512 Information Security jobs in Quincy

nlbi_# Used to ensure website security and fraud detection. Maximum Storage Duration : Session Type : HTTP Cookie Some of the data collected by this provider is for the purposes of personalization and measuring advertising effectiveness. Maximum Storage Duration : Persistent Type : HTML Local Storage Maximum Storage Duration : Session Type : HTML Local Storage li_gc Pending Maximum Storage Duration : 180 days Type : HTTP Cookie Maximum Storage Duration : Persistent Type : HTML Local Storage Maximum Storage Duration : Session Type : HTML Local Storage localforage#keyvaluepairs Used to maintain filter settings on the website. Maximum Storage Duration : Persistent Type : IndexedDB __hstc Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. Maximum Storage Duration : 180 days Type : HTTP Cookie hubspotutk Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. Maximum Storage Duration : 180 days Type : HTTP Cookie ziwsSession Collects statistics on the user's visits to the website, such as the number of visits, average time spent on the website and what pages have been read. Maximum Storage Duration : Session Type : HTML Local Storage ziwsSessionId Collects statistics on the user's visits to the website, such as the number of visits, average time spent on the website and what pages have been read. Maximum Storage Duration : Session Type : HTML Local Storage ___utmvc Collects information on user behaviour on multiple websites. This information is used in order to optimize the relevance of advertisement on the website. Maximum Storage Duration : 1 day Type : HTTP Cookie Some of the data collected by this provider is for the purposes of personalization and measuring advertising effectiveness. _ga(x3) Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. Maximum Storage Duration : 2 years Type : HTTP Cookie _ga_#(x3) Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. Maximum Storage Duration : 2 years Type : HTTP Cookie collect Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. Maximum Storage Duration : Session Type : Pixel Tracker _gat Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. Maximum Storage Duration : 1 day Type : HTTP Cookie _gid Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. Maximum Storage Duration : 1 day Type : HTTP Cookie __ptq.gif Sends data to the marketing platform Hubspot about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels. Maximum Storage Duration : Session Type : Pixel Tracker Maximum Storage Duration : Persistent Type : HTML Local Storage cookie_6A.000_queryStringParams Pending Maximum Storage Duration : Session Type : HTML Local Storage Maximum Storage Duration : Persistent Type : HTML Local Storage Maximum Storage Duration : Persistent Type : HTML Local Storage List of domains your consent applies to: (#BULK_CONSENT_DOMAINS#) (#IABV2_TITLE#) (#IABV2_BODY_INTRO#) (#IABV2_TITLE#) (#IABV2_BODY_INTRO#) (#IABV2_BODY_LEGITIMATE_INTEREST_INTRO#) (#IABV2_BODY_PREFERENCE_INTRO#) (#IABV2_BODY_PURPOSES_INTRO#) (#IABV2_BODY_PURPOSES#) (#IABV2_BODY_FEATURES_INTRO#) (#IABV2_BODY_FEATURES#) (#IABV2_BODY_PARTNERS_INTRO#) (#IABV2_BODY_PARTNERS#) About Cookies are small text files that can be used by websites to make a user's experience more efficient. About Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages. You can at any time change or withdraw your consent from the Cookie Declaration on our website. Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy. Please state your consent ID and date when you contact us regarding your consent. Do not sell or share my personal information Want to impact the future of patient care? MyndYou brings together clinicians, technical experts, engineers, healthcare industry veterans, and innovators on a mission to pair simple but sophisticated technology and actionable data with a human touch to keep people safe, engaged, and healthy. Backed by an industry leading, New York-based healthcare private equity firm, MyndYou is based in New York with an office in Tel Aviv. We are seeking a motivated Sales and Marketing Analyst to join us in our growth journey. You will be a key partner for the sales and marketing teams in helping increase sales productivity and new customer acquisition. You’ll put your research skills to use in identifying sales opportunities and provide insights to executives influencing go-to-market activities. This is an opportunity to join a dynamic start-up, in a role where you’ll be rolling up your sleeves to contribute to revenue growth and working closely with MyndYou’s VP of marketing and the sales leadership team. The role is remote but looking to hire talents @ Boston area Key Responsibilities Lead Generation: Support the sales organization including assisting with prospect research, meeting preparation and follow-up activities for key accounts; research and identify new customer targets and help develop key account profiles. Lead Qualification: Coordinate activities with prospective clients including managing communications, identifying and coordinating key activity milestones and meetings, and ensuring follow-through to close out questions Lead conversion: Support the implementation of best practices to improve lead generation and conversion; Assist in testing new B2B outreach strategies and measure their impact; work with marketing and sales to execute outreach Performance Analysis: Support visibility and awareness of key marketing and sales performance measures, including review of Hubspot analytics Requirements Bachelors degree in business, communication or similar field 2-4years of previous experience as a sales, marketing or business analyst Experience in the health care industry is a must Experience working in the health-tech industry is an advantage Exceptional communication and interpersonal skills Proactive self-starter, ability to multitask Ability to thrive in a startup environment The role is remote but but looking to hire talents @ Boston area Compensation range - 65-80K annually + bonus Apply for this position MyndYou delivers next-generation care management solutions for healthcare organizations, partnering the best of AI technology with human interaction to improve the reach and success of clinical engagement programs and enable clinicians to focus on delivering care. Download the PDF: Artificial Intelligence, Real Results #J-18808-Ljbffr

