Job Description: Job Summary The Senior Staff AI Security Architect defines and advances the enterprise security architecture for AI, generative AI, and agentic AI. Partnering with Security, Architecture, Data, Product, Legal, Risk, and Compliance teams, this role enables secure and responsible adoption of AI technologies. Setting security-by-design standards, governing AI risk across the model lifecycle, and serving as the enterprise authority for AI threat modeling and control design, this architect shapes how the organization approaches AI security at scale. Key Responsibilities - AI Security Architecture & Strategy: Own enterprise AI security architecture across Generative AI platforms, AI agents, ML pipelines, and the full model lifecycle (data ingestion, training/fine-tuning, deployment, monitoring), including internal and third-party foundation models. Establish security reference architectures, patterns, and guardrails for prioritized AI use cases. Maintain the AI security roadmap and lead architecture/security design reviews; document decisions, exceptions, and compensating controls. - AI Threat Modeling & Risk Management: Lead AI threat modeling and abuse-case analysis (e.g., prompt injection, data poisoning, model extraction, hallucination abuse, agent misuse). Define and validate controls for AI risks (misuse/abuse, data leakage/privacy, unauthorized agent actions, supply chain/provenance). Operationalize AI security testing (red-teaming/adversarial testing). Partner with IR/SOC on AI-specific detection and response playbooks. Embed AI risk into Enterprise Risk Management (ERM) processes. - Secure AI Platform Enablement: Architect secure AI platform implementations (agent frameworks, orchestration layers, vector databases/embeddings, model APIs/inference gateways). Define identity, access, and authorization for humans and AI agents; ensure integration with IAM, secrets management, logging/monitoring, and SOC workflows. Establish secure RAG patterns (classification, grounding, filtering, tenant isolation, least-privilege retrieval) and agent guardrails (tool allowlists, scoped credentials, approvals, rate limits, sandboxing). - Governance, Standards & Compliance: Establish AI security policies, standards, and control requirements aligned to relevant frameworks and regulations (e.g., NIST AI RMF, ISO/IEC 27001/23894, SOC 2, SOX, GLBA, GDPR). Support security/architecture reviews and control validations for AI initiatives. Perform third-party/vendor risk assessments for AI services and models (data retention, model provenance, SLAs, security attestations). - Secure Development Lifecycle (AI-SDLC): Embed security into the AI/ML lifecycle (secure data sourcing/labeling, training/tuning, evaluation/red-teaming/validation, post-production monitoring/drift detection). Define requirements for transparency, explainability, and human-in-the-loop controls. Set MLOps/LLMOps security requirements (registry governance, signed artifacts, provenance, environment promotion/rollback). Automate controls via CI/CD and policy-as-code. - Leadership & Influence: Advise executive leaders on AI security strategy and risk posture. Influence decisions across product, platform, and business teams. Mentor architects, engineers, and security teams on AI security best practices. Represent the organization in vendor engagements, assessments, and relevant industry forums. Minimum Qualifications - 10+ years in security architecture (cloud, platform, or application security), including 5+ years designing enterprise architectures in regulated environments - Expertise in cloud and Zero Trust security, including IAM, API security, and service-to-service authentication - Working knowledge of AI/ML systems (LLMs, agents, orchestration layers, ML pipelines) and common Generative AI architectures (e.g., RAG, vector databases) - Proven ability to lead security architecture across complex, cross-functional initiatives and influence senior stakeholders - DevSecOps/MLOps security experience, including CI/CD control integration, container/Kubernetes security, and security telemetry/SIEM integration - Strong fundamentals in cryptography, key management (KMS/HSM), and secrets management - Application security background (secure coding, threat modeling, OWASP Top 10) and ability to guide engineering teams on remediation - Familiarity with AI risk frameworks (e.g., NIST AI RMF, OWASP Top 10 for LLMs) and privacy/data governance considerations for AI - Experience in highly regulated industries (financial services, insurance, healthcare, or similar) Preferred Qualifications - Bachelor’s or master’s degree in computer science, Engineering, or related field. - Advanced security architecture certifications (e.g., CISSP-ISSAP, GIAC) - LLM/Generative AI security experience (e.g., OWASP Top 10 for LLM Apps, MITRE ATLAS) and hands-on guardrail implementation - LLMOps security tooling and practices (model registry governance, artifact signing/provenance, evaluation pipelines, drift monitoring) - Infrastructure/policy-as-code and automated security gates in CI/CD - Generative AI data protection (DLP, sensitive-data detection, masking/tokenization, content governance) - Led AI security assessments and red-/purple-team exercises for production AI systems - AI governance/risk