Role Description The Cybersecurity / IAM Engineer is responsible for architecting, implementing, and maintaining advanced cybersecurity and identity and access management (IAM) solutions across all client environments, including cloud, IoT, edge, and data systems. This role is critical to ensuring that client meets and sustains compliance with cybersecurity, privacy, and risk management requirements, including RMF, IL4/IL5, and FedRAMP controls. The engineer leads the design and enforcement of secure authentication, authorization, and RBAC frameworks, supporting multi-factor authentication, single sign-on, and integration with providers. The Cybersecurity / IAM Engineer works closely with DevSecOps, software, and infrastructure teams to embed security best practices into all phases of the system lifecycle, including secure configuration baselines, continuous monitoring, vulnerability management, and incident response. The position requires hands-on experience with IAM platforms, PKI, secure directory services, and the implementation of audit logging and compliance reporting. The engineer maintains comprehensive documentation, supports audit and ATO processes, and ensures that all client solutions are resilient, auditable, and optimized for operational readiness and regulatory compliance. Job Duties - Architect, implement, and maintain advanced IAM solutions, including RBAC, MFA, SSO, and integration with providers - Develop and enforce secure authentication and authorization frameworks for client's cloud, edge, and data environments - Lead the implementation of secure directory services, PKI, and certificate management for all client components - Support continuous monitoring, vulnerability management, and incident response in compliance with DoD RMF, IL4/IL5, and FedRAMP requirements - Collaborate with DevSecOps, software, and infrastructure teams to embed security best practices throughout the system lifecycle - Maintain comprehensive documentation for IAM architectures, security controls, and compliance artifacts - Support audit, ATO, and risk management processes, including evidence collection and remediation of findings - Implement and monitor audit logging, access reviews, and compliance reporting for all client environments - Provide technical support for user provisioning, deprovisioning, and lifecycle management - Participate in security assessments, code reviews, and compliance audits as required by contract and SOW Qualifications - Master's degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent - Minimum 10 years of experience with cybersecurity engineering - Must be US Citizen with ability to obtain a Secret Clearance Preferred Qualifications - Experience designing and managing IAM solutions in regulated or mission-critical DoD environments - Proficiency with RBAC, SSO, MFA, PKI, and secure directory services - Experience with DoD RMF, IL4/IL5, and FedRAMP cybersecurity and compliance requirements - Familiarity with AWS GovCloud, cloud security, and secure integration of edge/IoT devices - Strong documentation and communication skills, including the ability to produce compliance artifacts and technical guides - Experience supporting audit, ATO, and risk management processes for federal systems - Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level I (position-based) per DoD 8570.1M Benefits - Medical, dental, and vision insurance with an employer contribution - Flexible spending or health savings account - Life and AD&D insurance - Short and long term disability coverage - Paid time off - Employee assistance program - Participation in a 401k program with company match - Additional voluntary or legally-required benefits

Role Description As an Application Security Engineer at Solventum, you will: - Join a team of cybersecurity professionals motivated to secure Solventum's healthcare information systems and the personal health information of our clients and their patients. - Operate and enhance application security tool environments. - Author automation scripts for recurring tasks (Python preferred). - Setup and execute authenticated and unauthenticated dynamic application security testing (DAST) scans against web applications and APIs using approved tools. - Manage scan scheduling, configuration, and coverage across application security tool environments. - Tune scanning profiles to reduce false positives and improve detection accuracy. - Ensure DAST scanning aligns with release cycles and risk-based scanning requirements. - Validate DAST findings to confirm exploitability and business impact. - Categorize vulnerabilities using industry standards (e.g., OWASP Top 10). - Prioritize findings based on risk, application criticality, and exposure. - Eliminate false positives and duplicate findings prior to developer handoff. - Partner with development and platform teams to explain DAST findings and remediation expectations. - Track remediation progress and verify fixes through re-scanning or targeted validation. - Maintain accurate vulnerability records in enterprise tracking systems. - Escalate overdue or high-risk vulnerabilities in accordance with policy. - Work with application teams to validate that software applications meet security guidelines and compliance standards such as HIPAA, SOC II, GDPR, NIST 800-53, FedRAMP, etc. - Build solutions that collect and present vulnerability and compliance data to Solventum’s leadership. Qualifications - Bachelor’s Degree & 7 years of experience in application security. - 3 years' experience administering, running, and analyzing DAST tools. - Knowledgeable with AWS or Azure cloud environments. - Familiarity with best practice software security requirements in industry standard compliance programs (NIST, HITRUST, FedRAMP, etc.). - Experience developing or testing RESTful APIs with an understanding of Postman and/or Swagger files. - Ability to obtain and maintain a Public Trust clearance. Requirements - Experience administering Qualys or Tenable vulnerability management and application security modules. - Experience in working across multiple teams and disciplines. - Strong attention to detail and analytical skills. - Risk-based prioritization and sound judgment. Benefits - Competitive pay and benefits. - Medical, Dental & Vision coverage. - Health Savings Accounts. - Health Care & Dependent Care Flexible Spending Accounts. - Disability Benefits. - Life Insurance. - Voluntary Benefits. - Paid Absences. - Retirement Benefits.

• Write and maintain documents required for Authority to Operate (ATO) during all phases of ATO • Coordinate with IT security team, engineering team, and client team to document ATO process • Create Visio diagrams as part of documentation • Support ATO assessment process • Monitor, test, and troubleshoot IA problems • Collect and analyze data from CND tools • Develop and manage security for multiple IT functional areas across the enterprise • Lead development and implementation of security policies and procedures • Brief and present status reports on security matters

• Manage audit engagements (e.g. SOX, ISO 27001, C5 PCI-DSS, SOC 2, HIPAA), the audit request lists and ensure requests are being fulfilled appropriately by stakeholder management • Coordinate and collate required evidence for external and internal audit support • Managing the control and process libraries, and assisting the business in implementing internal controls • Contribute to meetings by preparing agendas, document meeting minutes, and help track the completion of follow up • Lead junior staff to ensure critical tasks are completed on time and per requirements • Lead Internal/External Audits as it relates to documenting or evidencing control management practices • Lead/participate in Risk Assessments and documenting risks within the risk register, and identifying and documenting the risk treatment • Assist the business to document, assess, and remediate any issues raised during audit examinations and risk assessments • Assist in management of Sprinklr security standards and policies • Update and maintain the GRC Confluence and share drives • Assist with management of risks, controls and requests in the GRC tool • other duties or tasks as assigned by management