• Support agencies with information security program implementation and compliance initiatives. • Conduct interviews with business owners, technical teams, administrators, and third-party stakeholders to gather security and compliance requirements. • Develop, document, and maintain security policies, procedures, and governance artifacts. • Track and monitor Information Security implementation plans and remediation activities. • Perform compliance assessments against established security frameworks and control standards. • Review agency documentation and provide recommendations to strengthen security posture and compliance readiness. • Analyze existing business processes and identify opportunities for improvement and risk reduction. • Assist in developing corrective action plans (CAP) and Plans of Action & Milestones (POA&M). • Support multiple concurrent security and compliance initiatives while maintaining project timelines. • Prepare reports, findings, and compliance status updates for leadership and stakeholders. • Ensure alignment with state security standards, regulatory requirements, and industry best practices.

Role Description We are currently hiring a skilled Cyber Security Engineer (SOAR) to join our growing team. - Operational role on Splunk & XSOAR (our SOAR platform). - Should have significant experience with Python. Key Responsibilities - Will work closely on Palo Alto XSOAR platform to customize it as needed. - Will closely integrate existing Security Operation Center (SOC) systems through development and reuse of well-defined APIs. - Working with stakeholders for onboarding new data sources on Splunk (or any other SIEM tool) and perform periodic maintenance activities. - Deploy and evaluate external proof-of-concept tools. - Help with automation of various SOC related manual tasks. Qualifications - Experience in customization on any SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR. - Development experience with Python and web frameworks (Django, Flask). - Experience with log management and/or SIEM technologies such as Splunk. Requirements - Web development frontend skills: JavaScript, jQuery, HTML/CSS. - Experience in creating and reusing Restful APIs to improve integration between existing and new security systems. - SQL database or any other DBs. - Good communication skills. - Highly motivated individual with the ability to self-start, prioritize, and multi-task. - Interest in cyber security, willingness to follow security best practices. - Ability to understand code written in other scripting languages. - Knowledge of incident response (SecOps). - Eagerness to look for and evaluate available open-source incident response/threat intelligence tools. - Strong focus on writing high quality technical documentation. - Good knowledge of Linux, git, nginx. Benefits - This is a remote position.

• Partners with either Health Plans or Shared Services to translate privacy, security, artificial intelligence (AI), business continuity, and related requirements from client contracts, laws, and regulations into actionable enterprise controls • Builds trusted relationships with Health Plan leadership and key stakeholders to ensure contract assurance, readiness reviews, Request for proposal (RFP) support, timely deliverable fulfillment, compliance reporting, and continuous improvement • Drives early engagement with Enterprise Privacy, Security and Risk Management (EPSRM) visibility and influence across the organization • Lead EPSRM engagement with Health Plans or Shared Services to ensure privacy, security, AI, and business continuity requirements are clearly understood, implemented, and monitored • Interpret and translate regulatory, contractual, and legal requirements into operational controls and guide stakeholders on compliance expectations • Validate and manage compliance evidence, deliverables, and audit readiness, including responses to regulators, clients, and internal/external auditors • Build and maintain strong relationships with leadership, operational teams, and regulators to remove obstacles, resolve issues, and support consistent compliance practices • Track regulatory, legislative and contract changes, assess organizational impact, and communicate required actions while supporting scalable control updates • Oversee the accuracy and completeness of privacy, security, AI, and business continuity documentation, including plans, attestations, questionnaires, and related submissions • Enhance enterprise engagement processes by driving standardized procedures, governance practices, templates, and continuous improvement efforts • Support new market entries, RFP responses, contract renewals, and business expansion by providing specialized EPSRM subject matter expertise • Identify risks and control gaps, recommend mitigation strategies, and contribute to improved compliance maturity across the enterprise. • Performs other duties as assigned. Complies with all policies and standards.

• Utilize Sophos technologies to investigate, contain, and respond to cyber incidents • Mentor incident response analysts and MDR operations analysts by providing technical guidance, review, and escalation support • Perform advanced incident response analysis to identify initial access, persistence, and lateral movement to contain and remediate threats • Support MDR customers and MSPs by conducting phone calls and joining meetings to discuss cyber incidents, while often providing priority recommendations to contain, neutralize, and remediate • Conduct analysis of cyber incidents for malware, ransomware, and other common attack types • Maintain accurate and detailed documentation for analysis performed during cyber incidents • Work closely with internal SophosLabs, Detection Engineering, and Threat Hunting teams to continuously expand and improve detection logic • Work closely with Sophos MDR Operations teams in providing response, remediation guidance, and excellent customer service • Where appropriate, contribute to Sophos blogs, social media, and other sources on adversary tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and other investigative findings • Evaluate new technologies and processes to improve the overall incident response capability • Assist in creating accurate and detailed technical incident reports as a post-incident deliverable for MDR customers and MSPs