program experience (model inventory, risk tiering, control mapping, exception management, audit evidence) Competencies - Customer Service: Consistently provides responsive, high-quality service to internal customers - Attention to Detail: Ensures thorough, accurate work by monitoring and checking information; plans time and resources effectively - Analytical Skills: Collects and analyzes data; designs workflows and procedures; identifies relationships and dependencies - Communications: Demonstrates strong listening and comprehension; communicates clearly in writing and verbally; keeps stakeholders appropriately informed - Problem Solving: Identifies issues quickly; evaluates options and drives practical resolutions - Relationship Management: Builds credibility and productive partnerships through professional, service-oriented interactions - Teamwork: Collaborates effectively; supports team goals; remains objective and open to others' views Supervisory Responsibilities: No Base Salary Range - $175,000-$200,000 For over 175 years, Penn Mutual has empowered individuals, families and businesses on the journey to achieve their financial goals. Through our partnership with Financial Professionals across the U.S., we help instill the confidence and reliability that comes from a stronger financial future. Penn Mutual and its affiliates offer a comprehensive suite of competitive products and services to meet the unique needs of Financial Professionals and their clients, including life insurance, annuities, wealth management and institutional asset management. To learn more, including current financial strength ratings, visit www.pennmutual.com. Penn Mutual is committed to Equal Employment Opportunity (EEO). We provide employment and advancement opportunities to all qualified applicants and associates, according to applicable laws. This is reflected in our practices for hiring, placement, promotion, transfer, demotion, layoff, termination, recruitment, compensation, selection or training, and all other terms and conditions of employment. All employment-related decisions and practices are free from unlawful discrimination. This includes: race, creed, color, national origin, ancestry, citizenship age, gender (including pregnancy), sexual orientation, gender identity or expression, domestic partnership or civil union status, marital status, genetic information, disability, religious observance or practice, liability, veteran status or any other classification protected under applicable law.

Role Description Students are given the opportunity to grow personally and professionally while building their resume through practical work experience with a Fortune 500 Company. The cybersecurity co-op position is a year-round, fully remote position. Long-term availability is preferred (at least 1 full year). Position hours are flexible within Monday – Friday 7:00am – 7:00pm; part time (15-28 hours per week). No travel required for position. The Cybersecurity Co-Op participants will learn key technical and business principles while gaining exposure to multiple areas within the cybersecurity landscape. Candidates for this position must be flexible and adaptable in learning and understanding new technologies. The candidate must also be interested in working with customers to learn how to build and formulate business requirements. Additionally, candidates must be able to: - Work in a team-oriented, collaborative environment or independently as business needs dictate. - Multi-task and handle diverse/complex problems. Job duties include contact with other employees and access to confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships. Qualifications - Flexible and adaptable in learning and understanding new technologies. - Interested in working with customers to build and formulate business requirements. Requirements - Ability to work in a team-oriented, collaborative environment or independently as business needs dictate. - Ability to multi-task and handle diverse/complex problems. Benefits - Rewards, benefits, and flexibility to enhance health and well-being. - Opportunities to learn, develop new skills, and grow contributions. - Inclusive team and commitment to communities. For a general description of benefits offered, please visit http://www.myswbenefits.com/ . Click on “Candidates” to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee. Company Description At Sherwin-Williams, our purpose is to inspire and improve the world by coloring and protecting what matters. Our paints, coatings, and innovative solutions make the places and spaces in our world brighter and stronger. Your skills, talent, and passion make it possible to live this purpose, and for customers and our business to achieve great results. Sherwin-Williams is a place that takes its stability, growth, and momentum and translates it to possibility for our people. Our people are behind the strength of our success, and we invest and support you in: - Life … with rewards, benefits, and the flexibility to enhance your health and well-being. - Career … with opportunities to learn, develop new skills, and grow your contribution. - Connection … with an inclusive team and commitment to our own and broader communities. It's all here for you... let's Create Your Possible.

