Creating a future worth living. For patients. Worldwide. Every day.
Corporate Security Intelligence Lead
Location
Massachusetts + 2 moreAll locations: Massachusetts | Pennsylvania | Washington
Posted
1 day ago
Salary
0
Seniority
Senior
Job Description
Corporate Security Intelligence Lead
Fresenius Medical Care
• Develop and execute a global strategy to identify, assess, and mitigate threats • Lead the corporate security intelligence function and insider threat risk program • Design, implement, and govern a corporate security intelligence strategy • Manage a globally dispersed team delivering threat analysis, investigations, and executive briefings • Establish and mature intelligence collection methodologies and analytical frameworks • Develop an Insider Threat Risk Management Program • Ensure compliance with global privacy, labor, and data protection laws • Plan and direct enterprise investigative strategies and programs • Design and implement insider threat detection tools and analytics • Deliver threat awareness briefings and compliance training.
Job Requirements
- Bachelor’s degree in Intelligence Studies, Security Management, Behavioral Science, or related field (master’s preferred)
- possess an active/in-scope security clearance
- Minimum of 15 years of experience in security management roles
- Proven track-record in compliance programs, risk management, and incident response
- Experience in systems management and leading people
- Experience managing third-party vendors and cross-functional teams
- Deep understanding of threat actor methodologies, behavioral threat indicators, and intelligence tradecraft
- Strong analytical, investigative, and communication skills
- Experience with insider threat platforms, SIEM tools, and behavioral analytics
- Ability to operate in high-pressure environments and manage sensitive, confidential information with discretion
- Ability to work in a matrixed, resource-constrained, and diverse environment.
Benefits
- medical, dental, and vision insurance
- 401(k) with company match
- paid time off
- parental leave
- potential for performance-based bonuses
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
SAP GRC Specialist
Bright Vision TechnologiesBright Vision Technologies is a forward-thinking software development company dedicated to building innovative solutions that help businesses automate and optimize their operations. We leverage cutting-edge technologies to create scalable, secure, and user-friendly applications. We recognize that our people are our strength. We are an equal opportunity employer and place a high value on diversity and inclusion. We do not discriminate on the basis of any protected attribute. We make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Bright Vision Technologies is an Equal Opportunity Employer, including Disability/Veterans.
Role Description We are seeking an experienced SAP GRC Specialist to design, implement, and operate security and access-control frameworks for complex SAP landscapes, including S/4HANA, ECC, BW/4HANA, Fiori, BTP, and SuccessFactors. In this role you will be responsible for: - SAP role design - User provisioning - Segregation-of-duties analysis - Audit support - The technical operation of SAP GRC suites The ideal candidate will combine deep expertise in SAP authorization concepts with strong hands-on experience operating SAP GRC Access Control and Process Control, and will partner closely with audit, compliance, and business teams to deliver a secure, auditable SAP environment. Qualifications - Bachelor’s degree in Computer Science, Engineering, or a related technical discipline. - Five or more years of SAP Security / GRC experience in enterprise landscapes. - Strong hands-on experience with SAP authorization concepts and role design. - Deep experience operating SAP GRC Access Control (ARA, ARM, BRM, EAM). - Experience supporting SAP audits and remediation activities. - Hands-on experience securing Fiori, BTP, and cloud SAP applications. - Familiarity with SAP IDM or third-party IGA tooling. - Working knowledge of SAP Process Control. - Strong understanding of regulatory frameworks such as SOX, GxP, and PCI. - Excellent communication and documentation skills. Requirements - Design and maintain SAP authorization concepts and role structures aligned with business processes and least-privilege principles. - Build and maintain master, derived, composite, and business roles for S/4HANA, ECC, and Fiori applications. - Configure and operate SAP GRC Access Control (ARA, ARM, BRM, EAM), including ruleset management, mitigating controls, and emergency access management. - Perform segregation-of-duties analysis and remediation in collaboration with business process owners and internal audit. - Configure user provisioning workflows in SAP GRC ARM, including request types, approval paths, and integration with IDM/IAM platforms. - Operate SAP GRC Process Control for continuous controls monitoring and policy management. - Implement security for Fiori applications, including catalogs, groups, and front-end authorizations. - Configure and operate security for SAP BTP and cloud applications using XSUAA, IAS, and IPS. - Support SAP audits (SOX, GxP, PCI) and respond to audit findings with documented remediation plans. - Implement transport security, table logging, and audit logging in line with internal security policies. - Monitor and remediate SAP Security Notes in coordination with Basis and DBA teams. - Maintain comprehensive, current technical documentation — including architecture diagrams, design decisions, configuration references, runbooks, and operational procedures. - Mentor junior team members and support knowledge transfer across the security team. Benefits - 100% Remote (Continental United States) - Salary: $150K - $185K - This is a full-time, direct W2 position with Bright Vision Technologies. - No third-party client, vendor, or implementation partner involved. - Support for H1B transfers for qualified candidates. How to Apply For immediate consideration, please send your resume to [email protected] or contact us at (908) 505-3544.
Incident Response Engineer
CasheaCompra ahora y paga después, en cuotas sin interés. El impulso que mereces.
