28 Fedramp Jobs

The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the worlds biggest challenges. We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customers business critical applications. What is IAM at OCI? Identity and Access Management (IAM) allows users to control who has access to their cloud resources. As part of the Cloud Platform organization, the team is responsible for the design and build of core services that are utilized by internal and external customers alike. The Identity Control Plane team is primarily responsible for servicing CRUD API calls onall Identity-related entities like users, groups, policies, and compartments across all global regions while ensuring consistency and reliability. Who are we looking for? We are looking for engineers with distributed systems experience. You should have experience with the design of major features and launching them into production. Youve operated high-scale services and understand how to make them more resilient. You work on most projects and tasks independently. The ideal candidate will be technically strong and get a lot done youve worked on services that are highly available, scalable, and redundant. You understand that simple systems are easier to operate and troubleshoot. You can balance speed and quality with iteration and incremental improvements. Youve made life easier for other developers and have motivated your teams to make both process and service improvements with your ability to automate and instrument properly to get the right data. You understand operational excellence and how to instill a culture of being proactive with your teammates. You find anomalies in graphs that didnt trip any alarms and root cause problems before they become real problems. The person in this role will get a lot done on a daily basis, drive tactical execution of features and projects, and own feature design. What are the biggest challenges for the team? The biggest challenges for the team are reliability and performance. The growth of the business is driving us to improve the ability of our systems to scale out and handle traffic patterns that are several orders of magnitude greater than what we can support today. We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution. We need engineers who can build services that handle millions of requests per second. We need engineers who can figure out how we can survive regional data center outages and protect our customers. We need engineers who can build services that enable us to offer even more options to customers and contribute to the overall growth of Oracle Cloud. Required Qualifications 6+ years distributed service engineering experience in a software development environment Hands-on experience building and operating highly-available, high-traffic web services Experience developing service-oriented architectures and RESTful web services Strong development experience in Java, C++, C#, or similar OO languages Experience with at least one scripting language for automating tasks, proof of concept work, or command line tools Preferred Qualifications Domain knowledge of Identity and Access Management. Hands-on experience developing services on a public cloud platform (e.g., AWS, Azure, Oracle) Experience and understanding of multi-AD/AZ and regional data centers Building continuous integration/deployment pipelines with robust testing and deployment schedules Experience with Docker Experience working with internal customers and translating requests into prioritized work or features Expertise in applying threat modeling or other risk identification techniques to develop security solutions FedRAMP, PCI DSS, or similar compliance and auditing experience Experience working with large enterprise customers Responsibilities As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.

As a Security Engineer at Oracle Cloud Infrastructure (OCI), you will be at the forefront of designing and building secure cloud systems that support global business operations. You will drive the planning, implementation, and continual improvement of robust security architectures-leveraging automation, orchestration, and AI to protect network and computing environments. In this role, you will leverage Oracle Cloud services (OCI), and Palo Alto Networks Cortex XSOAR to deliver next-generation security automation. You will work closely with security operations, engineering, and compliance teams to ensure timely detection and mitigation of threats, while also streamlining and optimizing security workflows using cutting-edge tools and methodologies. Key Responsibilities Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Required Qualifications 5+ years of progressive experience in information security, with hands-on roles supporting enterprise engineering. Proven expertise designing and implementing large-scale security solutions cloud-centric environments. Strong experience with programming and scripting (Python required) Substantial experience with security automation and orchestration frameworks, particularly Cortex XSOAR. In-depth knowledge of regulatory and compliance requirements (ISO 27001, SOC 2, HITRUST, FedRAMP) and application in cloud (SaaS, PaaS, and IaaS) operations. Familiarity with SDLC, DevSecOps practices, and modern CI/CD pipelines. Preferred Qualifications Master's degree or additional certifications (e.g., CISSP, CISM, CCSP, AWS/Azure Architect). Experience integrating AI/ML solutions into security operations. Demonstrated success developing and deploying automation tools to streamline SecOps. Experience using PAN XSOAR. Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Career Level - IC3

Job : Senior Infrastructure Automation Engineer (Zero-Touch GPU Cloud Stack Linux Image Lifecycle) We are seeking a Senior Infrastructure Automation Engineer with 10+ years of experience to lead the design and implementation of a Zero-Touch Build, Upgrade, and Certification pipeline for our on-prem GPU cloud infrastructure. This role focuses on automating the full stackfrom hardware provisioning through OS and Kubernetes deploymentleveraging 100% GitOps workflows . The candidate will bring deep expertise in Linux systems automation, image management, and compliance hardening, with a strong foundation in infrastructure engineering. Key Responsibilities Architect and implement a fully automated, GitOps-based pipeline for building, upgrading, and certifying the Linux operating system layer in the GPU cloud stack (hardware OS Kubernetes platform). Design and automate Linux image builds using Packer , Kickstart , and Ansible . Integrate CIS/STIG compliance hardening and OpenSCAP scanning directly into the image lifecycle and validation workflows. Own and manage kernel module/driver automation , ensuring version compatibility and hardware enablement for GPU nodes. Collaborate with platform, SRE, and security teams to standardize image build and deployment practices across the stack. Maintain GitOps-compliant infrastructure-as-code repositories, ensuring traceability and reproducibility of all automation logic. Build self-service capabilities and frameworks for zero-touch provisioning, image certification, and drift detection. Mentor junior engineers and contribute to strategic automation roadmap initiatives. Required Skills & Experience 10+ years of hands-on experience in Linux infrastructure engineering, system automation, and OS lifecycle management. Primary key skills required are Ansible, Python, Packer, Kickstart, OpenSCAP Deep expertise with: Packer for automated image builds Kickstart for unattended OS provisioning OpenSCAP for security compliance and policy enforcement Ansible for configuration management and post-build customization Strong understanding of CIS/STIG hardening standards and their application in automated pipelines. Experience with kernel and driver management , particularly in hardware-accelerated (GPU) environments. Proven ability to implement GitOps workflows for infrastructure automation (e.g., Git-backed pipelines for image release and validation). Solid knowledge of Linux internals , bootloaders, and provisioning mechanisms in bare-metal environments. Exposure to Kubernetes , particularly in the context of OS-level customization and compliance. Strong collaboration skills across teams including security, SRE, platform, and hardware engineering. Bonus: Familiarity with image signing, SBOM generation, or secure boot workflows Experience working in regulated or compliance-heavy environments (e.g., FedRAMP, PCI-DSS) Contributions to infrastructure automation frameworks or open-source tools