Our client is seeking a skilled and motivated Information Systems Security Officer (ISSO) to join their dynamic Cybersecurity Team. This role is crucial in maintaining and developing our Information Security (IS) program and ensuring compliance with established security policies and procedures. The ISSO will be responsible for overseeing operational security implementation, vulnerability management, system assessments, and recovery processes. The ideal candidate will play a key role in safeguarding critical information systems and contribute to a comprehensive security posture.

• Develop and maintain an Information Systems (IS) security program and policies to ensure the protection of sensitive and classified systems and data.
• Monitor and enforce security policies for system implementation and configuration management.
• Ensure the protection of information systems and recommend resources to maintain security.
• Continuously monitor system vulnerabilities, assess potential threats, and respond to security incidents.
• Oversee corrective actions based on security assessments and testing.
• Ensure proper recovery procedures are in place to restore security features and systems after an incident.
• Report and mitigate security breaches in a timely manner.
• Develop, update, and maintain System Security Plans (SSP) for all relevant systems.
• Manage and control changes to systems, ensuring compliance with security policies and conducting risk assessments.
• Ensure compliance with internal security policies and external regulations.
• Track audit findings, document remediation plans, and validate adherence to security standards.
• Promote awareness of security issues across the organization.
• Provide ongoing training to ensure all staff understand their security responsibilities.
• Prepare technical documents, incident reports, vulnerability assessments, and other situational awareness information for key stakeholders.
• Assist in ensuring systems and configurations comply with security guidelines and regulatory requirements.
• Monitor and validate compliance through continuous security assessments and audits.
• Conduct system vulnerability scanning, configuration assessment, and remediation to maintain system integrity and security.

Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field is required.

Proven experience in cybersecurity, risk management, or information security roles, particularly in relation to system security, vulnerability management, and compliance activities.

Strong knowledge of security practices, tools, and technologies used to protect classified and sensitive systems.

Ability to analyze complex technical issues and propose effective solutions.

Excellent communication skills to interact with key stakeholders and provide clear security documentation and reports.

A minimum of Security+ certification (8570 compliance) is required. Additional cybersecurity certifications are a plus.

Due to the nature of the work, a Top-Secret (TS) clearance with SCI eligibility is required. Candidates may be required to undergo a CI polygraph examination, and willingness to participate in this process is a must. Selected candidate will be subject to a post offer background check and must be able to maintain a Secret-level DoD security clearance.

