Mobile Security Engineer - Req# 502 Req #502 Virtual• Southington, CT, USA Job Description Who we are... As an industry-leading fintech provider, COCC delivers innovative, comprehensive technology solutions and strategic partnerships throughout the Northeastern United States. Listed among American Banker's FinTech 100 and the Inc. 5,000 fastest growing companies in the nation, COCC inspires the industry with innovation and top-quality support. Designated a Top Workplace in Connecticut and a nationally Certified Great Place to Work, COCC recognizes employees as the core of our success. Inspiring you to become extraordinary in work and life. What we need… Mobile Application Security Developer We’re looking for a Mobile Application Developer to build and enhance secure, reliable mobile experiences across iOS and/or Android. In this role, you’ll be a core contributor on the development team—shipping features, improving performance, and building scalable mobile architecture—while also partnering with our security team to apply secure coding practices and participate in security testing as part of our SDLC. This is an ideal role for a mobile developer who has worked alongside security, contributed to remediations, participated in secure design reviews, or pursued certifications such as GMOB, GSEC, OSCP. What’s in it for you… COCC offers a unique and collaborative experience as you grow your career with us and all of the benefits you’d expect from an award-winning employer plus: - Hybrid schedules and ample paid time off allowing you work/life balance and flexibility - Customized training and onboarding to support you in your first year at COCC - Robust employee development programs aligned with career pathing objectives - Cutting-edge training and educational resources from vendors like SANS, PluralSight and CBTNuggets - Generous PTO offerings, benefits and competitive compensation - On-site fitness centers, wellness incentives, and lifestyle spending accounts - Tuition Reimbursement - One-on-one career coaching - DEIB initiatives championing inclusion and encouraging you to bring your whole self to work - Financial planning assistance with certified professionals - Peer recognition programs What you’ll do… - Design, build, and maintain mobile application features and enhancements for iOS and/or Android - Collaborate with product, UX, QA, and platform teams to deliver high-quality mobile experiences - Implement secure-by-design patterns (authentication, authorization, secure storage, API usage, session handling) in partnership with security stakeholders - Assist with security testing and validation using tools such as Burp Suite, MobSF, Frida, Drozer, Postman - Stay current on mobile platform changes, emerging libraries, performance patterns, and relevant mobile security risks What you’ll bring… - Bachelor’s degree in Computer Science, IT, Software Development, Cybersecurity or related field (or equivalent experience) - 4+ years of experience in mobile application development (iOS and/or Android) - Proficiency in one or more: Swift, Objective-C, Kotlin, Java - Experience building mobile apps with a strong focus on quality, performance, maintainability, and clean architecture - Familiarity with secure coding practices and common mobile risk areas (e.g., OWASP Mobile Top 10 concepts) - Exposure to application security activities such as: - participating in vulnerability remediation - reviewing SAST/DAST findings - implementing secure storage / network protections - collaborating with security teams - Familiarity with CI/CD pipelines and modern development workflows (Git, automated testing, release practices) - Strong communication skills to collaborate across technical and non-technical stakeholders Nice to have… - Experience with security testing tools such as MobSF, Burp Suite, Frida, Drozer, or similar - Experience with SAST tools such as Checkmarx, Fortify, SonarQube - DevSecOps exposure (security gates, pipeline checks, automation around findings) - Security certifications such as GMOB, GSEC, OSCP (or equivalent practical experience) Salary range for this role is $110000-155000/annually Applicants for employment in the US must have work authorization that does not currently or in the future require sponsorship of a visa for employment authorization in the United States. COCC is committed to maintaining a drug-free workplace. All applicants are required to pass a credit, background, and substance test prior to employment. COCC procures background and consumer reports in compliance with all Federal and State regulations, including The Fair Credit Reporting Act and applicable Department of Labor laws regarding pre-employment screens. COCC is an equal opportunity employer committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation. Accessibility - If you’re a job seeker with a disability and require accessibility assistance or an accommodation to apply for one of our jobs, please let us know by calling 860-678-0444 or emailing TalentManagement@cocc.com. Please specify the help you need and we’ll be happy to get back to you. Job Details Job Family 04 Software Development Pay Type Salary Hiring Min Rate 110,000 USD Hiring Max Rate 155,000 USD

• Serve as a core member of the Cloud Security team • Own, operate, maintain, and improve the FedRAMP cloud environment • Design, implement, and maintain a secure AWS cloud infrastructure • Build and improve security controls across cloud resources • Lead the hardening of AWS environments and Kubernetes-based platforms • Drive the automation of security controls and compliance requirements • Partner with SRE, platform, and engineering teams for secure service deployment • Develop and improve incident response capabilities for cloud environments • Respond to security incidents and drive remediation actions • Proactively identify and mitigate security risks through assessments and reviews • Manage and improve security tooling and services

• Support renewable energy projects in the US, with a strong focus on IT deployment for new solar farms • Coordinate IT, cybersecurity, and external vendors in a fast-paced, multi-stakeholder environment

