• Lead and deliver continuous improvements to the enterprise data security, data lifecycle management, and insider risk management program • Measure program maturity and increase program effectiveness • Partner with Data Governance, Legal, HR, Privacy, and related functions to maintain consistent standards • Align with cybersecurity threat detection and operations processes • Develop and sustain a robust data loss prevention program • Grow and develop the skills of resources operating and deploying data security programs

Job Summary: DDC- IT Services is seeking a Sr. IBM z/OS Systems Administrator to join their growing team! Job Duties and Responsibilities: - Ensure that all information systems are managed, operated, and used IAW DISA STIGS and other applicable policies and procedures. - Support all ACPs (ACF2, RACF and CA TSS) utilized by the information sys-tems. - Provide access control and account provisioning for all information systems. - Use DISA approved tools to plan, conduct, review, analyze, and correct findings in support of STIG reviews SRR. - Provide audit and inspection support for the government to include providing arti-facts and evidence. - Support COOP exercises (Simulated and Table Top) exercises. - Grant and maintain access and account profiles for both individual and system re-sources. - Promptly report security violations IAW with specific security requirements for reporting incidents and violations. - Use DISA approved tools and follow policies for Change, Incident and Service Requests. Job Requirements (Education/Skills/Experience): **Must have an Active Secret clearance.** Must currently possess one of the IAT Level 2 certifications: - CCNA-Security - CSA+ - GICSP - CompTIA Security+ CE - SSCP This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation, or any other basis prohibited by law. We participate in E-Verify.

At Ensono, our Purpose is to be a relentless ally, disrupting the status quo and unleashing our clients to Do Great Things! We enable our clients to achieve key business outcomes that reshape how our world runs. As an expert technology adviser and managed service provider with cross-platform certifications, Ensono empowers our clients to keep up with continuous change and embrace innovation. We can Do Great Things because we have great Associates. The Ensono Core Values unify our diverse talents and are woven into how we do business. These five traits are the key to achieving our purpose. HONESTY, RELIABILITY, COLLABORATION, CURIOSITY, PASSION Role Summary The Senior Information Security Engineer is responsible for designing, implementing, and maintaining enterprise‑level security solutions while providing technical leadership across the organization. This role supports global cybersecurity initiatives, leads incident response activities, and ensures alignment with internal and external compliance requirements. The position requires deep technical expertise, strong communication skills, and the ability to operate effectively in a fast‑paced environment. What You Will Do: - Design, implement, and administer enterprise information security solutions. - Serve as a Tier‑3 escalation point for monitoring and responding to security incidents. - Implement controls and processes to meet internal and customer audit requirements. - Develop internal and customer‑facing security standards, policies, and procedures. - Execute incident response activities in accordance with the Ensono Incident Response Plan. - Evaluate, test, and deploy security application upgrades and patches. - Deliver consultative expertise on emerging threats, vulnerabilities, and risk mitigation strategies. - Document project plans, including timelines, milestones, and deliverables. - Mentor new and existing members of the security organization. - Provide recommendations and contribute to the development of security product roadmaps. - Partner with product owners to ensure alignment between solutions and security product offerings. We want all new Associates to succeed in their roles at Ensono. That's why we've outlined the job requirements below. To be considered for this role, it's important that you meet all Required Qualifications. If you do not meet all of the Preferred Qualifications, we still encourage you to apply.   What You Will Need: - 5 -10 years of full‑time experience in information security roles. - Experience with security deployment using Azure Cloud. - Background in Security‑as‑a‑Service (SaaS) implementations. - Strong knowledge of digital forensics or penetration testing methodologies. - Experience with file integrity monitoring solutions. - Proficiency with vulnerability scanning tools and risk evaluation processes. - Experience with password vaulting technologies for secure credential storage. - Hands‑on experience implementing and maintaining security frameworks such as PCI‑DSS, SSAE SOC1/SOC2, GDPR, HIPAA, IRS Pub 1075, NIST, and ISO 27001. - Experience conducting security incident response in large enterprise environments. - Expertise in deploying and maintaining anti‑malware technologies. - Familiarity with security auditing and forensic analysis tools. - Experience implementing SIEM platforms. Preferred Tools and Technologies MS Sentinel, Splunk, Microsoft Defender, Trend Micro, Trellix, Carbon Black, Tenable, Rapid7, Varonis, Microsoft Purview, Azure Cloud. Education and Certifications - Security certifications such as CISSP, CISA, CISM, CEH, or SANS GIAC. - Bachelor’s degree in Information Security or equivalent professional experience. Why Ensono? Ensono is a place to make better happen – for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: - Unlimited Paid Days Off - Three health plan options - 401k with company match - Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts - Family Forming Benefit including fertility coverage and adoption/surrogacy reimbursement - Paid childbearing and paternal leave - Education Reimbursement, Student Loan Assistance or 529 College Funding - Sabbatical leave - Wellness program - Flexible work schedule As of the date of this posting, a good faith estimate of the current pay scale for this role is $112,000 to $130,000 annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance [OR] a role-based, sales-incentive plan, and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action em1ployer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP’s pay transparency policy can be found on OFCCP’s website. If you need accommodation at any point during the application or interview process, please let your recruiter know or email USTalentAcquisition@ensono.com.