Digital Prospectors is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration and will not be discriminated against on the basis of race, color, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, or genetic information; US citizenship is required. Digital Prospectors affirms the right of all individuals to equal opportunity and prohibits any form of discrimination or harassment.

Type of Requisition:

Clearance Level Must Currently Possess:

Clearance Level Must Be Able to Obtain:

Public Trust/Other Required:

Job Family:

Job Qualifications:

Skills:

Certifications:

Experience:

US Citizenship Required:

Job Description:

The Information Systems Security Officer (ISSO) III is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system.

This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries.

This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide day-to-day support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.

Performance shall include:

• Assist the ISSM in meeting their duties and responsibilities.

• Prepare, review, and update authorization packages.

• Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media.

• Notify ISSM when changes occur that might affect the authorization determination of the information system(s).

• Conduct periodic reviews of information systems to ensure compliance with the security authorization package.

• Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.

• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.

• Ensure all IS security-related documentation is current and accessible to properly authorized individuals.

• Ensure audit records are collected, reviewed, and documented (to include any anomalies)

• Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties.

• Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans.

• Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them.

• Prepare reports on the status of security safeguards applied to computer systems.

• Perform ISSO duties in support of in-house and external customers.

• Conduct continuous monitoring activities for authorization boundaries under your preview.

• Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts.

Experience:

• 5+ years related experience, especially in developing RMF packages or bodies of evidence.

• 2+ years SAP experience required.

• Prior performance in roles such as System, Network Administrator or ISSO.

Education:

• Bachelors degree in a related area or equivalent experience (4 years)

Certifications:

• IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II (in lieu of IAT Level II)

Clearance Required to Start:

• TS/SCI required.

• Must be able to Attain TS/SCI with CI Polygraph

#AirforceSAPOpportunities #ISSO #TS/SCI

Scheduled Weekly Hours:

Travel Required:

Telecommuting Options:

Work Location:

Additional Work Locations:

Total Rewards at GDIT:

gdit.com/tc.

Cloud Security Engineer

Experience in Amazon security solutions Expert in cyber security

Should be able to do assessment of security risks, threats, vulnerabilities, monitoring and risk mitigation