You should have a Bachelor's degree in Computer Science or equivalent practical experience along with experience in architecting, developing, or maintaining secure cloud solutions. It is crucial to have a background in network security, data security, and regulatory compliance frameworks. Experience in managing internal or external customer-facing projects with cross-functional teams is also required. It would be preferred if you have experience in Cloud Security within customer-facing roles, securing Google Cloud or other cloud environments, security architecture or security engineering, and implementing security requirements such as FedRAMP, PCI, or HIPAA in a cloud environment. Understanding attacks and mitigation methods in areas such as network protocols, web application security, authentication and access control, security monitoring, incident response, and more is highly valued. As a Security Consultant in the Google Cloud Consulting Professional Services team, you will play a crucial role in guiding customers through their cloud journey. You will provide technical guidance on adopting Google Cloud Platform (GCP) services, ensuring secure foundational cloud implementations, automated provisioning of infrastructure and applications, and cloud-ready application architectures. Collaborating with Product Management and Engineering, you will drive excellence in Google Cloud products and features, ensuring the best customer experience in migrating, building, modernizing, and maintaining applications on GCP. Your responsibilities will include prioritizing and delivering exceptional customer service, troubleshooting and resolving issues directly with Google's advertisers, Sales teams, agencies, and partners. You will use your deep product expertise to solve complex technical issues, analyze data, generate insights, and create action plans to address customer issues at the root cause. Working closely with Sales and other cross-functional teams, you will continuously improve the customer journey, resolve complex issues, and provide insights to support product and process improvements. Additionally, you will develop, maintain, and deliver knowledge management resources and training programs to enhance customer support agent competency.,

It's fun to work at a company where people truly believe in what theyare doing! Job Description: Key Responsibilities Troubleshooting across on-premises, cloud, and hybrid environments (to include AWS and Azure). Automate network infrastructure using Infrastructure as Code (IaC) tools such as Terraform, Ansible, and scripting languages (Python, Bash, PowerShell). Manage and maintain secure network solutions using Palo Alto and Fortinet firewalls. Understanding of routing protocols (BGP, OSPF, EVPN) using FRRouting (FRR) and other open-source platforms. Manage and support Data Center network components within VMware Spine/Leaf on NVIDIA Cumulus and SONiC and Fortinet SD-WAN. Build and maintain Linux-based network services and tooling environments (e.g., DNS, DHCP, syslog). Champion automation and automated testing practices to improve reliability and reduce manual intervention. Drive self-service automation initiatives and contribute to AI-based network intelligence and anomaly detection. Monitor and enhance network performance using observability tools (SolarWinds, FortiAnalyzer, Panorama). Support compliance efforts across frameworks including FedRAMP, HIPAA, PCI, HITRUST, and Protected B. Collaborate with cross-functional teams to align automation strategies with broader cloud and security goals. Required Qualifications 2+ years of progressive experience in enterprise network engineering and automation. Moderate to Expert troubleshooting skills in complex, distributed environments. Proficiency in Linux systems and scripting (Python, Bash, PowerShell). Demonstrated experience with IaC, SDN, and hybrid cloud networking (Azure, AWS). Basic understanding of enterprise routing, firewall policies, and secure network design. Familiarity with automation APIs (REST, gNMI, NETCONF) and CI/CD workflows. Ability to collaborate across teams in a fast-paced, hybrid infrastructure environment. Preferred Qualifications Bachelor's degree in Computer Science, Engineering, or related field-or equivalent work experience. Experience with open-source orchestration tools. Exposure to container networking and CNI solutions (e.g., Calico, Cilium). Background in AI-enhanced network automation or telemetry-based anomaly detection. Industry certifications such as PCNSE, NSE, CCNP/CCIE, RHCE, or cloud/network automation badges (e.g., Azure Network Engineer Associate). Soft Skills & Culture Fit A collaborative team player who takes initiative and inspires others. Passionate about mentoring, sharing knowledge, and rallying teams around If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us! It is Epiq's policy to comply with all applicable equal employment opportunity laws by making all employment decisions without unlawful regard or consideration of any individual's race, religion, ethnicity, color, sex, sexual orientation, gender identity or expressions, transgender status, sexual and other reproductive health decisions, marital status, age, national origin, genetic information, ancestry, citizenship, physical or mental disability, veteran or family status or any other basis protected by applicable national, federal, state, provincial or local law. Epiq's policy prohibits unlawful discrimination based on any of these impermissible bases, as well as any bases or grounds protected by applicable law in each jurisdiction. In addition Epiq will take affirmative action for minorities, women, covered veterans and individuals with disabilities. If you need assistance or an accommodation during the application process because of a disability, it is available upon request. Epiq is pleased to provide such assistance and no applicant will be penalized as a result of such a request. Pursuant to relevant law, where applicable, Epiq will consider for employment qualified applicants with arrest and conviction records.

As a Security Engineer at Oracle Cloud Infrastructure (OCI), you will be at the forefront of designing and building secure cloud systems that support global business operations. You will drive the planning, implementation, and continual improvement of robust security architectures-leveraging automation, orchestration, and AI to protect network and computing environments. In this role, you will leverage Oracle Cloud services (OCI), and Palo Alto Networks Cortex XSOAR to deliver next-generation security automation. You will work closely with security operations, engineering, and compliance teams to ensure timely detection and mitigation of threats, while also streamlining and optimizing security workflows using cutting-edge tools and methodologies. Key Responsibilities Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Required Qualifications 5+ years of progressive experience in information security, with hands-on roles supporting enterprise engineering. Proven expertise designing and implementing large-scale security solutions cloud-centric environments. Strong experience with programming and scripting (Python required) Substantial experience with security automation and orchestration frameworks, particularly Cortex XSOAR. In-depth knowledge of regulatory and compliance requirements (ISO 27001, SOC 2, HITRUST, FedRAMP) and application in cloud (SaaS, PaaS, and IaaS) operations. Familiarity with SDLC, DevSecOps practices, and modern CI/CD pipelines. Preferred Qualifications Master's degree or additional certifications (e.g., CISSP, CISM, CCSP, AWS/Azure Architect). Experience integrating AI/ML solutions into security operations. Demonstrated success developing and deploying automation tools to streamline SecOps. Experience using PAN XSOAR. Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Career Level - IC3

