The Opportunity: We are seeking an experienced and highly motivated Information Security Analyst to join our security team. This role will be critical in protecting our digital assets, detecting and responding to security incidents, and ensuring the continuous improvement of our security posture. You will work proactively to identify security risks, develop, and implement security frameworks, and ensure the integrity and confidentiality of our IT systems and data. The successful candidate will be responsible for all KPIs related to cyber security. You will be expected to coordinate implementation of all information security related processes in conjunction with others at Rainforest Alliance. You will also be handling and coordinating task/activities by firms/individuals contracted to provide information security services, working to ensure peers, senior and junior colleagues deliver necessary environment improvements effectively and expediently. The ideal candidate will have a strong technical background and confirmed hands-on experience in securing Microsoft cloud environments (Azure, Entra ID, Microsoft 365, Purview, Defender Suite), implementing endpoint hardening strategies, and using advanced security tools. Key Responsibilities: Security Operations & Incident Response: - Participate in security incident response activities, including investigation, containment, eradication, recovery, and post-incident analysis. - Monitor security alerts from various sources (SIEM, EDR, cloud logs) and respond to security incidents in a timely manner. - Develop and maintain security documentation, including procedures, runbooks, and incident response plans. - Conduct vulnerability assessments and assist in penetration testing remediation efforts. Security Awareness & Training: - Contribute to the development and delivery of security awareness training for employees, acting as a domain authority for security best practices. Collaboration: - Work closely with all IT teams, Enterprise Architecture, PMO and other stakeholders to ensure security is integrated into all aspects of our infrastructure and applications at the design and requirements stage. - Through reporting, monitoring and alerting, find opportunities for automation and improvement of RA security posture, including exception handling of threat alerts, patches, system and software vulnerabilities. Reporting: - Creation of weekly and monthly reporting packs, demonstrating rolling position on vulnerabilities, threats, progress against plan on key security initiatives. Risk Management: - Conduct risk assessments and participate in security design reviews to ensure appropriate mitigations are in place for new services and system changes (shifting security left). Azure Security: - Administer and configure Azure security services (e.g., Azure Security Centre/Defender for Cloud, Defender for Endpoint, Azure Network Security Groups, Azure Key Vault, Azure Firewall etc). - Monitor Azure environments for security threats, vulnerabilities, and misconfigurations. - Implement and make sure security best practices within Azure IaaS and PaaS deployments, audit Azure resources for compliance. Entra ID (Azure AD) Security: - Lead and secure Entra ID (Azure Active Directory) including Conditional Access Policies, Multi-Factor Authentication (MFA), Identity Governance, and Privileged Identity Management (PIM). - Monitor Entra ID for suspicious activity and unauthorised access attempts. - Implement Zero Trust principles, ensuring least privilege access, secure authentication flows, and continuous risk-based conditional access. Microsoft 365 Administration & Security: - Secure Microsoft 365 services (Exchange Online, SharePoint Online, OneDrive, Teams, etc.), looking after user access, data governance, and threat protection within the Microsoft 365 ecosystem. - Configure and optimise Microsoft 365 security features (e.g., Defender for Office 365, Data Loss Prevention (DLP), Microsoft Purview + compliance policies). Endpoint Hardening: - Develop, implement, and maintain security baselines and hardening standards for endpoints (Windows, macOS, Linux). - Configure and handle Microsoft Entra Domain Services based Group Policies (GPOs) and equivalent Mobile Device Management (MDM) solutions for security settings. - Ensure secure configuration and patch management across all endpoints. - Report on exceptions to relevant Team Managers and ensure mitigation is undertaken, through regular engagement. XDR: - Administer, configure, and optimise RA’s XDR service, currently Crowdstrike Falcon but planned for migration to Microsoft Defender XDR. - Monitor alerts and dashboards for endpoint security incidents and threats, perform threat hunting and incident response activities using CrowdStrike data. - Develop and refine custom detections and response playbooks within CrowdStrike. Vulnerability Scanning: - Identify and prioritise remediation of CVE-aligned vulnerabilities - Provide reporting to IT leadership on progress against remediation targets - Notify IT teams of emerging high/critical vulnerabilities and coordinate remediation planning - Devise reporting dashboards for senior IT leadership Required Qualifications: - Minimum of 3 years of hands-on experience in an information security role. - Proven working experience and deep understanding of Azure security services and best practices. - Extensive hands-on experience with Entra ID (Azure Active Directory) and Microsoft 365 security administration. - Demonstrable experience with endpoint hardening methodologies and implementation. - Hands-on administration and operational experience with CrowdStrike Falcon platform. - Experience with security incident response and threat hunting. - Solid understanding of networking concepts. - Familiarity with security frameworks (e.g., Cyber Essentials, NIST, ISO 27001). - Excellent analytical, problem-solving, and communication skills. - Ability to work independently and as part of a team in a fast-paced environment. Preferred Qualifications: - Relevant security certifications (e.g., AZ-500 Microsoft Certified: Azure Security Engineer Associate, SC-200 Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CISSP, GIAC certifications). - Experience with scripting languages (e.g., PowerShell, Python) for automation and security tasks. - Knowledge of cloud security posture management (CSPM) tools. - Demonstrable experience with other EDR/XDR solutions. - Understanding of regulatory and technical compliance requirements (e.g., GDPR, HIPAA, PCI DSS, CIS, NIST, ISO27001). Deadline: 01 May 2026 Salary: Commensurate with experience Notes: Only candidates legally authorized to work in either Costa Rica, Colombia, Peru, Guatemala, Mexico or Brazil will be considered. If you have any questions about the job vacancy, please contact the HR department: recruitment@ra.org The Rainforest Alliance encourages diversity and inclusion across the global organization. With this commitment to diversity, we are proud to be an equal opportunity employer and do not discriminate on the basis of gender, race, color, ethnicity, religion, sexual orientation, gender identity, ages, disability and any other protected group.