Should be able to use Nessus and other container scanning tools

Location: Somerville

Duration: At least till year end

Overview Nisga'a CIOPS provides hands-on experienced services to civilian and DoD programs worldwide. Delivering highly skilled, cleared personnel who provide services on five continents for a portfolio of customers. Summary: The Base Information Transport Infrastructure (BITI) Network Management System (NMS) Engineer is an on-site position located at Hanscom AFB, MA. BITI Base Area Network (BAN) NMS is a local and regionally deployed hardware and software system used to manage the BITI deployed infrastructure at Air Force bases worldwide. BITI infrastructure is comprised of layer 2 and layer 3 network switching to include Core Nodes (CN), Critical Distribution Nodes (CDN), Critical Access Nodes (CAN), Distribution Nodes (DN), and Access Nodes (AN) of the BAN. SolarWinds Enterprise Operations Consoles are regional instances of hardware and software that are used to monitor the local SolarWinds site instances. BITI NMS system consists of numerous local and regional sites. The primary role for this position is to support the BITI NMS capabilities at Hanscom AFB. The BITI NMS engineer will provide on-site and remote engineering and integration services for the architecture and integration of products to include system architecture, solution design, performance audits, system updates and reviews, documentation, and data migration. Other duties include performing site audits and technical account management such as managing third parties, providing technical assistance and mentoring as directed, as well as providing cybersecurity recommendations in support of TO/TCTO and ATO within the RMF system. The BITI NMS engineer will also support the various Field Engineering Representatives as required. Responsibilities Essential Job Functions: Core Tasks Manage and maintain access to NMS system resources IAW DoD and AF directives. Manage NMS baseline configuration and ensure any changes to that configuration are coordinated through AF Cyber TIM/CAB processes as necessary. Work with AFIN Response Center personnel to ensure that NMS tickets are being routed, updated, and closed IAW current AF Cyber and PMO policy/process. Support BITI NMS users with system configuration management, software/hardware upgrades, and troubleshooting of connectivity issues as a Tier 3 resource. Coordinate and direct network changes and troubleshooting to support NMS system functionality. Respond to user access issues troubleshooting physical and logical connectivity to NMS system and its connected devices. Provide users with guidance to properly configure connected devices to ensure accurate monitoring/management. Work closely with NMS PMO to ensure system maintains compliance with published TO/TCTO and associated guidance. Author processes for configuring and managing NMS devices. Perform and assist with emergency restoration at sites. Maintain a database of all deployed systems, software versions, and configurations. Act as a liaison between NMS PMO and operational units in coordination with CSS3 Field Engineering Representatives (FERs). Some travel may be required as mission demands. Risk & Compliance Management Ensure compliance with DoD, Air Force, and industry security standards. Maintain operational readiness in accordance with procedures and policies. Assist in conducting risk assessments and applying mitigation strategies. Qualifications Necessary Skills and Knowledge: Excellent leader with experience in managing staff of different disciplines to produce results in a timely manner. Excellent communication skills. Excellent problem-solving skills. Strong technical knowledge of network and systems infrastructure. Ability to work both independently and collaboratively in a mission-critical environment. Familiarity with U.S. DoD & U.S. Air Force procedures and the AFIN. Minimum Qualifications: A degree in a related field and a minimum of seven (7) years of relevant experience or a total of at least ten (10) years of relevant experience. Experience supporting DoD Information Network, AFIN or equivalent. Information Assurance (IA) Technician (IAT) Level II Certification. A valid and current SECRET (or higher) security clearance. 1-3 years-experience with networking/infrastructure best practices in medium-to-large scale Data Center environment. 3-5 years-experience with Windows Server Admin roles. 3-5 years-experience with SolarWinds or similar management software in a production environment. 3-5 years-experience with VMware; building, maintaining, configuration, and troubleshooting Guest and host OS. Microsoft Certified Solutions Associate - MCSA. VMware Certified Technical Associate. SolarWinds Certified Professional. SQL Database Experience. Ability to install, manage and troubleshoot Windows Servers, SQL Servers, provide technical support & guidance, Perform System Maintenance through (IIS, SQL Database (mgt studio), Registry Edits, Group Policy Understanding, Maintain System Security). Pay and Benefits At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities. #J-18808-Ljbffr

Become a part of our caring community and help us put health first

The Senior Engineer, Offensive Security, executes high-fidelity threat actor and control validation campaigns within our BAS program. This role influences functional area strategy through technical expertise, operates with considerable autonomy on moderately complex assignments, and makes recommendations to leadership based on advanced knowledge and experience. The position focuses on Breach and Attack Simulation operations, campaign delivery, and detailed analysis, while also contributing to the overall direction of the program.

The Bigger Picture

Join a 100% remote, highly specialized offensive security team where you will have access to Hack The Box Pro Labs, all HTB role-based training paths and certifications, discretionary certification funding, and conference/training budgets. These resources will enable you to continuously advance your expertise while working on industry-leading BAS challenges at scale. You will be part of Cyber Threat Simulation (CTS), collaborating with Red Team, Penetration Testing, and Bug Bounty professionals-highly specialized experts who identify vulnerabilities so the business can address them proactively. Fridays are dedicated to research and development, allowing the team to pursue training in emerging offensive security technologies, tools, large language models (LLMs), artificial intelligence, and other relevant topics.

Mission & Impact

• Run high-fidelity threat-actor and control-validation campaigns , maintain agent health, convert raw BAS platform test results into actionable findings, and track them in the enterprise risk management platform. You will leverage your offensive security expertise to determine the most effective approach for executing simulations, design appropriate test cases for specific security countermeasures, and manage multiple projects simultaneously.

