Role Description The Cyber Solutions Engineering department within the Cybersecurity Risk Management organization ensures successful delivery and operations of critical security controls across the CHS Enterprise. As an Associate Cyber Security Engineer and IAM Analyst in the Identity Services team, you will work closely with various departments including but not limited to Internal Audit, Risk Management, and other IT teams to create and operationalize functional and scalable Identity and Access Management policies, guidelines, standards, procedures, and processes. Analyzing, improving, and automating current processes for granting and removing access based on the principles of least privilege is a key function of the role. - Implement, document, and assist in the maintenance of Role-Based Access Control (RBAC) for account provisioning. - Prioritize tasks and ensure that issues are fully resolved in a timely manner. - Implement, perform, and document Periodic Access Reviews for enterprise applications and systems. - Work with departments and key stakeholders to create and maintain role-based access controls for user accounts. - Identify problems or inefficiencies in current processes and suggest modifications. - Ensure audit requests for information are conducted and completed as required by the IAM program and regulatory requirements. - Create easily understood, useful documentation for processes and solutions to be used by team members and end users. Qualifications - H.S. Diploma or GED required - Associate Degree or Bachelor's Degree in Cyber Security, Computer Science, Information Systems (or other related field) or equivalent work experience preferred - 1-2 years Cyber Security, Technology or other related experience required Requirements - Provided support to end users in a corporate information technology or cyber security environment. Knowledge, Skills and Abilities - Strong problem solving and troubleshooting abilities. - Effective communication of technical concepts to a non-technical audience. - Good written and verbal communication skills. - Good time management and prioritization capabilities. - Motivation for growth and self-improvement. - Ability and desire to do thorough, high-quality work. Technologies - ServiceNow - Active Directory - SailPoint - Health Management Systems - Identity Management - Experience working in a Windows environment - Familiarity with Microsoft / Google office suites Licenses and Certifications - Security+, GSEC, SSCP, or an ITIL Certifications preferred

Role Description Walden University is dedicated to inclusive teaching and learning across all academic programs. Our aim is to ensure that every learner understands that Walden values their inherent worth, humanity, and dignity. Key responsibilities include: - Regular and varied communication with students to foster a welcoming and inclusive classroom environment. - Creation of engaging and dynamic learning experiences that promote student learning, discussion, and growth. - Consistent feedback and feedforward to support students' academic and professional development. - Individualized instructional support and guidance demonstrating genuine care for student well-being and achievement of their goals. - Accessibility to students through various channels, including email, phone, text, office hours, and individual appointments. Additionally, faculty are expected to engage in scholarship and service aligned with Walden's mission: - Engagement in scholarship activities coordinated with academic leadership. - Demonstration of a consistent record of service to the institution and broader community. Other duties include: - Adhering to all Walden University faculty expectations as outlined in the Faculty Handbook. - Participation in required virtual and in-person faculty meetings, residencies, workshops, and training sessions. - Maintenance of a student-friendly schedule, including availability during evenings and weekends. - Performing other duties as assigned and complying with all policies and standards. Qualifications - A doctorate in the relevant field of Education or a closely related discipline is required. - Ability to consider diverse, and sometimes conflicting, perspectives is preferred. - Demonstrated capacity and willingness to provide individualized instructional support and guidance to students is essential. - Application materials should clearly demonstrate alignment with Walden University's mission and vision. - Experience working with doctoral capstone projects focused on problems of practice in the professional work setting is preferred. Requirements - A minimum of three years of teaching at the doctoral level is required. - Experience supporting doctoral research committees is required. - Experience with distance learning is preferred. - Experience mentoring doctoral students on capstone projects focused on evidence-based decision-making is preferred. Benefits - Graduate Course Instruction: $1,560 - $4,080 per Quarter or Semester, depending on type of course taught and length of course. - Undergraduate Course Instruction: $700 - $2,200 per quarter, depending on type of course taught and length of course. - Other opportunities for contributing faculty members, such as dissertation/doctoral study committee chair positions, research reviewing, and dissertation and doctoral study mentoring. Actual pay may be adjusted based on job-related factors permitted by law.

