Role Description SecureIT is seeking a technical security consultant to drive innovation and effectiveness across our FedRAMP 3PAO assessment services. Serving as a hands-on assessor, the consultant will provide advanced technical knowledge of secure cloud architectures, networking, IAM, and encryption. - Evaluating the effectiveness of security controls implemented across cloud-based environments and enterprise systems. - Providing technical interpretation of security control applicability and system boundary scoping. - Analyzing cloud service configurations across platforms such as AWS and Azure. - Participating in briefings, technical interviews, security control walkthrough/observation meetings, and issue discussions. - Preparing clear, actionable reports, risk statements, and remediation recommendations for technical and executive audiences. - Contributing to the review of key project deliverables, ensuring clear conclusions, completeness in reporting, and alignment on high-priority security gaps. - Identifying opportunities to automate security control testing (e.g., leveraging scripts, cloud-native tools). - Staying current with emerging security threats and best practices for cloud-native architectures. Qualifications - 6+ years of experience in IT security, with at least 4 years of assessment, engineering, or demonstrated expertise in cloud security principles and best practices. - One or more relevant certifications (e.g., CISSP, CISA, Cloud+). - Hands-on familiarity with cloud-native security tools and configurations across AWS and/or Azure. - Good understanding of encryption standards, IAM, zero-trust, and PKI. - Knowledge of DevSecOps, containers (Kubernetes, Docker), and Infrastructure as Code (Terraform, CloudFormation) preferred. - Bachelor’s degree in Computer Science, Information Systems, Cybersecurity or a related discipline or equivalent years of work experience.

Role Description We’re looking for a Founding Security Engineer to build and lead our security program as we scale from Series A toward Series B. This is a hands-on role with leadership trajectory. You will work directly with our engineering and platform teams to design secure systems, lead compliance efforts, and establish the foundations of a mature security program. The person in this role is expected to grow into Head of Security as the company scales. If you enjoy building security from the ground up, working closely with engineers, and helping a company achieve enterprise-grade security posture, this role is for you. What You’ll Own - Security Architecture & Engineering - Embed security-by-design into our platform and infrastructure. - Partner with engineering to implement DevSecOps practices and automated security testing. - Conduct architecture reviews, threat modeling, and security assessments. - Implement security tooling across cloud infrastructure and CI/CD pipelines. - Compliance & Trust - Lead security certification initiatives such as ISO 27001 and SOC 2. - Own customer security questionnaires and security reviews with enterprise clients. - Develop and maintain security policies, controls, and documentation. - Security Operations - Manage vulnerability management and security patching processes. - Coordinate penetration testing and remediation programs. - Introduce automated and AI-assisted security testing tools. - Security Program Development - Establish risk management and security governance practices. - Build business continuity and disaster recovery programs aligned with ISO 22301. - Develop the foundations for a future security team. Qualifications - 5–8+ years experience in cybersecurity, security engineering, or cloud security. - Strong understanding of modern cloud security architectures (AWS/GCP/Azure). - Experience implementing or supporting ISO 27001, SOC 2, or similar frameworks. - Hands-on experience with DevOps / DevSecOps practices. - Familiarity with penetration testing, vulnerability management, and threat modeling. - Ability to work closely with engineering teams and leadership. Bonus Experience - Experience building security programs in high-growth startups. - Experience with container security, Kubernetes, and infrastructure-as-code. - Experience with red team / blue team exercises. - Familiarity with AI-driven security tools or automated pentesting platforms.

Location: Work from home (Pennsylvania) Shift: Days (United States of America) Scheduled Weekly Hours: 0 Worker Type: Intern (Fixed Term) Exemption Status: No Job Summary: Participate in experiential learning that integrates knowledge and theory learned in the classroom with practical application and skills development in a clinical or professional setting. Job Duties: - Assist with supporting the assigned area, gaining practical application experience, and expanding their knowledge and skills base. - Interns will have the opportunity to observe the workplace and gain industry knowledge, while also performing job-specific tasks to assist with operations. Work is typically performed in an office or remote environment. Accountable for satisfying all job specific obligations and complying with all organization policies and procedures. The specific statements in this profile are not intended to be all-inclusive. They represent typical elements considered necessary to successfully perform the job. Position Details: Education: High School Diploma or Equivalent (GED)- (Required) Experience: -Relevant experience* (Preferred) Certification(s) and License(s): Skills: Communication, Computer Literacy, Critical Thinking, IT Project Planning And Organization OUR PURPOSE & VALUES: Everything we do is about caring for our patients, our members, our students, our Geisinger family and our communities. - KINDNESS: We strive to treat everyone as we would hope to be treated ourselves. - EXCELLENCE: We treasure colleagues who humbly strive for excellence. - LEARNING: We share our knowledge with the best and brightest to better prepare the caregivers for tomorrow. - INNOVATION: We constantly seek new and better ways to care for our patients, our members, our community, and the nation. - SAFETY: We provide a safe environment for our patients and members and the Geisinger family. We offer healthcare benefits for full time and part time positions from day one, including vision, dental and domestic partners. Perhaps just as important, we encourage an atmosphere of collaboration, cooperation and collegiality. We know that a diverse workforce with unique experiences and backgrounds makes our team stronger. Our patients, members and community come from a wide variety of backgrounds, and it takes a diverse workforce to make better health easier for all. We are proud to be an affirmative action, equal opportunity employer and all qualified applicants will receive consideration for employment regardless to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or status as a protected veteran.

• Design, implement, and support IAM and IGA solutions using Microsoft Entra ID. • Develop and maintain PowerShell automation for lifecycle and access governance. • Collaborate with business and application teams on access models and controls. • Contribute to MFA, Entra ID integrations, and PAM initiatives. • Continuously improve IAM processes and operational maturity. • Provide guidance to junior engineers. • Work on and prioritize multiple, concurrent projects while meeting deadlines in a fast-paced environment.