Role Description This position serves as the company's foremost line of defense. You will operate under the assumption that systems are constantly under threat, crafting infrastructure that is resilient, auditable, and inherently secure. You will be the most risk-aware individual in the startup — and that’s exactly what we require. While others concentrate on feature rollout, you will prioritize the security of patient data, regulatory compliance, and system integrity. If your understanding of DevOps is limited to "I occasionally execute kubectl apply," this position is likely not for you. This role is not suited for those who prioritize speed over safety or view security as an afterthought to be addressed later. At Zenara, safeguarding patient data and maintaining system integrity takes precedence over rapid deployment. You will be responsible for Zenara’s infrastructure, security posture, and compliance engineering — everything from the ground up. This includes: - CI/CD pipelines - HIPAA-compliant deployment automation - Monitoring and alerting systems - Cybersecurity measures and threat defense - Access controls - Audit logging Your role will go beyond mere maintenance. You will also develop infrastructure for our AI platform, encompassing model serving, scaling AI workloads, and supporting production AI pipelines. You will have a dual mandate: ensure the stability and security of the platform while also building the necessary infrastructure for AI at scale. This represents a unique opportunity for greenfield infrastructure engineering within a healthcare AI company with genuine compliance obligations and real users. You will devise systems from fundamental principles, make architectural choices, establish best practices to guide us through growth and compliance audits, and serve as the ultimate security gatekeeper. What You Will Own - Cybersecurity & Threat Defense: Manage threat modeling, reduce attack surfaces, oversee intrusion detection, handle vulnerability management, and plan incident responses. You will be the final reviewer for infrastructure and security risks. - CI/CD and Deployment Automation: Design and implement CI/CD pipelines for all Zenara products, establishing deployment automation, managing environments, and setting quality thresholds. - Security Posture and HIPAA Compliance: Develop and uphold a HIPAA-compliant security posture across all Zenara systems, implementing access controls, managing secrets, maintaining audit logs, and enforcing encryption standards. - Monitoring, Alerting, and Incident Response: Create monitoring and alerting capabilities to proactively identify issues, establish incident response protocols, and lead the on-call rotation. - AI Infrastructure Support: Address AI infrastructure needs, including model serving and autoscaling for AI workloads. - Cloud Infrastructure Management: Oversee cloud infrastructure (AWS/Azure), focusing on cost optimization, reliability, disaster recovery, and capacity planning. - SOC 2 Readiness: Spearhead SOC 2 Type II preparedness, implementing necessary controls and liaising with auditors. - Security Incident Response: Establish procedures, conduct regular security evaluations, and respond to incidents as they arise. Your First 90 Days - Week 1-2: Fully immerse yourself in the current infrastructure, deployment processes, and security posture. Identify significant security vulnerabilities and critical gaps. - Month 1: Set up basic monitoring and alerting systems. Outline the CI/CD roadmap and begin documenting existing systems and security protocols. - Month 2-3: Develop CI/CD pipelines for high-priority services with security gates and implement secrets management and access controls. - Ongoing: Take on full ownership of infrastructure and security, delivering reliable and secure systems. Qualifications - 5-10 years of experience in DevOps, SRE, or Platform Engineering. - A strong security mindset: detail-focused and able to express concerns when risks are too high. - Familiarity with HIPAA, SOC 2, or healthcare compliance frameworks. - Proficient in AWS or Azure with infrastructure-as-code (Terraform, Pulumi, or CloudFormation). - CI/CD pipeline design and implementation experience. - Experience in container orchestration (Kubernetes, ECS, or equivalent). - Skills in cybersecurity: threat modeling, vulnerability assessment, intrusion detection, and incident response. - Strong English communication skills. - Experience in startup or high-growth environments. Strongly Preferred - Experience in supporting ML/AI infrastructure. - Security expertise in healthcare SaaS. - Background in penetration testing or security audits. - Prior experience with SOC 2 or HITRUST certification processes. - Knowledge of observability and monitoring tools. Nice to Have - Understanding of FHIR/HL7 healthcare data standards. - Production experience with Kubernetes. - Acquainted with multi-tenant SaaS security strategies. - Exposure to mental health or behavioral health sectors. - Experience with cloud infrastructure cost optimization. - Relevant security certifications (CISSP, CEH, or equivalent). Schedule - Evening IST hours with 4–8 hours of daily overlap with US Pacific (9am–5pm PT). - Salary between ₹22–35 LPA, based on skills and responsibilities. - Fully remote work options available throughout India. - Provision for equipment allowance. - Acknowledgment of culturally significant local holidays (India). - Flexible paid leave options. - Direct and regular communication with the CEO. - Opportunity to build infrastructure and security practices from the ground up.