• Your week includes reviewing the latest products from the Threat Intelligence team on a specific threat actor, chaining custom Tactics, Techniques, and Procedures (TTPs) for a Threat Simulation, and developing complementary custom test cases using the platform's Python API. Additional responsibilities involve initiating a bi-weekly Security Baseline, collaborating with SIEM Engineering to tune detection logic after analyzing recent baseline results, writing concise findings for documentation in the enterprise risk management system, and conducting in-depth analysis of IOC Validation gaps.

• Why it matters : Every campaign you launch identifies real-world weaknesses before attackers can exploit them, providing Engineering and Threat Management and Response teams with valuable data to strengthen security countermeasures, review architectural and strategic security decisions, and enhance our overall security posture.

• You'll excel in this role if you are proficient in Python, enjoy transforming cyber threat intelligence into high-fidelity TTPs, thrive at mapping attacker behavior to potential detection telemetry, and prefer presenting evidence-based dashboards over debating hypotheticals.

Key Responsibilities

• Campaign Delivery : Build and execute threat-actor and control-validation campaigns using the BAS platform's pre-built threat simulation libraries, supplemented by custom test cases developed through the Python API to address specific TTPs not covered by the vendor. Ensure campaigns meet service level agreements, such as a two-week turnaround for pre-built threat simulations, while operating with limited guidance on moderately complex campaign development.

• Tool Operation & Tuning : Maintain agents, payload sets, and scheduling with considerable autonomy. Automate bi-weekly security baseline runs and create synthetic unit tests when there are changes in countermeasure configurations or architecture. Apply advanced technical knowledge to resolve complex issues.

• Data & Reporting : Draft actionable findings for SOC/IR and organize risk items within the Findings-Analysis workstream for documentation. Use independent judgment to analyze and evaluate variable factors such as network architecture, agent configuration, and detection capabilities.

• Strategic Collaboration : Collaborate with the CTI team on priority TTPs, verify annual coverage, and share new test cases with the broader team. Make recommendations regarding testing approaches based on offensive security expertise and experience.

• Continuous Improvement : Propose enhancements to security countermeasures, address detection or alerting gaps, and suggest new service-line use cases to the Lead for roadmap consideration. Your technical insights and proactive recommendations will have a significant influence on the BAS strategy.

Use your skills to make an impact

Minimum Qualifications

• Minimum 3 years of experience in offensive security roles such as Red Team, Penetration Testing, or Bug Bounty programs

• Intermediate to advanced proficiency in Python programming, or equivalent experience with interpreted languages such as PowerShell, Bash, or Ruby

• Independent technical problem-solving and analysis

• Experience with major Cloud Service Providers, including AWS, GCP, and Azure

• Demonstrated ability to work autonomously on complex technical assignments

• Experience utilizing Threat Intelligence to guide offensive security operations

• Experience testing endpoints protected by solutions such as Microsoft Defender for Endpoint, CrowdStrike, or SentinelOne

• Interest in building and testing large language models (LLMs), machine learning models, AI infrastructure, MCP, prompt engineering, and applying these technologies to offensive security operations

Preferred Qualifications

• Minimum 5 years of experience in any of the following areas:

• Malware development

• Advanced Red Team operations and threat simulation

• Threat hunting or digital forensics in enterprise environments

• Analyzing and gathering intelligence on threat actors and their TTPs

• Published speaking engagements at industry conferences such as DEF CON, BSIDES, x33fcon, Black Hat, etc.

• Relevant industry certifications, including but not limited to: OSCP, OSWE, OSED, OSCE3, CRTP, CRTE, CRTO, CRTL, CPTS, CBBH, CWEE, CAPE, MalDev Academy, OpenSecurityTraining2

• Experience with building and breaking LLMs, machine learning models, AI infrastructure, MCP, prompt engineering, and applying these technologies to offensive security operations

Remote/WAH requirements:

• WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.

• A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.

• Satellite and Wireless Internet service is NOT allowed for this role.

• A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.

Scheduled Weekly Hours

40

Pay Range

The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.

$117,600 - $161,700 per year

This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.