As a Security Engineer at Oracle Cloud Infrastructure (OCI), you will be at the forefront of designing and building secure cloud systems that support global business operations. You will drive the planning, implementation, and continual improvement of robust security architectures-leveraging automation, orchestration, and AI to protect network and computing environments. In this role, you will leverage Oracle Cloud services (OCI), and Palo Alto Networks Cortex XSOAR to deliver next-generation security automation. You will work closely with security operations, engineering, and compliance teams to ensure timely detection and mitigation of threats, while also streamlining and optimizing security workflows using cutting-edge tools and methodologies. Key Responsibilities Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Required Qualifications 5+ years of progressive experience in information security, with hands-on roles supporting enterprise engineering. Proven expertise designing and implementing large-scale security solutions cloud-centric environments. Strong experience with programming and scripting (Python required) Substantial experience with security automation and orchestration frameworks, particularly Cortex XSOAR. In-depth knowledge of regulatory and compliance requirements (ISO 27001, SOC 2, HITRUST, FedRAMP) and application in cloud (SaaS, PaaS, and IaaS) operations. Familiarity with SDLC, DevSecOps practices, and modern CI/CD pipelines. Preferred Qualifications Master's degree or additional certifications (e.g., CISSP, CISM, CCSP, AWS/Azure Architect). Experience integrating AI/ML solutions into security operations. Demonstrated success developing and deploying automation tools to streamline SecOps. Experience using PAN XSOAR. Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Career Level - IC3

Job Title: Senior Security Engineer Role Overview: The Senior Security Engineer is responsible for the secure design, development, and operation of Skyhigh products and services. This role involves a mix of proactive security design, vulnerability management, and incident response, with a strong focus on maintaining and enforcing compliance standards. You will be a key contributor to our security posture, working closely with cross-functional teams to embed security best practices throughout the entire development lifecycle. Responsibilities: As our Senior Security Engineer you'll play a pivotal role in architecting and securing our entire software ecosystem. You'll partner with engineering teams across the organization, influencing the design and development of our products to ensure they are secure by default. You'll be a key driver in maintaining our coveted security certifications, ensuring our platform adheres to stringent standards like FedRAMP and SOC 2. This is a high-impact, proactive role that goes beyond just finding flaws. You'll be instrumental in building security into our development process, from threat modeling and secure design to managing our vulnerability remediation lifecycle. You'll serve as a trusted advisor and subject matter expert, working collaboratively with all engineering teams to cultivate a robust security culture and empower them with the knowledge and tools to write secure code. Qualifications: 5 to 8 years of expertise in application security principles, methodologies, and common attack vectors (e.g., OWASP Top 10). You have hands-on experience with a variety of security tools for static and dynamic analysis (SAST/DAST) and vulnerability management. Passionate about DevSecOps and skilled in automating security tasks, integrating tools into CI/CD pipelines, and developing security policies for Infrastructure as Code (IaC). Natural problem-solver with a knack for incident detection, triage, and root cause analysis. You can provide practical, effective remediation plans for security issues across the stack. Excellent communicator who can influence and guide engineers and leadership without direct authority. You enjoy educating others and serving as a subject matter expert to build a strong security culture.

Sr Cyber Governance Analyst Job Summary: Provide professional expertise and advise IT and senior leadership in matters relating to technology-related compliance with all applicable laws, regulations, industry standards and corporate compliance requirements. Assess changes in the regulatory, business and technology environment and recommend and implement or guide appropriate changes to IT policies, controls, and processes to address security and technology issues. Manage and coordinate IT audit activities by working with IT leaders, team members, external auditors, regulators, and other organizations that review and assess IT processes and controls. Lead and execute cybersecurity risk management activities include internal compliance and risk management activities as well as third-party vendor security oversight and response to customer security inquiries. Responsibilities: Provide professional expertise and advise leadership in complying with all applicable laws, regulations, and accreditations, including Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), FedRAMP, HITRUST, ISO 27001, and EU General Data Protection Regulation (GDPR). Facilitate, oversee, and provide point of contact for all IT audits, assessments, and other reviews of processes and technology. Work with teams to coordinate schedules for activity. Work with IT teams to deliver requested evidence, documentation, conduct interviews, walk through processes, test controls, and negotiate issues. Manage and monitor development and execution of action plans by reviewing and evaluating reports for trends, working with leadership to prioritize findings, and track progress toward agreed upon timeframes. Ensure issues are appropriately documented, relevant, and understood. Perform IT risk and controls assurance assessments of internal and third-party technology-related processes and solutions, working with IT leaders, security architects, Procurement, and other subject matter experts. Perform recurring assessments of information security and technology functions to measure maturity against industry standard baselines, identifying improvement areas, registering risks, and assisting with action plans to move processes to a higher level of maturity. Develop and maintain operational metrics to ensure information security and technology risk and the performance of the IT risk and compliance program is measured sufficiently to enable success. Mentor and coach team members through risk assessments, including scoping of an assessment, resolving conflict, and prioritization of issues. Perform peer review of work product and deliverables. Continuously look to optimize processes, technology and capabilities through tactical and strategic development. Other duties as assigned. Knowledge and Skills: Strong analytical skills; Demonstration of ability to solve problems using best practices and systematic approach Relationship builder; able to create and maintain a trusted network on all levels; Good communication, influencing and negotiating skills; Written and oral communication skills including the ability to communicate complex technical issues to non-technical staff; Project management and organizational skills; Tactful and diplomatic when engaging with all levels of management always maintaining a professional demeanor. Required Experience: 5-8 years direct experience with information security, IT controls assurance and IT audit facilitation Working knowledge of industry standards such as NIST Cybersecurity Framework, FedRAMP, NIST SP 800-53, ISO 27001, Sarbanes-Oxley, SOC1, SOC2, HIPAA, HITRUST and other similar frameworks. Preferred Experience: Experience in cloud-based environments for production applications, including Amazon Web Services, Microsoft Azure, GCP or other large-scale cloud deployment. Understanding of attack vectors and methodologies. Ability to weigh business risks and enforce appropriate information security measures. CISSP, CISM, CISA, CCSA or equivalent certification preferred. Proficient in the use of Microsoft Office (Excel and PowerPoint), Power BI and Power Automate. GHX: It&aposs the way you do business in healthcare Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes. GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions. It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 1000 people worldwide. Our corporate headquarters is in Colorado, with additional offices in Europe. Disclaimer Global Healthcare Exchange, LLC and its North American subsidiaries (collectively, GHX) provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law. This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement. GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHXs employees to perform their expected job duties is absolutely not tolerated. Read our GHX Privacy Policy Show more Show less