• Investigar y responder incidentes de seguridad • Operar el SIEM para realizar consultas y análisis que soporten investigaciones • Administrar, configurar y diseñar automatizaciones en el SOAR • Desarrollar herramientas y scripts propios para automatizar respuestas • Ejecutar tareas de Threat Intelligence que involucran investigación de actores de amenaza • Llevar a cabo investigaciones forenses en endpoints y servidores
• Design and maintain network infrastructure • Firewall and security management • Network monitoring and troubleshooting • Compliance and risk management • Documentation and change management • Collaboration and support • Continuous improvement
Information System Security Officer
Koniag Government Services, LLCKoniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies.
Role Description Koniag IT Systems (KITS), a Koniag Government Services company, is seeking an experienced ICAM ISSO (Identity, Credential, and Access Management Information System Security Officer) to support critical cybersecurity and identity management initiatives. The ideal candidate is a detail-oriented security professional with a strong background in ICAM frameworks, federal security compliance, and risk management. The successful candidate will bring a combination of technical expertise and strong communication skills to ensure the security and integrity of identity and access management systems. Ability to obtain or maintain the required security clearance to support our government customer. The ICAM ISSO will serve as the primary security point of contact responsible for ensuring confidentiality, integrity, and availability of identity, credentials, and access management systems. This individual will work closely with system owners, program managers, and security teams to maintain system authorization, manage risks, and ensure compliance with federal security standards and ICAM policies. - Serve as the Information System Security Officer (ISSO) for one or more ICAM-related information systems, ensuring continuous monitoring and compliance with applicable federal security frameworks. - Develop, maintain, and update System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and other Authorization to Operate (ATO) documentation in accordance with NIST and agency-specific requirements. - Support the Assessment and Authorization (A&A) process, including facilitating security assessments, coordinating with Security Control Assessors (SCAs), and preparing authorization packages. - Monitor and manage the security posture of ICAM systems, including identity proofing, credentialing, authentication, and access control solutions. - Review and analyze audit logs, security alerts, and system events to identify anomalies, potential threats, and compliance gaps. - Coordinate with system administrators, developers, and engineers to ensure security controls are properly implemented and functioning as intended. - Identify and document system vulnerabilities and risks, coordinating remediation efforts and tracking progress through the POA&M process. - Support the implementation and governance of ICAM policies, procedures, and standards in alignment with federal mandates such as FICAM, HSPD-12, EO 14028, and OMB Memoranda. - Participate in security incident response activities, including investigation, containment, and reporting of security events related to identity and access management systems. - Conduct periodic security reviews and assessments to ensure ongoing compliance with security requirements and ICAM best practices. - Provide security guidance and recommendations to program teams regarding identity management, privileged access management (PAM), multi-factor authentication (MFA), and zero trust principles. - Collaborate with cross-functional teams including IT, compliance, and operations staff to align security practices with organizational and mission objectives. - Prepare and deliver security briefings, reports, and documentation for government stakeholders and leadership. Qualifications - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field from an accredited college or university. - 5+ years of experience in information security, with at least 2 years of direct experience in an ISSO role or equivalent security capacity. - Demonstrated experience supporting the NIST Risk Management Framework (RMF) and ATO processes. - Experience working with ICAM technologies and frameworks, including identity proofing, PKI, MFA, and access management solutions. - Active or ability to obtain the required security clearance. Requirements - Exceptional communication skills in English – both written and oral – with the ability to communicate effectively with technical and non-technical stakeholders, including government leadership. - Strong working knowledge of the NIST Risk Management Framework (RMF), including NIST SP 800-53, NIST SP 800-37, and FIPS 199/200. - Proficiency in developing and maintaining ATO documentation, including SSPs, POA&Ms, Security Assessment Reports (SARs), and Interconnection Security Agreements (ISAs). - Knowledge of ICAM concepts including identity lifecycle management, credentialing, authentication protocols (MFA, PIV/CAC), privileged access management (PAM), and single sign-on (SSO). - Experience with continuous monitoring programs and security information and event management (SIEM) tools. - Ability to analyze and interpret vulnerability scan results (e.g., Nessus, Tenable) and work with system teams to remediate findings. - Familiarity with federal cybersecurity policies, directives, and mandates, including FISMA, HSPD-12, EO 14028, and OMB Memoranda. - Strong analytical and problem-solving skills with attention to detail in reviewing security controls and documentation. - Ability to manage multiple priorities and deliver quality work products within defined timelines. - Ability to obtain and maintain the required security clearance. Desired Skills and Competencies - Experience working in a federal government IT or cybersecurity environment. - Knowledge of Zero Trust Architecture (ZTA) principles and implementation strategies, particularly as they relate to identity and access management. - Familiarity with Privileged Access Management (PAM) tools such as CyberArk, BeyondTrust, or similar platforms. - Experience with identity governance and administration (IGA) platforms. - Knowledge of SAML, OAuth2, OpenID Connect (OIDC), and other authentication and federation protocols. - Familiarity with cloud-based ICAM solutions and platforms (e.g., Azure Active Directory, Okta, AWS IAM). - One or more of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CompTIA Security+, CAP (Certified Authorization Professional), GIAC Security Essentials (GSEC). - Experience with GRC (Governance, Risk, and Compliance) tools such as XACTA, eMASS, or Archer. Benefits - Competitive compensation. - Extraordinary benefits package including health, dental, and vision insurance. - 401K with company matching. - Flexible spending accounts. - Paid holidays. - Three weeks paid time off. - And more.


