Through our dedicated associates, Conduent delivers mission-critical services and solutions on behalf of Fortune 100 companies and over 500 governments - creating exceptional outcomes for our clients and the millions of people who count on them. You have an opportunity to personally thrive, make a difference and be part of a culture where individuality is noticed and valued every day. Information Security Engineer III About the Role The Information Security Engineer III serves as a member of the NIST CISO Audit & Assurance team and will assist in the performance of internal audits, ensuring they comply with applicable Conduent and ISO security standards, regulations, and policies. The internal auditor will be professional, independent, impartial, and fair in all interactions. - The NIST security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units’ information, applications, and infrastructure. - The resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. - This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. - Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to: - IPS/IDS alerts; change detection (FIM) alerts - application firewall alerts; malware alerts - rogue wireless network alerts - security system health alerts; exploit attempt alerts - Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: - audits of system security to ensure compliance with Corporate security framework - NIST 800-53, ISO 27001/2, PCI-DSS - emerging country, state, and Federal privacy laws - Primary POC in a vulnerability management program of the account that includes: - external and internal vulnerability scans of applications and systems - external and internal penetration tests of applications and systems - documentation and remediation of identified vulnerabilities and exploits - routinely monitoring various communication avenues for security vulnerabilities and security patches - taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments - making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities - Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement - Acts as the initial point of contact to facilitate the handling of security audits and client requests - Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies - Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units Qualifications and Education Requirements - CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. - Minimum of Five (4 to 5) Years of experience in IT Security, or Security Auditing is required. - Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. - Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures - Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. - Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. - Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. - Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). - Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. - Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. - Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus - Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally Preferred Skills - Creating and Maintaining NIST 800-53-rev5 based SSP and POAM - Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). Flexible Working At Conduent, we want you to be yourself. We recognize that everyone is different and that how people want to work and deliver at their best is different for everyone too. In this role, you can expect the following working conditions: Remote work: Enjoy the convenience of working from home and maximize your time by unplugging at the end of your workday. Working For You Perks and rewards designed for you: - Health and Welfare Benefits: Our health and welfare benefits can be tailored to fit you and your family's needs and start on the first day of employment. - Retirement Savings: We will support you as you save for your future. - Career Growth Opportunities: We help you thrive, so together, we can grow. We provide opportunities to advance your career with a vast portfolio of businesses and a global footprint. - Paid time off: We provide attractive paid time off packages designed for you to enjoy your life away from work. - Great Work Environment: We are proud of our award-winning culture and the recognition we’ve received for our diversity efforts. Join Us At Conduent, we are one team, one mission. We understand that our success is directly related to the success of our associates. We strive to create a culture where you can: Bring your authentic self to work Grow and thrive, both personally and professionally Make a difference with our clients, in our communities, and with the millions of people we support When you join Conduent, you are engaged in creating the future - both our company’s and your own. With more than 60,000 associates across 24 countries, we will provide you the opportunity to grow with a team of people who will challenge and inspire you to be the best! Pay Transparency Laws in some locations require disclosure of compensation and/or benefits-related information. For this position, actual salaries will vary and may be above or below the range based on various factors including but not limited to location, experience, and performance. In addition to base pay, this position, based on business need, may be eligible for a bonus or incentive. In addition, Conduent provides a variety of benefits to employees including health insurance coverage, voluntary dental and vision programs, life and disability insurance, a retirement savings plan, paid holidays, and paid time off (PTO) or vacation and/or sick time. The estimated salary range for this role is $91,438 - $118,750. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. For US applicants: People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded: click here to access or download the form. Complete the form and then email it as an attachment to FTADAAA@conduent.com. You may also click here to access Conduent's ADAAA Accommodation Policy.

• Develop and execute successful strategies that expand CDW Security’s customer base and achieve bookings, revenue, and gross profit targets. • Establish a detailed, comprehensive understanding of all capabilities, service offerings, value proposition, market positioning, selling strategy and process, as well as key differentiators. • Cultivate productive relationships with key personnel in current and targeted accounts. • Identify, engage, qualify, develop, and earn new clients. • Manage, support, and grow relationships as part of the extended sales team with prospects and clients as a consultative seller. • Network with a broad range of client organizations and leadership in key fields, including: Information Technology, Information Security, Finance, Internal Audit, Data Privacy, Compliance, and Legal, Enterprise Risk Management, Procurement / Supply Chain Management. • Proactively coordinate with other CDW Security resources to drive sales cycles, meet company objectives, and exceed client expectations. • Build strong relationships with the partner community to identify opportunities for CDW and those partners. • Understand industry landscapes and follow trends that impact our clients’ business risk, strategic decision-making, and budget planning and expenditure. • Provide accurate sales pipeline updates and forecasts. • Proactively populate and maintain all information in Salesforce. • Provide onboarding support and mentorship to entry level Security Solutions Executives. • Enhance CDW Security’s and your personal brand through participation at industry events, speaking engagements, blogging and other forms of acceptable public communication. • Proactively work with marketing to develop regional events that attract senior leadership from key accounts and prospects.

• Security strategy development: Collaborate with clients to develop and implement effective cybersecurity strategies. Define security frameworks, policies, and roadmaps aligned with clients' business objectives, risk appetite, and industry best practices. • Security controls implementation: Design and implement advanced security controls and technologies based on industry standards and regulatory requirements. This may involve configuring and integrating various security tools, such as SIEM, DLP, IDS/IPS, and endpoint protection systems. • Security architecture design: Provide expertise in designing secure systems, networks, and cloud environments. Develop security architectures that align with industry best practices, regulatory requirements, and clients' specific needs. Assess and recommend security controls for new technology implementations. • Project management: Lead and manage complex cybersecurity projects, ensuring projects are delivered on time, within budget, and meet quality standards. • Client relationship management: Develop and maintain strong client relationships. Act as a trusted advisor, provide timely and effective communication, and address client concerns or escalations. • Research and thought leadership: Stay updated on the latest cybersecurity trends, emerging threats, and technologies. Conduct research and contribute to thought leadership initiatives, such as whitepapers, industry presentations, and internal training sessions.

• Build AI-Powered Security Systems • Develop practical prompts, workflows, and guardrails for AI-assisted development • Deliver Applications to Production • Take applications from concept to production by applying strong engineering principles • Build and operate CI/CD pipelines, containerized deployments, infrastructure as code, and secure release processes • Build Security Data Pipelines • Design and implement data ingestion pipelines that collect and normalize security telemetry • Improve Detection & Response • Integrate AI-driven insights into security platforms and build automation for analysts • Collaborate Across Engineering and Security • Partner with security teams, engineers, and data scientists to identify detection and automation opportunities • Research Emerging AI & Security Techniques • Stay current on threat techniques, prototype new approaches, and contribute to innovation