You desire impactful work. You’re RGA ready RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 200 Company and listed among its World’s Most Admired Companies, we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all. Under limited supervision, this position in the Global Security Office (GSO) will require excellent analytical and problem-solving skills, with the ability to communicate complex IRM topics, solutions and capabilities to architects and stakeholders around ServiceNow Enterprise IRM Applications. The position monitors, evaluates, and makes recommendations regarding the security, privacy, and integrity of the global systems, to provide assurances that systems and data are properly safeguarded for security and privacy purposes, utilizing a strong understanding of GRC foundations/best practices/principles for Policy, Compliance, Risk, Audit, Regulatory Change Management, Risk/Advance Risk, Advance Audit(Enterprise IRM Applications), CMDB fundamentals, and Entities. Principle Duties - Work with functional and technical requirements to design and implement work within ServiceNow Enterprise IRM Applications. - Support and maintain ongoing processes, for Enterprise IRM Applications. scope, product, and operational changes/maintenance. - Support, validate requirements to developers and deployment including user acceptance testing and agile testing- assuring alignment between stories and stakeholders and take processes into features/requirements for implementations. - Understands and works with ServiceNow architectural requirements and dependencies - Collaborate with compliance, security and technology professionals on projects related to compliance with global data protection laws. - Facilitates incoming audits and assessments, coordinating discussions with appropriate owners and business stakeholders, and follows up on any remediation activities identified to meet associated due dates to ensure timely completion. - Participates in the development of policies, standards, controls, procedures, and security audits and assessments. - The scope of routine activities and tasks in this role will be in support of one or more functional areas, the department or division. - Performs other duties as assigned Education - Bachelor’s Degree in Arts/Sciences (BA/BS) or equivalent experience - Required - ServiceNow Certification as GRC Admin or GRC/IRM implementation analyst, OR ServiceNow University GRC: Integrated Risk Management (IRM) Implementer - Required - Master’s degree in Arts/Sciences (MA/MS) or professional industry certification - Preferred Work Experience, Skills, and Abilities Required - 4+ years' relevant experience in IT security, privacy, audit, controls and regulatory compliance, or related experience. - Deep understanding of ServiceNow platform and its capabilities, dependencies with proficiency in ServiceNow administration and development and architectural requirements with experience in Versions of Xanadu or Yokohama - ServiceNow GRC framework and process administration (Regulatory Change Management a plus) - General knowledge of business and technology operations; ability to work well within a team setting and maintain a high level of confidentiality - Intermediate knowledge of global standards and regulations regarding security, privacy, and fraud. - Demonstrated ability to learn and stay current on data privacy, data security, and fraud threats and vulnerabilities. - Intermediate organizational, planning and task management skills with high attention to detail; ability to adjust to changing priorities and work under tight timelines - Investigative, analytical and problem-solving skills; ability to set goals, communicate expected outcomes and liaise with individuals across a variety of functions and levels - Excellent customer service skills; ability to balance multiple priorities, deadlines and deliverables while maintaining a positive attitude - Intermediate oral and written communication skills; ability to convey information in a clear and concise manner and provide regular proactive updates to team members, key stakeholders, and mid-level management - Quick to adapt to new methods; ability to be flexible when needed, take initiative and demonstrate accountability Preferred - Insurance/Reinsurance industry experience or certifications - Information security, privacy, compliance, risk or audit professional certifications, such as: SSCP, CIPP, CISA and Security+ - Intermediate understanding of domestic and global security & privacy regulations Technical Skills Required - ServiceNow Expertise as GRC Admin or GRC/IRM implementation analyst OR ServiceNow University GRC: Integrated Risk Management (IRM) Implementer - Strong understanding of GRC Lifecycles management (Policy, Controls, Audit, Risk, Regulatory Change Management, Advance Risk and Advance Audit) - Strong understanding of Reporting, Dashboards, and workspace within ServiceNow - Understanding of Regulatory tool integrations with ServiceNow - Strong understanding of Entities/CMDB within ServiceNow - Microsoft Office application experience (Excel, Word, Visio, Teams, SharePoint) - Familiarity with IT and security systems - Knowledge of applicable regulations such as Sarbanes-Oxley, DORA, NY