As an Azure Security Engineer, you will be responsible for conducting security posture assessments using Microsoft Defender for Cloud and XDR tools. Your expertise will be crucial in analyzing threat detection, vulnerability management, and compliance posture across Azure workloads. You will play a key role in recommending remediation strategies aligned with industry standards such as HIPAA, GDPR, and FEDRAMP. Your day-to-day tasks will include preparing client-facing reports on assessment findings and providing technical recommendations for remediation and architecture. Additionally, your knowledge and experience in using PowerBI dashboards for reporting purposes will be highly valuable. To excel in this role, you should have a minimum of 5 years of experience in Azure security engineering or related roles. Hands-on experience with MS Defender for Cloud, XDR, and the ability to interpret and act on Secure Score, Regulatory Compliance, and Threat Intelligence are essential. A deep understanding of SC-100 Security Architect concepts, along with certifications like SC-100, SC-200, and AZ-500, will be advantageous. Your familiarity with Azure Policy, Security Center, Log Analytics, and KQL will be beneficial in performing your duties effectively. Excellent verbal and written communication skills, as well as client-facing abilities, are prerequisites for this role. If you are a highly skilled Azure Security Engineer with a passion for enhancing security architectures and conducting comprehensive assessments, we encourage you to apply for this exciting opportunity.,

The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the worlds biggest challenges. We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customers business critical applications. What is IAM at OCI? Identity and Access Management (IAM) allows users to control who has access to their cloud resources. As part of the Cloud Platform organization, the team is responsible for the design and build of core services that are utilized by internal and external customers alike. The Identity Control Plane team is primarily responsible for servicing CRUD API calls onall Identity-related entities like users, groups, policies, and compartments across all global regions while ensuring consistency and reliability. Who are we looking for? We are looking for engineers with distributed systems experience. You should have experience with the design of major features and launching them into production. Youve operated high-scale services and understand how to make them more resilient. You work on most projects and tasks independently. The ideal candidate will be technically strong and get a lot done youve worked on services that are highly available, scalable, and redundant. You understand that simple systems are easier to operate and troubleshoot. You can balance speed and quality with iteration and incremental improvements. Youve made life easier for other developers and have motivated your teams to make both process and service improvements with your ability to automate and instrument properly to get the right data. You understand operational excellence and how to instill a culture of being proactive with your teammates. You find anomalies in graphs that didnt trip any alarms and root cause problems before they become real problems. The person in this role will get a lot done on a daily basis, drive tactical execution of features and projects, and own feature design. What are the biggest challenges for the team? The biggest challenges for the team are reliability and performance. The growth of the business is driving us to improve the ability of our systems to scale out and handle traffic patterns that are several orders of magnitude greater than what we can support today. We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution. We need engineers who can build services that handle millions of requests per second. We need engineers who can figure out how we can survive regional data center outages and protect our customers. We need engineers who can build services that enable us to offer even more options to customers and contribute to the overall growth of Oracle Cloud. Required Qualifications 6+ years distributed service engineering experience in a software development environment Hands-on experience building and operating highly-available, high-traffic web services Experience developing service-oriented architectures and RESTful web services Strong development experience in Java, C++, C#, or similar OO languages Experience with at least one scripting language for automating tasks, proof of concept work, or command line tools Preferred Qualifications Domain knowledge of Identity and Access Management. Hands-on experience developing services on a public cloud platform (e.g., AWS, Azure, Oracle) Experience and understanding of multi-AD/AZ and regional data centers Building continuous integration/deployment pipelines with robust testing and deployment schedules Experience with Docker Experience working with internal customers and translating requests into prioritized work or features Expertise in applying threat modeling or other risk identification techniques to develop security solutions FedRAMP, PCI DSS, or similar compliance and auditing experience Experience working with large enterprise customers Responsibilities As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.

At Broadridge, we have created a culture that aims to empower individuals to achieve more. If you are enthusiastic about advancing your career while supporting others in their journey, we invite you to become a part of the Broadridge team. Your role involves providing expert guidance for the implementation and advancement of secure cloud and container architectures, controls, and best practices across various cloud services such as IaaS, PaaS, SaaS, and hybrid configurations. You will collaborate closely with developers, system administrators, and IT management to drive proactive solutions. Additionally, you will be responsible for identifying, suggesting, and assessing new technology options to enhance process efficiency, automation, security, visibility, developer support, and operational streamlining in cloud and container environments. Furthermore, you will contribute to the enhancement of continuous monitoring solutions to verify systems against security standards and address policy breaches. Analyzing the latest attacker tactics and implementing strategies to mitigate associated risks is also a key aspect of your role. You will provide insights into the design and implementation of automated security solutions and work closely with product and development teams to ensure alignment with company directives and objectives. In terms of technical skills, you should have demonstrated expertise in cloud-native architectures, microservices, and operational best practices related to cloud and container orchestration. Experience in integrating enterprise-scale security solutions in AWS and/or Azure, including user, security, and networking configurations, is essential. Proficiency in full-stack cloud automation using tools like Git, Terraform, Ansible, and Jenkins is required. Previous programming experience is necessary, with a preference for familiarity with Python. A Bachelor's degree or higher in Computer Science, Engineering, or a related field, or equivalent certifications and practical experience, is expected. You should have at least 5 years of experience in network, application, or infrastructure security. A solid understanding of IT Risk Management, Security Policies and Procedures, Internal Audit, and Compliance Standards is vital, along with familiarity with SOC, FFIEC, CSA, and FedRAMP. Experience in aligning security programs with benchmarks and standards such as NIST, CIS, FIPS, PCI DSS, HIPAA, and FIPS 140-2 is advantageous. Regarding soft skills, excellent communication skills in both oral and written English are crucial. You should be able to articulate complex ideas effectively to ensure clear direction and outcomes. Adaptability to changing technology landscapes and requirements is also a key attribute for this role.,