• Monitoreo y triage inicial de alertas de seguridad. • Análisis básico de eventos y evaluación de registros bajo supervisión. • Apoyo en la identificación, registro y seguimiento de vulnerabilidades. • Ejecución de controles operativos de seguridad definidos por el área. • Documentación de incidentes, hallazgos y actividades de seguridad. • Escalamiento oportuno de eventos relevantes al equipo senior. • Participación en iniciativas de fortalecimiento de la postura de seguridad.

Role Description This role is a hands-on Windows Endpoint Security Specialist supporting a Cisco ISE team, focused on endpoint compliance, posture validation, and automated remediation. - Develop, test, and maintain advanced PowerShell scripts to automate endpoint compliance validation, data collection, and reporting aligned with security and DISA STIG requirements. - Design and implement automated remediation scripts to restore non-compliant endpoints to required baselines, including STIG configurations and endpoint security agent health. - Deploy and manage remediation solutions through Cisco Secure Client to support automated compliance enforcement. - Collaborate with Cisco ISE engineers to implement, optimize, and troubleshoot posture assessment workflows and NAC policy enforcement. - Investigate and resolve endpoint-side issues impacting network access compliance and client provisioning. - Correlate vulnerability scan results with endpoint configuration gaps to drive remediation efforts. - Validate and monitor patch management systems (WSUS, SCCM, Intune) to ensure endpoint update compliance. - Support endpoint certificate management and PKI-related requirements as needed. - This position is designed to be flexible, with responsibilities evolving to meet business needs and enable individual growth. Qualifications - Must be able to obtain Secret security clearance. - Advanced PowerShell scripting for automated compliance checks (registry, services, file permissions). - PowerShell scripting for automated remediation of non-compliant endpoint configurations and STIG settings. - Ability to create scripts for data gathering and compliance status reporting. - Deep knowledge of Windows endpoint internals and endpoint security tooling. - Strong EPP/EDR experience, including validating agent install status, service health, versioning, and signature/definition updates. - Experience configuring and auditing host-based firewalls (Windows Defender Firewall). - Understanding of data-at-rest encryption and verification methods (e.g., BitLocker). - Familiarity with application whitelisting/application control concepts and enforcement. - Ability to interpret vulnerability scan results and correlate them with endpoint configuration and STIG findings. - Practical experience auditing and implementing DISA STIG requirements for Windows endpoints. - Proficiency with Cisco ISE posture assessment and policy configuration for endpoint compliance. - Ability to integrate endpoints with ISE for posture/NAC and troubleshoot posture/client provisioning issues. - Understanding of patch management processes and validating patching agent health (WSUS, SCCM, Intune). - Working knowledge of PKI/certificate management on endpoints, including trusted root certificates. Preferred Qualifications - B.A or B.S. in a degree such as Computer Science, Information Systems or Information Technology or 7 years related experience. - Experience working in a DoD healthcare IT environment. Benefits - 401(k) with 100% company match on the first 6% deferred, with immediate vesting. - Comprehensive medical, dental, and vision coverage—employee portion paid 100% by Core4ce. - Unlimited access to training and certifications, with no pre-set cap on eligible professional development. - Tuition assistance for job-related degrees and courses. - Paid parental leave, PTO that grows with tenure, and generous holiday schedules. - Got a big idea? At Core4ce, The Forge gives every employee the chance to propose bold innovations and help bring them to life with internal backing. - Join us to build a career that matters—supported by a company that invests in you.