DFS, GLBA, GDPR etc. Preferred - IT Control Frameworks including NIST CSF/P, NIST AI, COBIT, ITIL, ISO 27001/27002, CIS, etc. - Knowledge of risk assessment methods - Information security, privacy, compliance, risk or audit professional certifications, such as: SSCP and Security+ - Experience reviewing SOC1 and SOC2 attestations - Project management skills/experience - Power-BI Experience for reporting, queries and creating dashboards #LI-CW1 #LI-Remote What you can expect from RGA: - Gain valuable knowledge from and experience with diverse, caring colleagues around the world. - Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought. - Join the bright and creative minds of RGA, and experience vast, endless career potential. We’re excited to get to know you and connect your unique skills with our global opportunities. To create a modern and seamless experience, we use artificial intelligence (AI) in parts of our preliminary screening process. This technology helps us personalize job recommendations, automate interview scheduling, evaluate candidates based solely on experience—without considering name, gender, or other personal details—and provide real-time answers through our chatbot. AI is used only during early screening and never makes hiring decisions. Your RGA recruiter will work closely with you every step of the way to ensure the process feels personal, thoughtful, and focused on you. Compensation Range: $89,310.00 - $134,870.00 Annual Base pay varies depending on job-related knowledge, skills, experience and market location. In addition, RGA provides an annual bonus plan that includes all roles and some positions are eligible for participation in our long-term equity incentive plan. RGA also maintains a full range of health, retirement, and other employee benefits. RGA is an equal opportunity employer. Qualified applicants will be considered without regard to race, color, age, gender identity or expression, sex, disability, veteran status, religion, national origin, or any other characteristic protected by applicable equal employment opportunity laws.

• Guidehouse is seeking an IT Audit & Compliance professional to help our client at a large federal agency pursue and maintain compliance with federal cybersecurity frameworks. • This role focuses on audit preparation and coordination. • Coordinate internal and external audit activities across federal information systems, ensuring teams, schedules, evidence, and documentation remain audit‑ready. • Prepare, maintain, and organize assessor‑ready artifacts including SSPs, control narratives, SOPs, POA&Ms, continuous monitoring reports, and structured evidence packages. • Interpret and apply requirements from federal cybersecurity and audit frameworks. • Support audit readiness activities by coordinating evidence collection with engineering, ISSO/ISSM, infrastructure, cloud, and application teams. • Track audit findings, maintain POA&M items, and facilitate remediation progress across technical and business teams. • Translate technical implementations into clear, assessor‑ready documentation through strong technical writing and stakeholder coordination.

• Maintain SIEM solutions (Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) in cloud environments (AWS, Azure, GCP) to support FedRAMP continuous monitoring requirements • Maintain and support SIEM platforms (Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) in AWS, Azure, and GCP environments to support continuous monitoring and compliance requirements • Manage and maintain log collection infrastructure including forwarders, collectors, and ingestion pipelines across hybrid environments • Support SIEM performance tuning, storage management, retention settings, and licensing optimization under established operational guidelines • Implement and maintain log retention and audit configurations aligned with FedRAMP and other compliance framework requirements • Develop, tune, and maintain detection rules, correlation searches, and alerting logic to identify security events • Create and maintain custom parsers and field extractions for complex or proprietary log sources • Reduce false positives through ongoing rule tuning, baseline analysis, and detection improvement efforts • Participate in peer reviews of detection rules and SIEM configuration changes • Monitor SIEM alerts and investigate security events to support incident response and threat hunting activities • Contribute to development and maintenance of detection and response playbooks and operational procedures • Support troubleshooting of SIEM ingestion, parsing, and performance issues • Work with infrastructure and application teams to onboard new log sources and improve security visibility • Collect and organize SIEM control evidence and artifacts for audits and 3PAO assessment activities • Ensure SIEM configurations support required controls such as audit review, log integrity, and time synchronization • Create and maintain SIEM architecture, detection, and operational documentation and runbooks • Provide technical support during client reviews and operational meetings as assigned • Share knowledge and provide guidance to junior team members • Contribute to process improvement and automation initiatives within SIEM and detection workflows

