Job Title: Expert Security Engineer Location: US, Canada (Remote) Employment Type: Full-time Job Description: About Altera Altera, a member of the N. Harris Computer Corporation family, delivers health IT solutions that support caregivers around the world. These include the Sunrise, Paragon Daneli, TouchWorks EHR, Altera Opal, Ventus, HealthQuest and dbMotion solutions. At the intersection of technology and the human experience, Altera Digital Health is driving a new era of healthcare, in which innovation and expertise can elevate care delivery and inspire healthier communities across the globe. A new age in healthcare technology has just begun. Position Summary As an Expert Security Engineer at Altera, you will be at the forefront of our proactive security efforts, specializing in ethical hacking and penetration testing. This role is critical for actively identifying and exploiting vulnerabilities across our applications, infrastructure, and cloud environments. We are seeking a highly skilled individual with a deep understanding of application architecture and security controls, capable of independently uncovering security flaws and articulating complex findings to diverse audiences. Key Responsibilities - Ethical Hacking & Penetration Testing: Lead and execute advanced penetration tests and ethical hacking engagements against Altera's critical systems, applications, and networks to identify and exploit security weaknesses. - Application Security Expertise: Conduct in-depth security reviews of applications, with a strong focus on understanding how they are built (e.g., Java-based applications) to uncover design flaws, coding vulnerabilities, and misconfigurations. - Vulnerability Identification & Exploitation: Independently identify, analyze, and validate security vulnerabilities with high fidelity, demonstrating the ability to exploit them to assess potential impact. - Tool Proficiency: Leverage and master industry-standard penetration testing tools. - Reporting & Communication: Clearly articulate complex technical findings, security risks, and actionable remediation strategies through comprehensive written reports and compelling presentations to both technical teams and non-technical stakeholders, including customers. - Consultation & Guidance: Provide expert consultation to development, operational, and other business units on secure design principles, application of security best practices, and the effective use of advanced security technologies. - Threat Intelligence: Maintain heightened awareness of current security vulnerabilities, attack vectors, and mitigation techniques, proactively communicating relevant findings and recommendations. Role Requirements - Total Years of Experience: 5 years of progressive experience in cybersecurity, with a minimum of 3 years dedicated to ethical hacking, penetration testing, and application security. - Mandatory Skills: - Proven expertise in ethical hacking and penetration testing methodologies, including network, web application, API, and cloud penetration testing. - Deep understanding of application security principles, secure coding practices, and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). - Expert-level proficiency with penetration testing tools. - Strong understanding of application architecture and development. - Demonstrated ability to independently identify, validate, and exploit security vulnerabilities with high fidelity. - Exceptional verbal and written communication skills, with the ability to clearly articulate complex technical findings, risks, and remediation strategies to diverse audiences. - Strong presentation skills, capable of conveying security insights and recommendations effectively to customers and internal stakeholders. - Experience with cloud security assessments (e.g., Microsoft Azure Security). - Familiarity with various security technologies (e.g., EDR, IDS/IPS, Firewalls, SIEM, Vulnerability Management tools) from an attacker's perspective. - Good to Have/Preferred Skills: - Experience with scripting languages (e.g., Python, PowerShell) for automation and custom tool development. - Relevant offensive security certifications such as OSCP, OSWE, GPEN, GWAPT, or other advanced GIAC certifications. - Industry-recognized certifications like CISSP, CompTIA Security+, or CySA+. - Expert knowledge of Linux and Windows operating systems. - Experience in security engineering, operations, and design best practices. - Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related technical field. Salary range $100,000 - $120,000 USD