Role Description Role located in Beaverton, OR or West Coast Remote The Cyber Defense Generalist – Americas is a hands-on cyber defense practitioner supporting regional security operations across North and South America. The primary objective of this role is to detect, analyze, contain, and support the resolution of business-impacting security threats and events through disciplined execution of security operations processes. This role operates within a 24x7 security operations environment, contributing to incident response, alert triage, threat analysis, threat hunting, and data loss prevention (DLP) investigations under established playbooks and escalation models. The L2 Generalist acts as a reliable second-line responder, handling more complex investigations, supporting incident commanders, and ensuring high-quality evidence, documentation, and communication. The role provides operational support for U.S. Government–regulated and customer-controlled environments, including CMMC-aligned environments, executing incidents and investigations in a defensible, audit-ready manner consistent with contractual and regulatory requirements. The Cyber Defense Generalist works in close partnership with global Security Operations, Cyber Defense Engineering, GRC, Audit, IT Shared Services, Infrastructure and Cloud teams, Identity teams, and engages Legal, HR, and Privacy through defined workflows when required. Execution is aligned to the Ralliant Business System (RBS), emphasizing standard work, repeatability, continuous improvement, and measurable outcomes. Key Responsibilities - Execute SOC operations including alert investigation, correlation, case management, escalation, and shift handoff in alignment with 24x7 operational coverage models. - Perform incident response activities, including detailed analysis, containment support, evidence collection, and recovery coordination under direction of the incident commander. - Support incident command by providing timely technical findings, impact assessments, and clear updates suitable for operational and executive audiences. - Operate, tune and Manage SIEM (LogScale) for Security operations activities. - Investigate and respond to DLP alerts, applying defined workflows, documentation standards, and escalation criteria, and coordinating with Legal, HR, and Privacy for sensitive cases. - Conduct threat analysis and targeted threat hunting, identifying indicators of compromise, validating detections, and surfacing control gaps or improvement opportunities. - Translate threat intelligence into actionable investigative steps, detection feedback, and response recommendations. - Support exposure and vulnerability response activities by validating exploitability, assisting with risk-based prioritization, and tracking remediation or exception outcomes. - Ensure high-quality documentation and evidence handling to support audits, customer inquiries, and regulatory obligations, particularly for regulated environments. - Contribute to continuous improvement by providing feedback on detections, false positives, playbooks, and operational workflows. - Participate in simulations, tabletop exercises, and after-action reviews, incorporating lessons learned into day-to-day execution. - Follow RBS-aligned standard work, including runbooks, playbooks, checklists, and tooling, to ensure consistent, repeatable, and auditable operations. - Partner with Cyber Defense Engineering to improve detection coverage and fidelity across endpoint, identity, cloud, SaaS, email, and network telemetry, including tuning to reduce false positives and increase high confidence detections. - Execute threat hunts focused on both security and resilience, identifying control gaps, validating defensive assumptions, and improving readiness for high impact scenarios. Qualifications - Bachelor’s degree recommended; equivalent practical experience considered. - 3–6+ years of experience in security operations, incident response, or cyber defense roles. - Demonstrated hands-on experience investigating security alerts and incidents across endpoint, identity, cloud, SaaS, email, and network domains. - Experience supporting regulated or customer-driven security environments; familiarity with CMMC and NIST SP 800‑171 expectations is preferred. - Practical experience with DLP investigation and response workflows, including handling sensitive data loss scenarios with discretion and defensible documentation. - Practical experience in managing and operating a SIEM solution – from ingest to reporting. - Working knowledge of threat intelligence consumption and basic threat hunting techniques. - Experience collaborating with infrastructure, cloud, identity, and application teams during incident response or remediation activities. - Strong written and verbal communication skills, with the ability to clearly document technical findings and explain risk and impact. - Ability to operate effectively in a global, multi-time-zone environment while maintaining consistency with enterprise standards. - Alignment with Ralliant values and the Ralliant Business System (RBS), including ownership, transparency, and continuous improvement. #LI-JW2 Ralliant Corporation Overview Ralliant, originally part of Fortive, now stands as a bold, independent public company driving innovation at the forefront of precision technology. With a global footprint and a legacy of excellence, we empower engineers to bring next-generation breakthroughs to life — faster, smarter, and more reliably. Our high-performance instruments, sensors, and subsystems fuel mission-critical advancements across industries, enabling real-world impact where it matters most. At Ralliant we’re building the future, together with those driven to push boundaries, solve complex problems, and leave a lasting mark on the world. We Are an Equal Opportunity Employer. Ralliant Corporation and all Ralliant Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. Ralliant and all Ralliant Companies are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment application process, please contact us at applyassistance@Ralliant.com. Pay Range The salary range for this position (in local currency) is 66900.00-124300.00 Is this role subject to ITAR? The essential duties of this position require adherence to U.S. Government export control regulations. Accordingly, candidates must either be U.S. Persons (i.e., U.S. citizens, U.S. lawful permanent residents, or protected individuals as defined by 8 U.S.C. 1324b(a)(3)) or be prepared to collaborate with the company in securing the necessary U.S. government export authorizations. While the company encourages all interested applicants to apply, please be aware that ongoing employment is dependent upon obtaining the appropriate government export authorizations.