Key Responsibilities: Serve as a trusted security advisor and designated vCISO for assigned clients, providing executive-level guidance on cybersecurity strategy, risk posture, governance, and compliance initiatives. Lead the development, implementation, and continuous improvement of client security policies, procedures, and frameworks aligned with standards such as NIST 800-53/CSF, ISO 27001, HIPAA, CMMC, SOC 2, and others. Define and deliver comprehensive security programs, including security risk assessments, maturity roadmaps, control gap analysis, and compliance reporting. Guide clients through technical and strategic decision-making related to infrastructure, applications, third-party tools, and data protection strategies. Coordinate and oversee vulnerability assessments, penetration tests, and the design and implementation of technical and administrative controls. Interpret the results of threat and vulnerability assessments to identify gaps and recommend remediation actions, ensuring alignment with each client's operational risks and compliance obligations. Engage with client stakeholders across IT, DevOps, legal, operations, and executive leadership to drive a security-by-design culture across projects and teams. Manage and deliver high-impact cybersecurity engagements with a focus on scope definition, schedule, budget, documentation, and successful client outcomes. Facilitate client discovery, build proposals, and articulate engagement scope, deliverables, and level of effort required for custom security solutions. Identify cross-functional improvement opportunities, recommending enhancements to client systems and infrastructure (hardware, software, networks). Communicate technical concepts and security strategy effectively to both technical and non-technical audiences, demonstrating leadership and executive presence. Provide mentorship and guidance to junior consultants, engineers, and analysts; when serving in a team lead capacity, manage workload, project direction, and performance feedback for 35 team members. Contribute to business development by identifying upselling and cross-selling opportunities based on client needs, emerging security challenges, or regulatory changes. Plan and execute projects independently with limited oversight, consistently delivering high-quality advisory services and exceeding client expectations. Minimum Qualifications: Bachelors degree in business, computer science, information systems, engineering, or a relevant discipline, or equivalent experience. 10+ years of technical experience. 5+ years of Information Security experience. Familiarity and experience with Microsoft 365, Azure, and AWS. Familiar with Security Frameworks (FedRAMP, ISO, NIST, COBIT, HIPAA/HITECH, PCI, SOC, SOX, etc.) and regulatory requirements. Understanding of Data Loss Prevention, Zero Trust, etc. Excellent written, verbal, and presentation communication skills. Excellent customer service skills. Comfortable in a sales environment and interest in negotiation statements of work. Experience collaborating and supporting clients and executives. Innovative and analytical problem-solving skills. Entrepreneurial and forward-thinking mindset. Strong management consulting skills. Ability to make decisive decisions and exhibit executive presence. Proven ability to lead a team of analysts and engineers effectively.

Security Trust Analyst1 Job Title: Security Trust Analyst Location: Bangalore, India Work Mode: Hybrid (Minimum 2 days/week from office) About the Role We are seeking a Security Trust Analyst to join our Global Trust Office as an individual contributor. In this hands-on role, you will work closely with sales teams and internal security functions to demonstrate that our security and compliance controls meet industry-leading standards. You will also engage with cross-functional stakeholders across Compliance, Legal, Privacy, Product, and Engineering teams. The ideal candidate is detail-oriented, collaborative, and passionate about cybersecurity and compliance, with a strong understanding of industry frameworks such as ISO 27001, PCI DSS, and AICPA SOC . Key Responsibilities Perform first-line review of incoming Trust Office cases in Salesforce, validate case accuracy, and assign for further action. Respond to requests from internal sales teams regarding security and compliance inquiries from customers and prospects. Prepare and distribute weekly reports from Salesforce. Manage distribution of Security and Trust Assurance Packets (STAP) to customers and prospects. Collaborate with internal teams (Security, Product, Engineering, etc.) to communicate and support DocuSigns compliance posture. Contribute to continuous improvement initiatives within the Global Trust Office. Perform additional tasks and responsibilities as assigned. Support after-hours requests on an as-needed basis. What Youll Bring Basic Qualifications: Bachelors degree or equivalent work experience in Computer Science, Cybersecurity, GRC (Governance, Risk & Compliance), or related field. Minimum 2 years of relevant experience in cybersecurity or compliance-related roles. Familiarity with security and compliance frameworks such as:SSAE16, ISO 27001, NIST, PCI DSS, SOC, SIG, CSA, HIPAA, HITRUST, FedRAMP. Experience working in a SaaS or cloud solutions environment. Proficiency with Salesforce and Google Workspace tools. Strong analytical, communication, and presentation skills. Detail-oriented with excellent organizational and time management skills. Comfortable working across cross-functional teams and stakeholders. Strong passion for continuous learning and improvement. Understanding of the role of supply chain security in customer assurance. Work Environment Hybrid Work Model: This is a hybrid position requiring a presence in the Bangalore office a minimum of 2 days per week , with flexibility for remote work based on team and business needs. Location - Pune,Hyderabad,Kolkata,Jaipur,Chandigarh

Location: Only Bangalore Contract Security Specialist SOC Position Overview: The Security Analyst works as part of the Security Operations Center (SOC). Successful candidates will be analytical, familiar with multiple security technologies, and provide initial response to security alerts. Responsibilities: Monitors, reviews and interprets security alerts and notifications and provides initial response, analysis and case management Perform mitigation steps to ensure appropriate security event handling and escalate as necessary Become proficient in a variety of security tools within our security suite Examples: A/V, IDS/IPS, NAC, NGFW, SIEM Provide general security knowledge and recommendations to SOC team Provide feedback to information security engineers and assist with security sensor tuning efforts Communicate with technical vulnerability management and incident response teams to validate security events Perform tasks related to security incident response, such as monitoring and discovery Basic Qualifications Information Security experience via work/school Excellent written and verbal communication skills with the ability to explain technical concepts Self-motivated individual who can follow and maintain procedures Attention to detail and motivated to deliver exceptional quality Critical thinking skills Preferred Qualifications: Vendor and industry certifications in security analysis such as Security+, SANS or GIAC Linux and Windows systems administration experience Knowledge of security industry standard frameworks Examples: NIST 800-53, PCI-DSS, FedRamp Scripting or programming experience Examples: PowerShell, Python, RegEx Basic Qualifications Information Security experience via work/school Excellent written and verbal communication skills with the ability to explain technical concepts Self-motivated individual who can follow and maintain procedures Attention to detail and motivated to deliver exceptional quality Critical thinking skills Preferred Qualifications: Vendor and industry certifications in security analysis such as Security+, SANS or GIAC Linux and Windows systems administration experience Knowledge of security industry standard frameworks Examples: NIST 800-53, PCI-DSS, FedRamp Scripting or programming experience Examples: PowerShell, Python, RegEx Mandatory Skills: Security Log Monitoring. Experience: 5-8 Years.