Title: Event Security Program Manager Location: Tempe United States Job Description: Waymo is an autonomous driving technology company with the mission to be the world's most trusted driver. Since its start as the Google Self-Driving Car Project in 2009, Waymo has focused on building the Waymo Driver-The World's Most Experienced Driver-to improve access to mobility while saving thousands of lives now lost to traffic crashes. The Waymo Driver powers Waymo's fully autonomous ride-hail service and can also be applied to a range of vehicle platforms and product use cases. The Waymo Driver has provided over ten million rider-only trips, enabled by its experience autonomously driving over 100 million miles on public roads and tens of billions in simulation across 15+ U.S. states. Waymo's cars navigate the world autonomously, but our global security posture is steered by the expertise of professionals like you. Safety is our foundation and is at the heart of everything we do. As a core member of the Global Security team, you will serve as the programmatic architect and primary risk advisor for Waymo teams participating in public engagements and high-visibility events. You will bridge the gap between ambitious business goals and rigorous safety standards, providing the critical security data and risk inputs that enable our teams to showcase Waymo's technology with total confidence. This role follows a hybrid work schedule and reports to the Head of Physical Security. You will: - Architect Scalable Standards: Design and own the end-to-end "Event Security Playbook," including intake workflows, self-service risk rubrics, and SOPs that support a high volume of global events - Serve as a Strategic Security Consultant: Review event operational plans and provide formal risk-mitigation recommendations to ensure the safety of personnel and the security of proprietary hardware - Partner with Threat Intelligence: Collaborate with the Global Threat Intelligence (GTI) team to determine when formal assessments are required; translate threat assessments into actionable guidance for internal stakeholders - Optimize Internal Plans: Recommend risk-based adjustments to internal Waymo event schedules, logistics, or locations (e.g., modifying vehicle load-in/out windows or entrance strategies) to ensure alignment with security best practices - Verify External Security Posture: Liaise with venue security, law enforcement, and municipal authorities to align Waymo's logistics with external security plans, securing tangible results such as optimized load-in/out windows, traffic mitigation agreements, or dedicated public-safety coordination - Support High-Stakes Assessments: Conduct technical "advances" and targeted venue site visits as operationally required for high-visibility or high-risk events to gather precise data to inform bespoke risk-mitigation recommendations You have: - 5+ Years of Relevant Experience: Progressive experience in corporate security program management focused on event security, corporate protective services, executive protection, or specialized hardware/prototype protection (e.g., trade shows/exhibitions) - Collaborative Advisory Mindset: Proven ability to operate as a support function, influencing outcomes and providing expert guidance without owning the final tactical production of the event - Workflow Design Expertise: Demonstrated track record of creating scalable SOPs or programmatic frameworks that manage a high volume of recurring requests - Intelligence Translation Skills: Experience converting threat intelligence data into practical, logistical recommendations for non-security stakeholders - Foundational Protective Knowledge: A strong understanding of executive protection and high-value asset security principles, applied through a programmatic and consultative lens - A Track Record of External Liaison: Proven experience professionally liaising with local, state, and federal law enforcement and municipal authorities to achieve tangible operational outcomes, such as securing specialized permits, coordinating public-space logistics, or establishing real-time information-sharing protocols We prefer: - Functional Specialization: Prior experience in a role dedicated to building and coordinating security plans for a specific group of people (VIPs/delegations) or specific high-value products in public-facing or large-scale event settings - Advanced knowledge of NIMS/ICS methodologies, specifically drafting and executing Event Action Plans (EAPs) that align with federal emergency management standards for high-profile public activations - Advanced Risk Methodologies: Experience applying formal risk assessment frameworks to physical environments and public-facing events - Academic Foundation: Bachelor's degree in Security Management, Criminal Justice, International Relations, or a related field - Innovative Workflow Optimization: Experience utilizing Artificial Intelligence (AI) or LLMs to optimize protective services workflows, such as streamlining request intake, automating risk analysis, or enhancing situational reporting - Communication Excellence: Outstanding written and verbal communication skills, with a demonstrated ability to brief senior policy or marketing stakeholders on complex security requirements Travel Requirements: - Up to 20% The expected base salary range for this full-time position across US locations is listed below. Actual starting pay will be based on job-related factors, including exact work location, experience, relevant training and education, and skill level. Your recruiter can share more about the specific salary range for the role location or, if the role can be performed remote, the specific salary range for your preferred location, during the hiring process. Waymo employees are also eligible to participate in Waymo's discretionary annual bonus program, equity incentive plan, and generous Company benefits program, subject to eligibility requirements. Salary Range $152,000-$187,000 USD We appreciate your interest in Waymo. Waymo is proud to be an equal opportunity employer, committed to creating a culture of belonging and maintaining a supportive workplace for all employees. We welcome applicants of all backgrounds, and employment decisions are based on a candidate's qualifications, experience, and alignment with job requirements and business needs. Waymo does not discriminate against, and prohibits harassment of, any applicant or employee based on race, color, sex, sexual orientation, gender identity, religion, national origin, age, disability, military status, family status, pregnancy, genetic information or any other basis protected by applicable law. Waymo will also consider for employment qualified applicants with criminal records in accordance with applicable law. Waymo is committed to making sure our hiring process is accessible for all candidates. If you need assistance apply

Develop and implement comprehensive cybersecurity strategies, lead incident response efforts, conduct vulnerability assessments, and ensure compliance with industry regulations while collaborating with cross-functional teams to enhance overall security...

• Own the security program: Define and operate the company’s security program, including policies, controls, risk management, and the ISMS • Lead compliance and customer trust: Own SOC 2 / HIPAA programs, audits, and all customer-facing security processes (questionnaires, diligence, reviews) • Design pragmatic security controls: Establish scalable security architecture and guardrails across cloud, data, application systems, and internal IT • Enable the organization: Embed security into the SDLC and internal workflows, including the controlled adoption of AI agents across all aspects of the business