This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The IT Security & Compliance Analyst works collaboratively within the IT department to identify, manage and communicate security risks, implement and monitor security compliance, and respond to audits effectively. - Collaborate with the engineering departments to implement security controls from approved security frameworks and drive best IT practices. - Interface with internal partner teams to help drive best practices and compliance. - Evaluate and perform Risk Assessments of new software solutions with internal partners. - Drive deployment of new systems/solutions as needed. - Write procedure documentation for end users as needed to facilitate process improvement. - Help develop IT security training content and drive completion of required security training in collaboration with Human Resources. - Respond to complex security questionnaires, RFP/RFI requests, and client audits. - Facilitate end-to-end evidence gathering for external audits, ensuring all technical and administrative artifacts align strictly with security control requirements and regulatory frameworks. - Evaluate, identify, and remediate the risks associated with current vendors, new vendor acquisitions, and consumer data exchanges. - Perform risk oversight tasks of vendor security compliance. - Help run Internal, external and vendor related audits. - Conduct security analysis of deployed software. - Monitor for risks to the enterprise and to implemented controls. - Identify, maintain, and publish the requirements for the IT department to achieve compliance and privacy standards in SOC 2, HITRUST, FedRAMP, and other frameworks. - Work with the internal team in communicating related security notifications and IT controls within the organization while collaborating with teams and vendors on changes, remediations, and updates. - Experience with incident management Drive use cases to enable threat detection and hunting based on threat intelligence frameworks. - Experience with Agile and/or Kanban with emphasis on Scrum to drive continuous process improvement. - Perform Access Reviews. Qualifications - Experience related to duties and responsibilities. - Experience working in Governance, Risk, and Compliance. - A customer-oriented approach to problem resolution. - Experience with IT control auditing and compliance. - Working knowledge of Software Development Lifecycle concepts and processes. - Working knowledge of cloud providers with respect to IT Security & Compliance controls and practices. - General knowledge of frameworks and controls: NIST 800-53, FedRAMP, HITRUST, SOC 2, PCI, ISO 27001. - General knowledge of HIPAA and the requirements to protect PHI. - Ability to communicate concepts in a concise form to management and cross-functional teams verbally, in writing, and through pictures or diagrams when appropriate. - Excellent written, oral, instructional, presentation, and interpersonal skills focused on motivation and positive attitude. - Highly self-motivated with the ability to prioritize tasks and work independently. - Ability to work quickly and efficiently. - Desire to work at a rapidly growing organization in healthcare. - Experience working with remote users in a distributed environment. - Experience with Office 365 suite, Atlassian suite, Vanta (or other GRC tools). - Experience with any major cloud platform (AWS, Google, Azure) is preferred. Preferred Certifications - CCSK - CCAK - CISA - AWS Cloud Practitioner - SANS certificates Salary Range $125,000 — $140,000 USD Company Description Judi Health values a diverse workplace and celebrates the diversity that each employee brings to the table. We are proud to provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, medical condition, genetic information, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Type of Requisition: Pipeline Clearance Level Must Currently Possess: Secret Clearance Level Must Be Able to Obtain: Secret Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Cyber Defense, Threat Detection, Vulnerability ScanningCertifications: NoneExperience: 3 + years of related experienceUS Citizenship Required: Yes Job Description: GDIT is seeking a Cyber Security Analyst to help support the Defense Manpower Data Center (DMDC) Alternative Multi-factor Authetication Support Services (AMASS) program which is the primary authentication method for Department of War (DoW) self-service web sites. *This position is 100% remote with minimum travel possible. ​ As a Cyber Security Analyst, you will be part of a team who is responsible for providing Identity Management services for more than 11 million users across 200 partner applications which include US Active Duty, National Guard, Retirees, Veterans, DoW family members, Federal Employees and Federal Contractors. MEANINGFUL WORK AND PERSONAL IMPACT: As a Cyber Security Analyst for the AMASS, you will contribute to a fast-paced team and be responsible for ensuring the safety and security of the applications and systems for the overall mission. We are seeking a highly experienced and knowledgeable Senior Cyber Security Engineer to support our Department of War (DOW) contracts. The ideal candidate will possess extensive expertise in cybersecurity, threat detection, incident response, and compliance within federal government environments. The successful candidate will be responsible for ensuring the confidentiality, integrity, and availability of