Responsibilities First line review of all incoming cases to the Trust Office in Salesforce. Validate each case for accuracy and prepare for pickup. Responding to requests for information from internal sales teams regarding compliance and security matters for customers and prospects. Prepare and distribute weekly reporting from Salesforce Prepare and send Security and Trust assurance packet (STAP) to customers and prospects. Additional responsibilities and tasks as required and assigned Basic Qualifications Self-starter with excellent communication, collaborative, and presentation skills Minimum of 2 years of relevant experience in computer science, cyber security, governance risk and compliance, or related domains Experience with security control frameworks (e.g. SSAE16, ISO27001, NIST, PCI, SIG, CSA, HIPAA, HITRUST, FedRamp) Experience with Salesforce and Google workspace applications. Professional communicator in both verbal and written English Understanding of compliance and cyber security implications for business Experience with SaaS and cloud solutions environments Experience working with cross functional teams Strong analytical and communication skills Strong attention to detail, excellent organizational skills, and superior time management skills A very strong passion to learn and continuously improve A willingness to contribute to team discussions and challenge views Preferred Qualifications Degree qualified or higher in a relevant field or equivalent work experience Experience working with external customers regarding their compliance assessments and controls Independently driven, resourceful, and able to deliver results with minimal oversight; Strong sense of ownership, urgency, and drive Strong business acumen with the ability to engage with technical teams to present assessment results, risks and to participate in discussions around acceptable and compensating controls Experience working hands-on with cross-functional teams in assessing processes, risks and controls

Job Summary: We are seeking a passionate and experienced Security & Compliance Engineer to join our team. This role is pivotal in ensuring our cloud services meet the highest standards of security and compliance. You will work cross-functionally with engineering teams, project managers, and compliance stakeholders to identify, implement, and monitor security controls and processes. Your work will directly contribute to the protection of our infrastructure, data, and services. The service you will be joining is Key Protect, IBM’s key management system https://www.ibm.com/products/key-protect. Key Responsibilities: Support security and compliance initiatives across Key Protect & Security Services. Collaborate with development and operations teams to mitigate security risks. Implement, and monitor security controls and compliance processes. Contribute to risk assessments, gap analyses, and remediation planning. Support internal and external audits by providing evidence and documentation. Support adherence to regulatory standards such as FedRAMP, HIPAA, GDPR, SOC 2, PCI, ISO27K, NIST, ISMAP, ENS, HITRUST, etc. Drive improvements in patch management, vulnerability management, and access control. Maintain accurate asset inventories and ensure configuration management best practices. Monitor logs and systems for anomalies and respond to incidents. Participate in penetration testing and threat modeling exercises. Communicate security requirements and findings to technical and non-technical stakeholders. Ideal Candidate Traits: Growth mindset and eagerness to learn. Strong problem-solving and critical thinking abilities. Self-starter, ability to work independently. Ability to translate complex security concepts into actionable guidance. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Experience: 4+ years in security engineering, compliance, DevOps or related roles. Experience with cloud technologies and infrastructure. Hands-on experience with compliance frameworks (e.g., FedRAMP, HIPAA, GDPR, SOC 2, PCI, ISO, NIST). Knowledge of end-to-end Security and Compliance activities such as Threat Models, Security Privacy by Design. Knowledge of Security scanning tools such as Nessus scanner, SonarQube, NMap. Knowledge of Security concepts (includes understanding of identity mgmt./authentication, authorization, firewall, auditing, secure communication, managing certificates, password management) Understanding of cryptographic key management and its lifecycle. Strong understanding of access management, data protection, and secure system configuration. Experience on Kubernetes/ OpenShift deployments, Container Tools such as Docker, Podman, Rancher Excellent communication and documentation skills. Ability to work independently and collaboratively across teams. Preferred technical and professional experience Experience with tools such as GitHub and ServiceNow. Experience with microservice architectures and Restful API development Familiarity using Container Security tools such as Prisma Cloud & AquaSec Experience in DevSecOps pipelines - Jenkins, Tekton Toolchains Scripting and automation skills (Python, Bash, Terraform, etc.)

Perform first-line review of incoming Trust Office cases in Salesforce, validate case accuracy, and assign for further action. Respond to requests from internal sales teams regarding security and compliance inquiries from customers and prospects. Prepare and distribute weekly reports from Salesforce. Manage distribution of Security and Trust Assurance Packets (STAP) to customers and prospects. Collaborate with internal teams (Security, Product, Engineering, etc.) to communicate and support DocuSigns compliance posture. Contribute to continuous improvement initiatives within the Office. Perform additional tasks and responsibilities as assigned. Support after-hours requests on an as-needed basis. What You’ll Bring Basic Qualifications: Bachelor’s degree or equivalent work experience in Computer Science, Cybersecurity, GRC (Governance, Risk & Compliance), or related field. Minimum 2 years of relevant experience in cybersecurity or compliance-related roles. Familiarity with security and compliance frameworks such as: SSAE16, ISO 27001, NIST, PCI DSS, SOC, SIG, CSA, HIPAA, HITRUST, FedRAMP. Experience working in a SaaS or cloud solutions environment. Proficiency with Salesforce and Google Workspace tools. Strong analytical, communication, and presentation skills. Detail-oriented with excellent organizational and time management skills. Comfortable working across cross-functional teams and stakeholders. Strong passion for continuous learning and improvement. Understanding of the role of supply chain security in customer assurance. Work Environment Hybrid Work Model: This is a hybrid position requiring a presence in the Bangalore office a minimum of 2 days per week, with flexibility for remote work based on team and business needs.Role & responsibilities Preferred candidate profile

