Role Description What You Will Do: - Identity Lifecycle Engineering: Architect and optimize automated end-to-end identity and identity proofing workflows, leveraging IGA tooling to eliminate manual provisioning and strengthen identity security controls across the enterprise. - Protocol & Federation Standards: Design and implement secure identity proofing and verification flows utilizing deep technical proficiency in SCIM, OAuth2, SAML 2.0, and OIDC to ensure seamless, standards-based authentication. - Directory Orchestration & L3 Support: Serve as the Tier 3 escalation authority for complex identity data synchronization and orchestration across hybrid environments, including Microsoft Active Directory, Entra ID, and Virtual Directory Services (VDS). - Security Posture & Audit Governance: Develop and execute automated technical audits and compliance monitors to validate IAM controls, ensuring continuous alignment with stringent internal policies and external regulatory requirements. - Agile Technical Leadership: Drive IAM modernization initiatives as a Subject Matter Expert within an Agile framework, translating complex business requirements into scalable technical architectures while mentoring junior analysts. Qualifications - High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required. - Advanced IAM Certification: Documented expertise through CISSP, CCSP, or CISA; highly specific technical certification in SailPoint is a significant competitive advantage. - Regulated Healthcare Expertise: Extensive experience navigating the unique security constraints and identity interdependencies of a high-volume, highly regulated healthcare ecosystem. - Legacy-to-Modern Migration: Proven success in identifying obsolete access control processes and leading the technical migration toward modern, automated identity fabrics. Benefits - Paid time off (PTO) - Various health insurance options & wellness plans - Retirement benefits including employer match plans - Long-term & short-term disability - Employee assistance programs (EAP) - Parental leave & adoption assistance - Tuition reimbursement - Ways to give back to your community

• We are seeking a Security Consultant (Staff) to provide security leadership and guidance across application modernization and database migration workstreams. • This role will establish security, logging, observability, and compliance standards while ensuring the modernized environment aligns with public sector and healthcare data protection requirements. • As the primary security resource supporting multiple workstreams, the consultant will focus on defining patterns, governance, and best practices rather than implementing every security control directly. • Define and oversee security, logging, and observability standards throughout modernization and migration efforts • Establish secure architecture patterns for AWS-based target environments • Develop and promote IAM, secrets management, and least-privilege access strategies • Ensure proper handling and protection of PHI and PII data within healthcare and Medicaid-related systems • Advise teams on compliance requirements applicable to state government workloads • Review application security controls, authentication and authorization approaches, and secure coding practices • Assess converted database access patterns and connection security, including Aurora PostgreSQL endpoints • Provide guidance on encryption, monitoring, logging, and auditability requirements • Support risk identification, remediation planning, and security governance activities • Collaborate with technical teams to embed security best practices throughout the delivery lifecycle

Role Description Senior hands-on technical lead for security assessment execution and for developing and validating the SCSEMs and automated evaluation files that drive every review. Distinct from the Computer & Information Systems Manager: this role is the deep technical author/assessor rather than the team manager. Key Responsibilities - Develop, update, and validate SCSEMs and automated evaluation files (Nessus audit / SCAP XCCDF), mapping to CIS Benchmarks, DISA STIGs, and applicable NIST controls. - Validate that automated checks accurately reflect required configurations and correctly evaluate both binary and non-binary conditions. - Lead hands-on system configuration checks and automated/manual compliance scanning during reviews. - Perform corrective actions and ad hoc fixes for identified issues, including logic errors in automated evaluation files. - Maintain configuration instructions and supporting documentation; ensure alignment between SCSEMs and automated files. Qualifications - Demonstrated experience identifying and applying information-security/cybersecurity requirements and ensuring they are addressed through development, implementation, and configuration. - Demonstrated experience implementing security controls, configuration changes, software/hardware updates, and vulnerability management within government organizations. - Hands-on experience securing configurations and authoring or tailoring SCSEM/STIG/CIS/Nessus content (preferred). Requirements - High School Diploma or higher. - Certifications / Licenses (minimum of ONE of the following): - CCNA Security - CySA+/CSA+ - GICSP - GSEC - Security+ CE - CND - SSCP - CASP+ CE - CCNP Security - CISA - CISSP (or Associate) - GCED - GCIH - CCSP - CAP - CISM - GSLC - CCISO - HCISPP - CEH - GSNA - CFR - PenTest+ - In lieu of a certification, graduation from a minimum 2-year IT/Cybersecurity program at an accredited college or university may be substituted. Preferred - Prior FTI/Safeguards review experience; demonstrated SCSEM/STIG/CIS/Nessus authoring. Commitment to Diversity eTelligent Group provides equal employment opportunities (EEO) to all applicants without regard to race, color, religion, gender, sexual orientation, gender identity, nations origin, age, disability, genetic information, marital status, amnesty, status as a covered veteran, and any other characteristic provided in accordance with applicable, federal, state and local laws.

• Evaluate, deploy, integrate, and optimize security tooling — including SAST, DAST, SCA, IAST, container scanning, SBOM generation, secrets detection, and API security testing — across CI/CD pipelines and developer workflows • Build automated workflows for vulnerability ingestion, prioritization, remediation tracking, and reporting, integrating with platforms such as GitHub Actions, Azure DevOps, Jenkins, Jira, and SIEM tools • Drive enterprise vulnerability management initiatives, including prioritization frameworks, SLA tracking, remediation velocity improvements, and security posture dashboards • Embed security-by-design principles into the SDLC, developing security guardrails and policy-as-code capabilities for cloud and application environments • Partner with DevOps and CI/CD teams to improve automated security validation, release governance, and software supply chain security • Serve as a senior technical advisor on application security, influencing engineering and product roadmaps to improve platform security and operational resilience • Mentor engineers and security practitioners on secure development and DevSecOps best practices