the organization's on-prem and cloud-based systems and data. WHAT YOU’LL NEED TO SUCCEED - REQUIRED: Bring your expertise along with a drive for innovation to GDIT. - Citizenship: US Citizenship required for contract - Security Clearance level: Ability to obtain a public Trust or Secret - Certification(s): Security + CE or higher - Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field is preferred. - Years’ Experience: 3+ years of experience in cybersecurity, - Technical skills: - Expertise in the development and reviewing of Authorization to Operate (ATO) packages - Expert knowledge of cyber control implementation associated with Risk Management Framework (RMF) - Experience with ACAS, HBSS, and Sonatype and Fortify scanning tools - Knowledge in creating and maintaining Cyber Plan of Action and Milestone (POA&M) reviews - Experience with security control assessments and maintaining implementation plan - Working with the DIRP team and various internal / external teams at DMDC to ensure all cyber security policies and procedures are followed and at the highest level of quality. - Understanding and knowledge with uploading and maintaining artifacts in eMASS: policies, ACAS scans, STIGs, and ESS scans - Experience analyzing compliance and vulnerability scan results and implementing appropriate mitigations - Experience performing STIG reviews and maintaining STIG checklists across multiple application areas - Extensive familiarity with creating, developing and maintaining System Security Plans - Performing Information Security Continuous Monitoring - Experience maintaining application and infrastructure Hardware/Software lists. DESIRED QUALIFICATIONS: - Security Clearance level: Secret - Certification(s): CISSP equivalent is highly desired. - Technical skills: - Knowledge of Department of Defense Cyber Security policies and procedures - Previous experience with ATO and RMF package creation - Extensive knowledge of cybersecurity policies, frameworks, and compliance standards - Strong understanding of security tools, SIEM platforms, intrusion detection/prevention systems, and incident response methodologies - Excellent analytical, problem-solving, and communication skills - Ability to work under pressure and lead complex security initiatives - Knowledge of Oracle Cloud Infrastructure (OCI) regarding migration of legacy systems to new infrastructure GDIT IS YOUR PLACE At GDIT, the mission is our purpose, and our people are at the center of everything we do. ● Growth: AI-powered career tool that identifies career steps and learning opportunities ● Support: An internal mobility team focused on helping you achieve your career goals ● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off ● Flexibility: Full-flex work week to own your priorities at work and at home. ● Community: Award-winning culture of innovation and a military-friendly workplace OWN YOUR OPPORTUNITY Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters. The likely salary range for this position is $96,569 - $130,651. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Remote Work Location: Any Location / Remote Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee’s date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. Join our Talent Community to stay up to date on our career opportunities and events atgdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Altera, a member of the N. Harris Computer Corporation family, delivers health IT solutions that support caregivers around the world. These include the Sunrise™, Paragon®, Altera TouchWorks®, Altera Opal, STAR™, HealthQuest™ and dbMotion™ solutions. At the intersection of technology and the human experience, Altera Digital Health is driving a new era of healthcare, in which innovation and expertise can elevate care delivery and inspire healthier communities across the globe. A new age in healthcare technology has just begun. Job Title: Security Analyst Location: Remote U.S.-based Role ABOUT THE ROLE We are looking for a Security Analyst to join our Corporate IT Security Team. This is a unique opportunity to make a significant impact on our growing risk program. You will help strengthen our security, maintain our ISO certification, and position Altera for future growth. In this role, you'll use your expertise in risk management, security frameworks, and compliance to support all Altera group of companies. You will communicate with diverse stakeholders, from technical teams to executive leaders. Responsibilities Risk Assessment & Analysis - Conduct risk and security assessments of applications, databases, servers, and network hardware to identify, evaluate, and prioritize risks. - Assess potential risks and vulnerabilities to establish security baselines and assist with deviation responses. - Perform risk assessments against compliance standards (HIPAA, PCI) and security frameworks (NIST, CIS, ISO 27001). - Evaluate emerging technologies to determine how they fit within our security architecture. - Review security controls before hardware or software is moved to production. - Work with business units to review vendor security and ensure compliance with all regulations and requirements. Remediation & Incident Response - Provide actionable recommendations to mitigate vulnerabilities and strengthen our security posture. - Develop and execute remediation plans for identified issues, risks, or vulnerabilities. - Analyze, assess, and track security