Required Experience: At least 15 years of experience in working in a fast-paced IT team. Work Location/Travel: Bangalore and must be available during weekends or extended hours if required for critical emergencies. Work in the office during the general shift/work from home during other shifts. Job Summary: Infra Ops Management Manage IT Ops Vendors and hardware Vendors for delivering M365 L1 Support, Network (Internet Leased Line, Firewall, Apps gateway, IDS, IPS) and Onsite desktop support. Manage IT Network Ops vendors including L0 and L1 support. Handle escalation L2/L3 support including developing policies and qualifying exceptions etc. for IIC and US teams. Manage escalation of hardware Issues with OEM vendors like Dell and HP, ensuring they deliver as per SLAs. Built and develop L0/L1 support (including availability, monitoring and change management activities) Architect and manage Infra programs, support technology requirements for delivery projects Own security reviews, vendor security questionnaires, and responses to support Presales Security management and administration of M365, Cloudflare, Proofpoint, N-Able, Fortinet alerts Development support queries on Application installation and client connectivity issues Design and implementation of policies on the Apps managed by IT. Monthly reports and exception management Hardware and software procurement and license management including development requirements on a needy basis. Supports ISO 27001 activities and development of new policies, evidence gathering, and addressing gaps. Readiness for New security compliances Fed Ramp etc., and other compliance required by our customers PCI-DSS. Assisting the development teams in adopting these during application deployment. Nable Patch Management Review Bitdefender Review Dashboards and follow up on exceptions. Review Assets registered and ensuring time and again stale assets are removed. Extract and configure customized reports as required. Review Bitdefender automated reports for exceptions Address escalated issues that cannot be resolved by IT Tech Liaise with All covered for resolution. Audit reviews for Users and devices AZURE AD Risky User Investigation Conditional access policies review and troubleshooting MFA configuration and Troubleshooting Secure score recommendations AZURE AD policies troubleshooting and investigations. AZURE AD Access Reviews and Cleanup AZURE AD Admin Audit logs review Self-service password reset flow activity progress. Reset password (self-service) Update Sts Refresh Token Valid from Timestamp Reset user password. Update user Add app role assignment grant to user When an Enterprise Application is assigned to a user. Add delegated permission grant. Change password (self-service) Change user password Security info saved for self-service password reset. User completed security info registration for self-service password reset. User started security info registration for self-service password reset. Add service principal. Add application. Delete application. Remove service principal. Update service principal Update application Certificates and secrets management Update application Add and remove the owner from application. Create an application password for the user. Redmine Access Reviews Backup Reviews Software updates Assist team with queries on Vulnerability Analysis Gather evidence required for ISO 27001 Escalated Issues on Redmine Address Backup Issues Prepare and coordinate DR and BCP Ad hoc requests from Dev teams and PMO FortiGate and Network Design as per compliance requirements say FedRAMP, PCI-DSS Vendor Liaison (basically L1) on exceptions like IDS, IPS, VPN, Firewall Issues Manage change and problem management activities. Review monthly reports and exceptions. Root cause analysis and remediations SLA reports and corrective actions Policy design and address VPN compliance Handle Escalated Issues on the Network - VPN, IDS, IPS, Security Violations and investigations regarding access to customers and/or impersonation etc. M365 Intune Import and register new laptops during onboarding. Support on shore team for Onboarding Issues Review Assets registered in Intune, and generate asset reports, compare these with asset files. Escalated support on Intune Issues and follow up with vendor and Microsoft. Escalated support on Non-Delivery of Apps during deployment Registering BYOD devices Validating policies and resolving issues that users face due to policy failures. Create and troubleshoot policies. Exchange Online Review Quarantined email and release as appropriate reactively as alerted by Users. Escalate issues of non-delivery reports and/or any emails quarantined or not delivered to users. Review and clear blocked messages from EOL Create and troubleshoot policies. Teams Troubleshoot team issues Jitter, call drops, high utilization. Review usage reports and dashboards for exceptions Review and investigate Teams logs for security issues. Change ownership of Team files as required by Managers or new owners. Resolve file-sharing queries and best practices for sharing files. Procurement Vendor Management Review and monitor SLA with HP, Dell, and hardware Partners Address escalations due to delays in service Address clarifications on warranty claims Procure New hardware or upgrade as required - Memory, SSD etc., Co-ordinate with Insurance firms and support Admin teams Hardware Planning as per business needs Review and procure software requirements. Review asset inventory and ensure asset register is updated. Assist onshore with laptop hardware procurement and configurations for 3-year support. Warranty renewal and Maintenance contracts Competency (Knowledge, Skills, and Abilities): At least 15 years of experience in working in a fast-paced IT team. Responsible for delivery of end-to-end IT requirements for internal stake holders Should have experience of managing internal and external resources working to deliver IT services. Should have hands on experience in managing vendors, negotiating deliverables and keeping costs within pre-determined budgets. Position Type: Full Time/Permanent Required Education: Bachelors degree. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Other Duties: This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required. Duties, responsibilities, and activities may change, or new ones may be assigned at any time, with or without notice.

About The Role We at Innovaccer are looking for an Security Engineer-II who will be responsible for Risk Assessment role in our Cyber Security Team for customer & internal activities including proprietary & public data. This role will encompass the use of a broad range of security domains (Security Questionnaires, Vendor Risk Assessment, Internal and External Audits, Writing Policies & Procedures etc.).This role would be a great opportunity to learn and grow as you would be exposed to multiple security domains across multiple cloud platforms at a single time. A Day in the Life Responding to RFPs & Security Questionnaires Coordinating with RFP team and Legal team on reviewing security questionnaires/exhibits, BAA/MSA queries and respond to follow-ups and customer queries Analyzing and updating existing compliance policies, procedures and related documentations Implementing privacy controls & policies Drive Vendor Risk Assessment & Risk Management programme Maintaining communication and coordinating with corporate, legal and IT teams Implement audit controls for external audits like SOC2 Type2, HiTrusHIPAA,t, ISO27701, etc. Perform third party risk assessments and work on remediation of findings Familiar with Regulations in United States HealthCare & Middle-East Coordinating with internal teams for gathering evidences and presenting it to auditor Identify control gaps/weaknesses and formulate action plans to address What You Need Understanding of different Privacy & Compliance controls of Federal & State Regulation's Bachelors degree in Information Technology, Computer Science Engineering preferred Minimum of 3-5 years of prior experience in Information Security Risk & Compliance Hands-on experience on HIPAA, SOCII, ISO27001:2022, HiTrust etc. Familiarity of compliances like GDPR, NISTSP800-53, HiTech, FedRamp, AzRamp, MARSE, etc Vendor Risk Assessment, Respond to RFPs & Legal Review of Security Exhibits Work with Corporate compliance Team for Audits Good to have CISSP/CISA or other relevant certifications Hands-on skills in Data security controls Ready to take up more responsibilities along-with existing role Understanding of Security Architecture and proficient in immediately of data security control Able to work independently, being a team player, ability to work well under pressure Familiarization with cloud like AWS, Azure & GCP Able to multi task, prioritize, and manage time effectively Collaborates effectively and communicates efficiently Readily available to work with teams and clients outside India in USA & Middle-East