Description of Benefits

Humana, Inc. and its affiliated subsidiaries (collectively, "Humana") offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.

Application Deadline: 07-29-2025

About us

Humana Inc. (NYSE: HUM) is committed to putting health first - for our teammates, our customers and our company. Through our Humana insurance services and CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health - delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare, Medicaid, families, individuals, military service personnel, and communities at large.

?

Equal Opportunity Employer

It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.

Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our

We anticipate the application window for this opening will close on - 29 Jul 2025

At Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.

A Day in the Life

At Medtronic, we bring bold ideas forward with speed and decisiveness to put patients first in everything we do. In-person exchanges are invaluable to our work. We're working onsite 4 days a week as part of our commitment to fostering a culture of professional growth and cross-functional collaboration as we work together to engineer the extraordinary. In your role, you may work from one the following Medtronic sites:

• Mounds View, Minnesota - Lafayette, Colorado

• Fridley, Minnesota (OHQ) - Irvine, California (UCI)

• Rice Creek, Minnesota - Jacksonville, Florida

• Boston, Massachusetts

The Manager of Application Security leads the organization's efforts to secure applications across the software development lifecycle (SDLC). This role collaborates with engineering, DevOps, and product teams to embed security best practices into design, development, and deployment processes. The manager is responsible for defining the application security strategy, leading security reviews, overseeing threat modeling, and managing security tools and programs like SAST, DAST, SCA, and bug bounty initiatives.

• Lead the application security strategy and team, integrating security into the software development lifecycle and CI/CD pipelines.

• Oversee the implementation and management of security tools, secure coding practices, threat modeling, and vulnerability remediation efforts.

• Manage vendor contracts and relationships for security tools and services, including contract negotiation, compliance, and performance tracking.

We believe that when people from different cultures, genders, and points of view come together, innovation is the result -and everyone wins. Medtronic walks the walk, creating an inclusive culture where you can thrive. Our unwavering commitment to inclusion, diversity, and equity (ID&E) means zero barriers to opportunity within Medtronic and a culture where all employees belong, are respected, and feel valued for who they are and the life experiences they contribute. We know equity starts beyond our workplace, and we must play a role in addressing systemic inequities in our communications if we hope to have long-term sustainable impact. Anchored in our Mission, we continue to drive ID&E forward both to enhance the well-being of Medtronic employees and to accelerate innovation that brings our lifesaving technologies to more people in more places around the world.

Bring your talents to an industry leader in medical technology and healthcare solutions - we're a market leader and growing every day. You can be proud to be a part of technologies that are rooted in our long history of mission-driven innovation. You will be empowered to shape your own career. We encourage and support your growth with the training, mentorship, and guidance you need to own your future success. Together, we can transform healthcare. Join us for a career in IT that changes lives. Medtronic is committed to fostering a diverse and inclusive culture. Check out the accomplishments of our Women in IT group!

CAREERS THAT CHANGE LIVES

• Develop, implement, and continuously improve the organization's application security program and roadmap.

• Lead and mentor a team of application security engineers and analysts.

• Collaborate with development, DevOps, and product teams to integrate security controls into CI/CD pipelines and software development practices (DevSecOps).

• Conduct threat modeling, secure code reviews, and vulnerability assessments.

• Manage and optimize application security tools (e.g., SAST, DAST, SCA, RASP, WAF, container scanning).

• Oversee the evaluation, selection, onboarding, and management of third-party security vendors and tools.

• Manage vendor relationships, including negotiating contracts, setting service-level agreements (SLAs), and tracking performance against KPIs.

• Ensure all third-party security tools and services comply with legal, procurement, and cybersecurity policy requirements.

• Review and assess vendor security practices as part of risk management and due diligence.

• Partner with internal stakeholders (Legal, Procurement, Finance) to manage contract renewals, budget forecasting, and spend tracking related to security services.

• Partner with internal teams to prioritize and remediate vulnerabilities discovered through testing, bug bounty, or vendor reports.