incidents. - Develop and maintain standard procedures for responding to identified threats. - Monitor system activities and events to detect, classify, and respond quickly to threats. - Work with the information security team to support incident escalation and remediation. Governance & Strategy - Advise on security architecture for new and existing systems, ensuring alignment with best practices and company policies. - Oversee access control risk management, including auditing controls and recommending improvements. - Develop and maintain risk registers and other risk management documentation. - Monitor and report on the effectiveness of risk mitigation strategies. - Support the development and testing of disaster recovery and business continuity plans. - Develop and support the achievement of strategic security objectives. Collaboration & Awareness - Collaborate with IT teams to solve information security issues in a timely manner. - Participate in annual security audits, incident response exercises, and compliance reporting. - Oversee the security awareness program, including phishing campaigns, training, and compliance tracking. Qualifications - A Bachelor's degree in a related field or equivalent professional experience. - 5+ years of experience in IT security risk management, a security operations center (SOC), or system administration. - 3+ years of experience assessing security controls, processes, and vulnerabilities, regulatory and legal changes, and security standards that may impact the security of systems or data. - Hands-on experience with Governance, Risk, and Compliance (GRC) tools. - Experience with identity and access management for both on-premise and cloud (Azure, AWS) environments. - Excellent communication skills, with the ability to explain technical concepts to different audiences. - Ability to adapt and thrive in a dynamic work environment. - Certifications like CISSP, CRISC, or CISA are a plus. Working Arrangements - This is a fully remote position. Our company complies with all local/state regulations in regard to displaying salary ranges. If required, the salary range(s) are displayed below and are specifically for those potential hires who will perform work in or reside in the location(s) listed, if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market data, ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD, technology), for example. Salary Range $ 94000 - $ 100000 Altera is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at: HR.Recruiting@AlteraHealth.com

At Ensono, our Purpose is to be a relentless ally, disrupting the status quo and unleashing our clients to Do Great Things! We enable our clients to achieve key business outcomes that reshape how our world runs. As an expert technology adviser and managed service provider with cross-platform certifications, Ensono empowers our clients to keep up with continuous change and embrace innovation. We can Do Great Things because we have great Associates. The Ensono Core Values unify our diverse talents and are woven into how we do business. These five traits are the key to achieving our purpose: Honesty, Reliability, Curiosity, Collaboration, and Passion. About the role and what you'll be doing: As a Security Compliance Analyst Intern, you will support Ensono’s internal audit and security control framework initiatives. Your work will help us enhance our audit processes, integrate AI solutions, and maintain a strong security compliance posture. Key responsibilities include: Document the Audit Process for All Ensono Audits · Learn and document Ensono’s current audit processes, including specific test procedures and process enhancements. Identify AI Opportunities for Internal Audit · Analyze audit test procedures and collaborate with Ensono’s AI team to identify automation opportunities using AI tools and technologies. · Develop and implement AI-driven solutions to improve audit efficiency and accuracy. ESCF Review and Update with Test Procedures · Review Ensono Security Control Framework (ESCF) to ensure controls reflect the latest AI-enabled test procedures. · Update documentation to incorporate newly developed testing methods and expected outcomes. We want all new Associates to succeed in their roles at Ensono. That's why we've outlined the job requirements below. To be considered for this role, it's important that you meet all Required Qualifications. If you do not meet all of the Preferred Qualifications, we still encourage you to apply. What You Will Need: - Overall understanding of the information security domain, especially in the infrastructure managed services industry. - Familiarity with artificial intelligence principles, tools, and technologies. - Skills in prompt engineering, workflow automation using AI, and Agentic AI concepts. Bonus Qualifications - Knowledge of information security auditing processes. - Understanding of mainframe technologies. Why Ensono? Ensono is a place to make better happen – for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. As of the date of this posting, a good faith estimate of the current pay scale for this role is $20.00/hr based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. Pay transparency nondiscrimination statement/posting OFCCP’s pay transparency policy can be found on OFCCP’s website. If you need accommodation at any point during the application or interview process, please let your recruiter know or email USTalentAcquisition@ensono.com.