About Us CCTech's mission is to transform human life by the democratization of technology. We are a well-established digital transformation company building applications in the areas of CAD, CFD, Artificial Intelligence, Machine Learning, 3D Webapps, Augmented Reality, Digital Twin, and other enterprise applications. We have two business divisions: product and consulting. simulationHub is our flagship product and the manifestation of our vision. Currently, thousands of users use our CFD app in their upfront design process. Our consulting division, with partners like Autodesk Forge, AWS, and Azure , helps Fortune 500 engineering organizations achieve digital supremacy. Job Description We are seeking an IAM Engineer (47 yrs experience) who is on the path to becoming a true specialist. You will own key portions of our identity stack—helping to architect, implement, and maintain authentication and authorization platforms and environments, while pairing closely with our Senior IAM Expert. Key Responsibilities Design and operate PingFederate and Okta-based AuthN/AuthZ solutions. Implement migration of AuthN/AuthZ flows from Okta to PingFederate. Implement PAT and SSA integrations. Configure and maintain multi-environment IDP instances, manage claim mappings, and secure secrets in vaults. Ensure compliance with FedRAMP controls (FIPS encryption, audit logging). Collaborate with SRE, DevOps, and Automation teams to integrate flows into CI/CD pipelines and smoke-test suites. Develop and maintain end-to-end test cases for authentication, authorization, MFA, and token lifecycle scenarios. Write and update runbooks, architecture diagrams, and developer-onboarding materials. Required Qualifications 4–7 years in identity management, IAM engineering, or security engineering roles. Hands-on experience with PingFederate, Okta, or equivalent enterprise IDP platforms. Solid understanding of OAuth2/OIDC protocols, SAML, and token-based authentication. Practical exposure to compliance frameworks such as FedRAMP, SOC2, or PCI-DSS. Proficiency in scripting (Python, Bash) to automate integration tests and routine tasks. Strong verbal and written communication, able to drive technical discussions and documentation. Preferred Skills Familiarity with AWS Cognito, Azure AD B2C, or similar cloud identity services. Experience implementing serverless identity extensions (e.g., Lambda triggers). Working knowledge of directory services and federation protocols. Involvement in disaster-recovery planning for identity systems. Benefits Opportunity to work with a dynamic and fast-paced IT organization. Make a real impact on the company's success by shaping a positive and engaging work culture. Work with a talented and collaborative team. Be part of a company that is passionate about making a difference through technology.

We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leader’s role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Generate compliance reports from an existing dashboard or build requirements to create a new reporting dashboard Proactively Monitor, track, and report on security compliance status across systems and processes. Analyze large datasets to identify trends, anomalies, and compliance risks. Support security audits, assessments, and certification efforts through data collection and analysis. Possess strong communication skill, collaborate with cross-functional matrix teams to drive root cause analysis, corrective actions and improvements based on data insights. Maintain and enhance compliance reporting dashboards and metrics for leadership visibility and decision making. Required education Bachelor's Degree Required technical and professional expertise Experience working with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Working with the Development teams to ensure automation of evidence collection and evidence management is always in line with compliance expectations, otherwise, identifies specific actions and owners to meet the expectations. Assisting team members in addressing highly complex security issues applicable to enterprise environment Ability to utilize project management principles to properly scope compliance work efforts by service lines, identify common areas of work, and create a measurable milestone plans across service lines to enable completion of compliance work items on time. Ability to manage multiple priority projects simultaneously under a short timeline Experience/familiar with enterprise risk management (ERM) framework, service delivery operations, software development lifecycle and be able to understand when to request and integrate risk items into compliance reporting. Experience with compliance programs such as FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, PCI, NIST, ISO, ITAR, etc. Conducting regular reviews on compliance progression of systems and hosting internal audit/assessment as required to maintain compliance certifications. Ability to translate and interpret regulatory compliance requirements into technical controls Ability to understand cloud enterprise business computing operations/requirements, and effectively communicate to service lines what is expected in order to consider a work item complete. Also, will possess good understanding of networking security including security systems such as firewalls, intrusion detection, vulnerability scanning, OS patching, health-checking Diagnosing the root cause of problems and propose solutionsExamples would be failed patches, tooling issues, false positives on system tests, authentication problems. Drive and track audit, security and compliance finding remediation to closure. Experience with enterprise configuration Management database (CMDB) or IT Asset inventory Management. Understand CMDB's structure, data quality, relationships between CIs (Configuration Items), and updates. Use the CMDB for risk, audit, and compliance analysis and reporting Proficiency in SQL, Excel (advanced levelpivot tables, macros), and ServiceNow— data analytics and visualization functionalities Ability to process large datasets, identify and handle missing data, data transformation, normalization, and data quality checks. Ability to perform data analysis to discover patterns and trends to mitigate security risks and drive business results Work with stakeholders to define key metrics and KPIs; develop dashboards and reports for business users. Collaborate with database engineers, data owners, security focal, product managers, and broader metrics teams to understand data needs. Results oriented with intense focus on achieving both short and long term goals. He/she should be able to drive and execute an agenda in a fast paced, dynamic environment. Strong project management skills with ability to design visual and appealing presentations Strong collaboration, problem-solving and critical-thinking abilities. Excellent communication skills — ability to explain technical findings to non-technical audiences. Good time management, organizational skills, and ability to prioritize tasks. Curiosity and a continuous learning mindset. A highly organized with strong attention to detail, analytical and project management skills Work independently within a team focused organization. Preferred technical and professional experience Experience or familiar with cloud service models; IaaS preferred. Project management and consulting experience is a plus Experience with process automation is a plus Experience with Linux Shell, Perl or Python is a plus

Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Supporting Data center audits focussed on Physical Security control assessments Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment

Introduction About IBM IBM is a global technology and innovation company. It is the most extensive technology and consulting employer globally, with a presence in 170 countries. The diversity and breadth of the entire IBM portfolio of research, consulting, solutions, services, systems and software, distinguishes IBM from other companies in the Industry. Over the past 100 years, a lot has changed at IBM in this new era of Cognitive Business, IBM is helping to reshape industries as diverse as healthcare, retail, banking, travel, manufacturing, and many more, by bringing together our expertise in Cloud, Analytics, Security, Mobile, and the Internet of Things. We like to say, be essential. We are changing how we craft, how we collaborate, how we analyze, how we engage. Join the next generation of innovators, inventors, and entrepreneurs who are crafting the very way the world works. We want the brightest minds doing work that encourages an environment where growth is supported. IBMers get to discover their potential, so theyre inspired to build breakthroughs that help our clients succeed. Were building teams with dynamic strengths with people who want their ideas to matter. Join us - youll be proud to call yourself an IBMer. Our Culture : IBM is committed to crafting a diverse environment and is proud to be an equal opportunity employer. You will receive consideration for employment without regard to your race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Your role and responsibilities We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leaders role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelors Degree Preferred education Bachelors Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such as: NIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk