. For this reason, Moffitt has been recognized on the 2023 Forbes list of America's Best Large Employers and America's Best Employers for Women, Computerworld magazine's list of 100 Best Places to Work in Information Technology, DiversityInc Top Hospitals & Health Systems and continually named one of the Tampa Bay Time's Top Workplace. Additionally, Moffitt is proud to have earned the prestigious Magnet designation in recognition of its nursing excellence. Moffitt is a National Cancer Institute-designated Comprehensive Cancer Center based in Florida, and the leading cancer hospital in both Florida and the Southeast. We are a top 10 nationally ranked cancer center by Newsweek and have been nationally ranked by U.S. News & World Report since 1999. Working at Moffitt is both a career and a mission: to contribute to the prevention and cure of cancer. Join our committed team and help shape the future we envision. Summary Security Systems Analyst II Position Highlights: * The Security Systems Analyst II, will maintain the architecture of security controls for applications of systems, such as infrastructure and web application firewalls. * The Security Systems Analyst II reviews alerts and data from network and server infrastructure and documents formal, technical incident reports. * Works with Security Systems Engineer on foundational technology security reviews and assessments. * The Security Systems Analyst II will also administer and maintain an organizational SIEM and log solution in concert with organizational monitoring platforms. * This position leverages experience with PKI and certificates and will also deliver XDR across the organization. Responsibilities: * Performs maintenance and management of security systems and applications, including firewalls, PKI and certificates, network security appliances and host-based security systems * This includes infrastructure and web applications firewalls, including physical and virtual firewalls, including day to day maintenance of firewall rules. Investigates and documents issues or incidents involving the enterprise firewall. * Participates in infrastructure projects to develop, plan and implement specifications for network and distributed system security technologies in support of key information systems * Assists remediation required by audits, and document exceptions as necessary Education and Experience: * High School Diploma/GED * Minimum of 5 years of experience in an IT support environment which could include experience in more than one of the following IT disciplines: * Complex IT Portfolio environment including large scale systems, servers, storage and networking. * High availability application layer and/or stateful inspection based firewalls. * VPN gateways & remote access clients. * Public key Infrastructures including Certificate Authority (CA), Registration Authority (RA) and Certificate Repository. * Securing Internet access, Intranet, and Extranet. * Technology background in systems, networking and/or data storage design, engineering and support. Plus * Experience delivering XDR across the organization. * Experience with PKI and certificates Share:

Applied Medical is a new generation medical device company with a proven business model and commitment to innovation fueled by rapid business growth and expansion. Our company has been developing and manufacturing advanced surgical technologies for over 35 years and has earned a strong reputation for excellence in the healthcare field. Our unique business model, combined with our dedication to delivering the highest quality products, enables team members to contribute in a larger capacity than is possible in typical positions. Position Description The Information Security Manager / Senior Manager leads the advancement of Applied Medical's global information security program. This role develops and implements strategies that protect organizational data, systems, and infrastructure while ensuring alignment with business objectives, regulatory standards, and frameworks such as the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) and International Organization for Standardization (ISO) 27001. The Information Security Manager / Senior Manager directs a team of security professionals in a collaborative environment, overseeing operations, risk management, and incident response. This position requires a proven leader who combines technical expertise with strategic vision, fosters cross-functional alignment, mentors high-performing teams, and promotes a strong culture of security awareness across the organization. Key Responsibilities * Lead and mentor a team of information security analysts to ensure effective daily operations across areas such as network security, endpoint protection, and identity and access management (IAM). * Oversee threat detection, incident response, and vulnerability management processes, ensuring timely investigation and resolution of security events. * Develop and implement security strategies that align with business objectives, compliance standards, and recognized frameworks including NIST CSF, ISO 27001, and SOC 2. * Collaborate with global IT, engineering, and application development teams to integrate security controls into infrastructure, cloud environments, and software systems. * Evaluate and manage third-party vendor risk, ensuring adherence to Applied Medical's information security standards and regulatory requirements. * Lead the review and continuous improvement of information security policies, procedures, and documentation. * Develop and deliver organization-wide security awareness and training programs that promote a proactive security culture. * Monitor industry trends, emerging threats, and new technologies to strengthen Applied Medical's security posture and resilience. Success in This Role Looks Like * Leads a cohesive and motivated information security team that demonstrates accountability, collaboration, and continuous improvement. * Aligns information security initiatives with business goals and ensures compliance with internal and external standards. * Builds trust and alignment across departments by communicating complex security concepts in clear, practical terms. * Anticipates evolving risks and proactively enhances the organization's ability to prevent, detect, and respond to security threats. * Demonstrates strong partnership with executive and technical teams to advance Applied Medical's long-term security strategy. Position Requirements This position requires the following skills and attributes * Bachelor's degree in information technology, computer science, or a related field. * Five or more years of information security experience, including at least three years in a leadership or management role. * Proven experience managing security operations, including oversight of a Security Operations Center (SOC) and related functions. * Strong understanding of cybersecurity principles, including network and cloud security, endpoint protection, identity and access management (IAM), and data protection. * Knowledge of security frameworks and regulations such as NIST CSF, ISO 27001, General Data Protection Regulation (GDPR), and Health Insurance Portability and Accountability Act (HIPAA). * Demonstrated ability to lead cross-functional teams, communicate effectively with non-technical stakeholders, and influence decision-making across levels. * Experience making risk-based decisions that balance security needs with business objectives. * Excellent analytical, organizational, and problem-solving skills. Preferred The following skills and attributes are preferred * Master's degree in information security, cybersecurity, or a related field. * Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP). * Experience managing information security programs within a regulated industry such as medical device, healthcare, or manufacturing. * Familiarity with Lean Six Sigma or other continuous improvement methodologies. * Strong understanding of budgeting, cost-benefit analysis, and security investment planning. Benefits * Competitive compensation range: $100000 - $150000 / year (California). * Comprehensive benefits package. * Training and mentorship opportunities. * On-campus wellness activities. * Education reimbursement program. * 401(k) program with discretionary employer match. * Generous vacation accrual and paid holiday schedule. Please note that the compensation range may be based on factors such as relevant education, qualifications, experience. The compensation range may be adjusted in the future, and special discretionary bonus or incentive compensation plans may apply. Our total reward package reflects our commitment to team member growth and well-being, as we invest in your development and offer a range of benefits designed to enhance your career and life. Equal Opportunity Employer Applied Medical is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), or sexual orientation, or any other basis protected by federal, state or local laws in the locations where Applied Medical operates.

Applied Medical is a new-generation medical device company with a proven business model and commitment to innovation fueled by rapid business growth and expansion. Our company has been developing and manufacturing advanced surgical technologies for over 35 years and has earned a strong reputation for excellence in the healthcare field. Our unique business model, combined with our dedication to delivering the highest quality products, enables team members to contribute to a larger capacity than is possible in typical positions. Position Description The Information Security Analyst plays a critical role in safeguarding Applied Medical's digital infrastructure and supporting the organization's mission to advance healthcare through technology. Working onsite at Applied Medical's global headquarters, the Information Security Analyst supports the operation and enhancement of cybersecurity systems that protect sensitive data, networks, and applications. This position is part of the Corporate Applications team, which manages enterprise systems and ensures secure, compliant technology operations. The Information Security Analyst contributes to threat monitoring, incident response, vulnerability management, and compliance initiatives that maintain the integrity and reliability of Applied Medical's information systems. Key Responsibilities: * Monitor and analyze network and system activity to identify potential security threats using Security Information and Event Management (SIEM) tools and related monitoring technologies. * Implement, maintain, and upgrade cybersecurity measures, including endpoint protection, data loss prevention (DLP), and vulnerability management systems. * Conduct incident response activities to investigate, contain, and remediate security events, ensuring timely and effective resolution. * Support internal and external audits by preparing and maintaining documentation that demonstrates compliance with regulatory standards and company policies. * Assist in the development and enforcement of security policies, procedures, and standards aligned with industry best practices and governance frameworks. * Collaborate with cross-functional teams to evaluate cybersecurity risks, provide technical guidance, and strengthen secure software and system implementations. * Contribute to security awareness efforts by helping deliver training sessions and educational initiatives that promote organizational compliance and risk awareness. * Stay informed on emerging cybersecurity threats, attack techniques, and evolving regulatory requirements to ensure proactive risk mitigation. Success in This Role Looks Like: * Maintains strong situational awareness and identifies potential security incidents before they escalate. * Demonstrates proactive problem-solving and initiative in improving the company's cybersecurity posture. * Collaborates effectively across departments to implement security solutions without disrupting business operations. * Provides clear, well-documented technical reports and communicates findings to both technical and non-technical stakeholders. * Balances day-to-day monitoring with long-term process improvements and automation initiatives. * Contributes to a culture of security awareness, accountability, and continuous improvement. Position Requirements This position requires the following skills and attributes: * Associate's degree or higher in information security, computer science, or a related field, or equivalent practical experience. * At least three to five years of relevant professional experience in information security or IT systems administration. * Experience monitoring and analyzing alerts from SIEM platforms and managing endpoint security solutions such as antivirus or EDR (Endpoint Detection and Response). * Hands-on experience with data loss prevention (DLP) tools and investigating potential data exfiltration events. * Proficiency in performing vulnerability scans, remediation tracking, and patch management activities. * Strong organizational, analytical, and problem-solving skills with a proactive and innovative approach. * Excellent written and verbal communication skills with the ability to translate technical findings into actionable insights. * Familiarity with cybersecurity tools, frameworks, and technologies, as well as proficiency in Microsoft Office applications. * Demonstrated ability to manage multiple projects and priorities from planning through completion. * Ability to pass a background check prior to employment. Preferred The following skills and attributes are preferred: * Working knowledge of Windows, mac OS, and Linux endpoint security architecture and configurations. * Experience investigating and remediating malware incidents and phishing attacks. * Familiarity with cyber threat intelligence (CTI) and security frameworks such as NIST, ISO 27001, or CIS Controls. * Experience with incident response, forensics, or security automation tools. * Strong understanding of network protocols, firewalls, and intrusion detection systems (IDS/IPS). * Relevant industry certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH). Benefits Benefits: * Competitive compensation range: $80000 - $110000/year (California). * Comprehensive benefits package. * Training and mentorship opportunities. * On-campus wellness activities. * Education reimbursement program. * 401(k) program with discretionary employer match. * Generous vacation accrual and paid holiday schedule. Please note that the compensation range may be based on factors such as relevant education, qualifications, experience. The compensation range may be adjusted in the future, and special discretionary bonus or incentive compensation plans may apply. Our total reward package reflects our commitment to team member growth and well-being, as we invest in your development and offer a range of benefits designed to enhance your career and life. Equal Opportunity Employer Applied Medical is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (including pregnancy, childbirth, breastfeeding and related medical conditions), or sexual orientation, or any other basis protected by federal, state or local laws in the locations where Applied Medical operates.