Current Employees: If you are a current Staff, Faculty or Temporary employee at the University of Miami, please click here to log in to Workday to use the internal application process. To learn how to apply for a faculty or staff position, please review this tip sheet. The University of Miami Health System (“UHealth”) IT Department has an exciting opportunity for a full-time Epic Analyst, Security. The Epic Analyst, Security assists Associate Epic Analysts on the team and collaborates with key stakeholders, end-users, and application team members to optimize the application’s configuration, function, and access. The Epic Analyst, Security facilitates day-to-day application support and resolving application issues and provides day-to-day application support and resolving application issues. Core Responsibilities: - Serves as a support contact for application end‐users. Identifies issues and works to resolve them. - Designs, develops, implements, and maintains the application. - Supports all phases of testing and document workflow design. - Performs the analysis of information technology in clinical work processes and validates the impacts to the workflow. - Provides day-to-day application support, evaluates and resolves service tickets, implements requested application changes, and retrieves requested data promptly. - Collaborates with trainers on application changes and new features to develop documentation and training strategies. - Assists with analyzing the impact of information technology in clinical work processes. - Participates in on-call rotations and support. - Attends and participates in applicable committees. - Maintains regular communication with team members and participates in weekly project team meetings. - Reviews the status of projects and issues on an ongoing basis with leadership. - Travel to the job site during go-lives, conferences, rounding, and/or senior leadership meetings. - Becomes knowledgeable about UHealth’s policies, procedures, and business operations. - Adheres to University and unit-level policies and procedures and safeguards University assets. Department Specific Functions: As an Epic Analyst – Security, you will report to the Senior Manager and will be responsible for: - Providing oversight and leadership to Associate Epic Analysts on the team - Configuring and maintaining security functions, access, and user records within various Epic applications - Monitoring, responding, and reporting to security alerts, incidents, and breaches - Conducting internal audits and risk assessments to identify potential vulnerabilities - Work with application and compliance teams to design system‐level access - Create and maintain procedures to activate, deactivate, and update user records - Assign application security levels and roles and establish ownership of each particular security class - Coordinate security‐related activities across physical (buildings, grounds), infrastructure (network, servers, operating system), and application (Epic or non‐Epic) teams - Identify trends and patterns in design of security, recommend and administer security improvements, and maintain security measures to protect patient data - Perform periodic risk reviews and internal audits to identify potential vulnerabilities - Monitor, report, and respond to any security alerts, incidents, and breaches - Stay up-to-date with the latest security trends and technologies - Participate in on-call rotations and support - Travel to the job site during go-lives, conferences, rounding, and/or senior leadership meetings. - Maintain regular communication with team members and participate weekly project team meetings - Review the status of projects and issues on an ongoing basis with leadership - Become knowledgeable about UHealth’s policies, procedures, and business operations This list of duties and responsibilities is not intended to be all-inclusive and may be expanded to include other duties or responsibilities as necessary. MINUMUM QUALIFICATIONS: - Bachelor’s degree in relevant field - Epic Certification - Minimum 3 years of relevant experience, preferably in application security or network security - Understanding of Epic’s security infrastructure preferred - Understanding of concepts of confidentiality and data security preferred - Ability to communicate effectively in both oral and written form. - Ability to maintain effective interpersonal relationships. - Ability to recognize, analyze, and solve a variety of problems. - Ability to lead, motivate, develop and train others. - Proficiency in computer software (i.e. Microsoft Office). - Commitment to the University’s core values. Any appropriate combination of relevant education, experience and/or certifications may be considered. The University of Miami offers competitive salaries and a comprehensive benefits package including medical, dental, tuition remission and more. UHealth-University of Miami Health System, South Florida's only university-based health system, provides leading-edge patient care powered by the ground breaking research and medical education at the Miller School of Medicine. As an academic medical center, we are proud to serve South Florida, Latin America and the Caribbean. Our physicians represent more than 100 specialties and sub-specialties, and have more than one million patient encounters each year. Our tradition of excellence has earned worldwide recognition for outstanding teaching, research and patient care. We're the challenge you've been looking for. The University of Miami is an Equal Opportunity Employer. Applicants and employees are protected from discrimination based on certain categories protected by Federal law. Job Status: Full time Employee Type: Staff

