• We are seeking a highly capable and pragmatic Senior Product Security Analyst to safeguard our products, platforms, and customers as we scale. • This is a senior individual contributor role with clear accountability and decision-making authority, responsible for independently identifying, assessing, and driving resolution of security risks across the product lifecycle. • Reporting to the Director, Product Security, you will act as the primary application and product security owner for assigned products, partnering closely with engineering, product management, cloud, and platform teams. • You will embed application-focused security practices into design and delivery, exercise sound technical and risk judgment in release decisions, and play a key role in advancing the maturity, consistency, and resilience of our product security capabilities in a fast-growing environment. • Act as the primary application and product security partner for assigned products and services, owning end-to-end security reviews from design through release. • Lead application-focused security assessments, including architecture reviews, threat modeling, and secure design validation for APIs, microservices, and SaaS platforms. • Independently assess security risk and approve, delay, or block releases when required, escalating decisions where business urgency or customer commitments necessitate alignment. • Provide authoritative, risk-based guidance to engineering teams, helping them understand not just what needs to be fixed, but also include security and risk context. • Own vulnerability triage and prioritization for assigned products, ensuring findings are contextualized based on exploitability, exposure, and business impact. • Interpret results from application security testing activities (SAST, DAST, SCA, manual reviews), translating technical findings into actionable remediation guidance. • Monitor relevant external threats, attack techniques, and vulnerability trends, proactively assessing applicability to products and platforms. • Support investigation and remediation of product- and application-related security incidents. • Partner with engineering, platform, and cloud teams to embed secure-by-design practices into the SDLC, with a strong emphasis on application-layer controls. • Apply hands-on technical judgment to validate engineering assumptions, challenge risk decisions, and ensure security controls are implemented effectively. • Contribute to the evolution of application security standards, guardrails, and review practices that scale across multiple product teams. • Support alignment of application and product security practices with applicable frameworks such as PCI DSS and GDPR, focusing on practical security outcomes rather than checkbox compliance. • Translate internal controls into actionable engineering requirements and support evidence collection for audits and assessments as needed. • Coordinate and support penetration testing, bug bounty programs, and third-party security assessments, ensuring timely remediation and risk closure. • Build trusted, durable relationships with product, engineering, cloud, platform, and CGRC teams. • Clearly articulate security risk, trade-offs, and remediation options to both technical and non-technical stakeholders. • Contribute to the long-term maturity of the product and application security program through pattern recognition, continuous improvement, and shared learning.

• This is a remote position. • You will be responsible for assisting the IT Security team with day-to-day IT security tasks and tool monitoring. • A part of your job role will be to ensure that the company's digital assets are protected from unauthorized access. • This includes securing both cloud and on-premises infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur. • You will work with the infrastructure team to assist them with the security implementations in our IT infrastructure. • You will be responsible for assisting your team in setting security standards and maintaining computer networks while protecting the company from cyber-attacks. • You will be required to participate in security audits and help customers resolve their queries regarding the security landscape within the organization. • Other specific responsibilities include: Monitoring security access and various security tools to resolve the generated alerts. • Performing risk analysis and determining security gaps. • Assisting with cybersecurity compliance and governance. • Assist in maintaining security policies and documentation. • Analyzing security breaches to identify the root cause. • Verifying the security of third-party vendors and collaborating with them to meet security requirements.

• Investigate and respond to escalated security incidents across Microsoft cloud and on-premises environments • Perform advanced incident analysis using Microsoft Defender suite and Azure Sentinel • Conduct security assessment of Azure/Microsoft 365 configurations and implement hardening recommendations • Analyze and respond to advanced Active Directory attacks (Kerberoasting, Pass-the-Hash, Golden Ticket) • Monitor and investigate Exchange Server logs, email flow patterns, and phishing campaigns • Analyze federation security including ADFS token-based attacks and SAML token manipulation • Configure and tune WAF/firewall rule sets and investigate related security incidents • Develop network segmentation strategies and identify lateral movement attempts • Develop and maintain incident response playbooks for various attack scenarios • Coordinate incident response activities with cross-functional teams

• Provides leadership and guidance to the IAM Security team, organization and business partners on Sharp HealthCare's Identity and Access Management (IAM) and Epic Security strategy; ensuring policies and security standards are met • Responsible for the design, implementation, and maintenance of identity and access management systems, ensuring authorized individuals have appropriate access to systems and data • Efficiently and effectively, respond to IAM and Epic Security incidents, service requests, application access requests and audits • Provides leadership and support to peers as well as various other departments of the organization • Responsible for coordinating activities with multiple IT teams and Sharp departments to develop, maintain, support, and enhance Epic access and security