• Develop secure coding standards and deliver developer training to promote secure development practices.

• Track, report, and present application security KPIs to leadership.

• Stay current with evolving threats, vulnerabilities, and application security trends.

• Contribute to incident response efforts when application-related security incidents occur.

• Expert knowledge in AWS, and GITHUB, and well informed on other emerging technologies.

MUST HAVE (Minimum Qualifications)

• Bachelor's degree

• 5+ years of experience with a bachelor's degree or 3+ years of experience with an advanced degree

NICE TO HAVE (Preferred Qualifications)

• Strongly Preferred:

• Strong understanding of Cyber Security NIST frameworks, OWASP

• Strong communication skills to upper management and leadership

• Strong ability to collaborate with other IT organizations and business partners

• Experience managing a third-party vendor contracts

• Expert in agile work processes

• Strategic thinker

• Professional certifications such as CISSP, CSSLP, GWAPT, or OSWE.

• Experience with DevSecOps practices and tools in a cloud-native environment (AWS, Azure, GCP).

• Experience working in Agile or DevOps environments.

Physical Job Requirements

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this position, but they are not an exhaustive list of all the required responsibilities and skills of this position?

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role.

Benefits & Compensation

Medtronic offers a competitive Salary and flexible Benefits Package

A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage.

Salary ranges for U.S (excl. PR) locations (USD):$132,800.00 - $199,200.00

This position is eligible for a short-term incentive called the Medtronic Incentive Plan (MIP).

The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others).

The following benefits and additional compensation are available to those regular employees who work 20+ hours per week: Health, Dental and vision insurance, Health Savings Account, Healthcare Flexible Spending Account, Life insurance, Long-term disability leave, Dependent daycare spending account, Tuition assistance/reimbursement, and Simple Steps (global well-being program).

The following benefits and additional compensation are available to all regular employees: Incentive plans, 401(k) plan plus employer contribution and match, Short-term disability, Paid time off, Paid holidays, Employee Stock Purchase Plan, Employee Assistance Program, Non-qualified Retirement Plan Supplement (subject to IRS earning minimums), and Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums).

Regular employees are those who are not temporary, such as interns. Temporary employees are eligible for paid sick time, as required under applicable state law, and the Employee Stock Purchase Plan. Please note some of the above benefits may not apply to workers in Puerto Rico.

Further details are available at the link below:

Medtronic benefits and compensation plans (

About Medtronic

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.

Our Mission - to alleviate pain, restore health, and extend life - unites a global team of 95,000+ passionate people.

We are engineers at heart- putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

Learn more about our business, mission, and our commitment to diversity here ( .

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.

If you are applying to perform work for Medtronic, Inc. ("Medtronic") in any position which will involve performing at least two (2) hours of work on average each week within the unincorporated areas of Los Angeles County, you can find here ( a list of all material job duties of the specific job position which Medtronic reasonably believes that criminal history may have a direct, adverse and negative relationship potentially resulting in the withdrawal of a conditional offer of employment. Medtronic will consider for employment qualified job applicants with arrest or conviction records in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

We lead global healthcare technology and boldly attack the most challenging health problems facing humanity by searching out and finding solutions.

Our Mission - to alleviate pain, restore health, and extend life - unites a global team of 95,000+ passionate people.

We are engineers at heart- putting ambitious ideas to work to generate real solutions for real people. From the R&D lab, to the factory floor, to the conference room, every one of us experiments, creates, builds, improves and solves. We have the talent, diverse perspectives, and guts to engineer the extraordinary.

We change lives . Each team member, each day, helps to improve and redefine how the world treats the most pressing health conditions, from heart disease to diabetes. Our industry leadership comes from the passion and ingenuity of our people. That's who we are. Working alongside one another, we use science, medicine, and a profound understanding of the human body to build extraordinary technologies that can transform lives.