FBS – Farmer Business Services is part of Farmers operations with the purpose of building a global approach to identifying, recruiting, hiring, and retaining top talent. By combining international reach with US expertise, we build diverse and high-performing teams that are equipped to thrive in today’s competitive marketplace. We believe that the foundation of every successful business lies in having the right people with the right skills. That is where we come in—helping Farmers build a winning team that delivers consistent and sustainable results. Since we don’t have a local legal entity, we’ve partnered with Capgemini, which acts as the Employer of Record. Capgemini is responsible for managing local payroll and benefits. What to expect on your journey with us: - A solid and innovative company with a strong market presence - A dynamic, diverse, and multicultural work environment - Leaders with deep market knowledge and strategic vision - Continuous learning and development

Make a difference here. UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. A future cyber security expert! You're passionate about security and ready to dive in, using your growing technical skills to help protect client data and infrastructure from threats. Day-to-day, you’ll focus on monitoring, initial investigation, and following established procedures, while leveraging the expertise of your team to solve problems and learn new things. We are seeking an associate Security Analyst in our rapidly growing and dynamic shared services team.  The ideal candidate will effectively manage security incidents by monitoring, investigating, and identifying the root causes, and recommend effective mitigation strategies. This position offers the opportunity to work with cutting-edge security tools. The role is highly analytical and requires a proactive, detail-oriented mindset to protect critical infrastructure and data. What You'll Do: - Monitor and analyze log data, network traffic, and/or alerts generated by a variety of security technologies in real-time. - Respond, triage, and escalate security incidents using a SIEM platform following documented procedures. - Support the execution of vulnerability scans and assist in analyzing results for remediation recommendations. - Draft security incident reports detailing the threat, its characteristics, and required remediation activities for review by a senior analyst. - Research new threats and ensureappropriate detection capabilities are in place. - Review security incidents and other deliverables for adherence to established procedures and provide documentation updates as necessary. - Contribute to the quality and timeliness of the security incident detection and classification service. - Ensure standards and procedures are adhered to within defined SLA’s. - Articulate security issues to customers, both verbally and written - Referring difficult or complex issues to more experienced staff. - Developing an understanding of current vulnerabilities, attacks, and countermeasures. - Identify opportunities for process improvement and suggest them to stakeholders - Manage and track customer issues and requests within a ticketing system. - Work within a 24x7x365 team to further support the timely delivery of monitoring services. - This position may be assigned to a rotating shift schedule. - Support other teams as needed. What You've Done: - US Citizenship is Required - 0-2 years of experience in an operational or technical environment, preferably with customer-facing responsibilities. - Foundational understanding of core networking concepts including TCP/IP and common Internet protocols. - Exposure to or basic understanding of an information/cyber security role, particularly in security monitoring and analysis. - Familiarity with the cyber security threat landscape, including prevalent vulnerabilities and attack methods. - Familiarity with security tools such as SIEM (Security Information and Event Management) platforms. - Demonstrated technical and troubleshooting skills and the ability to adapt to solve new technical issues. - General systems infrastructure knowledge (Windows/Linux OS). - Strong verbal and written communication skills with a focus on clear and concise reporting. Preferred Qualifications: - Bachelor's degree in Computer Science, Information Technology, or a related field. - Relevant entry-level certifications such as CompTIA Security+, CompTIA CySA+, or GIAC GSEC. - Basic experience with scripting languages (e.g., Python, PowerShell) for task automation. - Experience with ticketing/case management systems. - A strong passion for cyber security, continuous learning, and knowledge sharing. What We Offer: - 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed - Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment) - Group Term Life, Short-Term Disability, Long-Term Disability - Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness - Participation in the Discretionary Time Off (DTO) Program - 11 Paid Holidays Annually $60,000 - $72,000 a year UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors. We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable. UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. If you want to make an impact, UltraViolet Cyber is the place for you!