Role Description As a Mobile Device Security Senior Engineer, this role reports to the Manager of Endpoint Security. This role develops, engineers, and maintains the Mobile Device product within the Endpoint Security Program for the Cybersecurity Risk Management Department. This role is expected to have senior level knowledge of mobile device security technologies. The senior engineer will be responsible for identifying and remediating security gaps, the continued improvement of existing controls, mentoring and collaborating with other Cyber Security and Information Technology team members to secure the many information technology assets and data of Community Health Systems. The senior engineer will collaborate with architects to design and implement solutions that better protect CHS systems and data. This role will be responsible for the security and management of mobile devices within an organization, ensuring they are configured, secured, and compliant with company policies. This includes tasks like deploying and managing Mobile Device Management (MDM) solutions, implementing security policies, and troubleshooting device-related issues. Qualifications - H.S. Diploma or GED required - Bachelor's Degree in Cyber Security, Computer Science, Information Technology, or a related field preferred - 3+ years of IT or information security, and 2+ years of mobile device security - Required experience: - Managed Mobile Device Management technologies (e.g. Intune, Soti, Google MDM) - Managed and securing iOS and Android devices - Served as senior thought leader for mobile device security technology and influenced the strategy to address internal or external business and regulatory issues - Worked in process-driven structured environments, and participated in process optimization activities Requirements - Advanced knowledge of security principles, issues, techniques and implementations across mobile device security platforms - Proactive identification and solving of complex problems - Strong understanding of systems development lifecycle to provide technical leadership for multifunctional projects or initiatives - Strong ability to work on and prioritize multiple, concurrent projects while meeting aggressive deadlines in a fast-paced environment - Willingness to participate in cross-functional training and support - Effective communication of technical concepts to a non-technical audience - Excellent written and verbal communication skills Licenses and Certifications - Relevant security certifications such as CISSP, CISM, GIAC, or CEH Preferred

• Designing, implementing, and maintaining security controls across the Salesforce-based MESH platform and AWS cloud environment in accordance with CMS Acceptable Risk Safeguards (ARS) 5.1, FedRAMP Moderate, and NIST SP 800-53 Rev 5 • Embedding security into the DevSecOps CI/CD pipeline by integrating SAST, DAST, IAST, and software composition analysis tools (e.g., Snyk, AppOmni, Tenable, AWS Security Hub) into GitHub Actions and Copado workflows • Operating the end-to-end vulnerability management lifecycle including detection, triage, prioritization, remediation tracking, and reporting; ensuring critical and high findings are remediated within CMS/HHS-defined timeframes • Performing and documenting Security Impact Analyses (SIAs) for proposed changes to the MESH platform and integrations such as T-MSIS, MBES/MacFin, Microsoft 365, and CMS DataConnect • Authoring, maintaining, and updating Authority to Operate (ATO) artifacts in CFACTS, including System Security Plans (SSPs), POA&Ms, Privacy Impact Assessments, Contingency Plans, and Incident Response Plans • Hardening Salesforce GovCloud configurations by enforcing role-based access, permission sets, OAuth/MFA, and Salesforce Shield controls; reviewing third-party AppExchange packages for security risk prior to installation • Configuring and tuning continuous monitoring and detection tooling (Splunk, AWS GuardDuty, CloudTrail, Security Hub) and leading incident response from detection through post-mortem review • Leading least-privilege access reviews and identity lifecycle workflows across CMS IDM/Okta, EUA, AWS IAM, Salesforce, and CI/CD pipelines; automating recurring access reviews and onboarding/offboarding tasks • Building dashboards and reports in Splunk, Power BI, or Jira that give CMS leadership and product teams visibility into vulnerabilities, compliance posture, access reviews, and audit readiness • Translating CMS, HHS, and federal AI governance requirements into actionable secure design patterns for AI/ML capabilities embedded in MESH (e.g., AI-assisted submission analysis, NLP search, predictive analytics) • Participating in Agile ceremonies as a security subject matter expert, ensuring user stories include clear security acceptance criteria and that security enablers are represented in the team Definition of Done • Mentoring developers, QA, and DevOps engineers on secure coding practices (OWASP ASVS), threat modeling, and continuous compliance • Cooperating with CMS-directed audits, penetration tests, and 3PAO assessments; coordinating responses to agency security data calls within required timeframes