CTG is seeking to fill an AWS WAF Security Engineer position for our client. Location: Remote (Preferred in Atlanta, GA)Duration: 8 months Duties:• Design, implement, and manage AWS Web Application Firewall (WAF) solutions to protect web applications from threats such as SQL injection, cross-site scripting (XSS), and distributed denial-of-service (DDoS) attacks• Configure, optimize, and maintain WAF rules, including rate-based rules and managed rule sets aligned with organizational security policies• Integrate AWS WAF with services such as CloudFront, Application Load Balancer (ALB), and API Gateway for comprehensive protection• Perform regular vulnerability assessments and update WAF configurations to address emerging threats• Collaborate with DevOps, cloud engineering, and development teams to incorporate security best practices into the SDLC• Monitor, analyze, and respond to WAF-related security incidents and alerts• Develop and maintain documentation for WAF configurations, policies, and procedures• Provide training and guidance to internal teams on AWS WAF and application security Skills:• Hands-on experience with AWS WAF, AWS Firewall Manager, AWS Shield, and bot mitigation tools• Strong understanding of OWASP Top 10 vulnerabilities and web application security principles• Experience integrating WAF with CloudFront, ALB, and API Gateway• Proficiency in scripting languages such as Python, Bash, or Terraform• Experience with infrastructure-as-code (IaC) and CI/CD pipelines• Familiarity with monitoring and logging tools such as Splunk, ServiceNow, or Wiz• Knowledge of network security protocols including HTTPS, SSL/TLS, and DNS• Strong analytical, troubleshooting, and problem-solving skills Experience:• Mid-Level to Senior level experience in AWS security engineering or cloud security roles• Proven experience managing and configuring AWS WAF in enterprise environments• Experience with incident response and threat mitigation in AWS/cloud environments• Exposure to multi-cloud or hybrid cloud environments preferred• Experience with other WAF technologies such as Fortinet, Imperva, or Akamai is a plus Education:• Bachelor’s degree in Computer Science, Information Technology, or related field, or equivalent experience• AWS certifications such as AWS Certified Security – Specialty or AWS Certified Solutions Architect preferred Excellent verbal and written English communication skills and the ability to interact professionally with a diverse group are required. CTG does not accept unsolicited resumes from headhunters, recruitment agencies, or fee based recruitment services for this role. To Apply:To be considered, please apply directly to this requisition using the link provided. For additional information, please contact Malti Jha at Malti.Jha@ctg.com. Kindly forward this to any other interested parties. Thank you! The expected base salary for this position ranges from $50.00 to $60.00/hour. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, market factors, and where applicable, licensure or certifications obtained. In addition to salary, a competitive benefit package is also offered. About CTG CTG, a Cegeka company, delivers IT and business solutions that enhance clients’ digital agility, empowering them to seize new opportunities and overcome any challenge. Backed by more than 60 years’ experience and a commitment to being a reliable, results-driven partner, we work shoulder to shoulder with clients to shape digital together. Our vision is to be an indispensable partner to our clients and the preferred career destination for digital and technology experts. With more than 9,000 team members in over 15 countries, we combine global expertise with local insight to deliver innovative solutions. We operate across the Americas, Europe, and India, working with over 3,000 clients in many of today's highest-growth industries. Together, we shape what’s next—working shoulder to shoulder to deliver impactful solutions for our clients and society. Our culture is built by the people who work at CTG, the values we hold, and the actions we take. It's a living, breathing thing that is renewed every day through the ways we engage with each other, our clients, and our communities. At CTG, you’ll find a workplace where you are encouraged to grow, supported in your ambitions, and empowered to shape your own career journey. For more information, visit www.ctg.com. CTG will consider for employment all qualified applicants including those with criminal histories in a manner consistent with the requirements of all applicable local, state, and federal laws. CTG is an Equal Opportunity Employer. CTG will assure equal opportunity and consideration to all applicants and employees in recruitment, selection, placement, training, benefits, compensation, promotion, transfer, and release of individuals without regard to race, creed, religion, color, national origin, sex, sexual orientation, gender identity and gender expression, age, disability, marital or veteran status, citizenship status, or any other discriminatory factors as required by law. CTG is fully committed to promoting employment opportunities for members of protected classes.