We build extraordinary solutions as one team . With one Medtronic Mindset defining how we work. Speed and decisiveness run through our DNA. Diverse perspectives inspire our bold answers to any challenge that comes our way. And we deliver results the right way, breakthrough after patient breakthrough.

This life-changing career is yours to engineer . By bringing your ambitious ideas, unique perspective and contributions, you will.

• Build a better future, amplifying your impact on the causes that matter to you and the world

• Grow a career reflective of your passion and abilities

• Connect to a dynamic and inclusive culture that welcomes the challenge of life-long learning

These commitments set our team apart from the rest:

Experiences that put people first . Respect for people is the hallmark of our humanity. It fuels our team to positively impact even a single life. And it means we put our people first at Medtronic as well, creating a culture of belonging and always pushing to get you the career-building resources you need.

Life-transforming technologies . No matter your role, you contribute to technologies that transform lives. What we build empowers patients to live life on their terms.

Better outcomes for our world . Here, it's about more than the bottom line. Our Mission to improve human welfare drives us. We advance healthcare, society, and equity with every design, inside and outside our walls.

Insight-driven care . Fresh viewpoints. Cutting-edge AI, data, and automation. You're shaping the future of healthcare technology and defining the next generation of breakthroughs in care

It is the policy of Medtronic to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Medtronic will provide reasonable accommodations for qualified individuals with disabilities.

For sales reps and other patient facing field employees, going into a healthcare setting?is considered an essential function of the job and we expect our employees to comply with all credentialing requirements at the hospitals or clinics they support.

This employer participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here ( .

For updates on job applications, please go to the candidate login page and sign in to check your application status.

If you need assistance completing your application please email

To request removal of your personal information from our systems please email

The IT Compliance Analyst will be a critical part of the IT Team, reporting to the Director of IT Compliance. The IT Compliance Analyst will be responsible for assisting in the IT audit process for compliance with Sarbanes Oxley (SoX), vendor risk assessment process, and assist with data recovery and analysis processes.

For over 90 years Global Partners LP has been delivering the energy our communities need to grow, move, and thrive. From Alltown Fresh, with its innovative chef-led creations and guest-focused retail experience, to our vast network of over 50 liquid energy terminals across the eastern seaboard and beyond, Global Partner's integrated network of businesses delivers value day-in and day-out to our guests and customers across the US. At Global Partners we embrace the future, investing in the energy transition with initiatives like GlobalGLO and supporting the communities in which we operate with our charitable work.

We're excited for the next 90 years at Global Partners and what innovative new ideas we can bring to our guests and customers in the future. We're looking for passionate people with great ideas to contribute to our company's future. If you're motivated by what's next, Global Partners can provide you the opportunities to push your career to the next level.

The Types of "Energy" You Bring

• Excellent written and verbal communication skills.
• You are self-motivated and like to take initiative.
• You are a team player with a positive attitude.
• You have strong time management skills.

• Perform various IT audit/compliance functions with minimum supervision.
• Complete audit and review steps using our customized IT audit approach
• Conducts technical, integrated, and compliance audits (e.g. - Sarbanes Oxley).
• Audits new and existing information system applications and operating environments.
• Assist with the development of action plans concerning remediation efforts
• Gather information and testing evidence as required by our internal and external auditors.
• Monitor for compliance with organizational policies, procedures, and overall information management strategy.
• Develops and communicates recommendations to correct IT control deficiencies, provide ideas for process enhancements, and follow up on audit findings to ensure they are addressed by process and control owners in a timely manner.
• Conducts IT compliance in the performance of vendor risk assessments.
• Conduct timely and comprehensive third-party risk assessments in alignment with internal policies, regulatory requirements, and industry best practices.
• Identify opportunities to enhance assessment methodologies, tools, and workflows to drive efficiency and effectiveness.

• Coins! We offer competitive salaries and opportunities for growth. We mean it! We have an amazing Talent Development Team who create trainings for growth and job development.
• Health + Wellness - Medical, Dental, Visions and Life Insurance. Along with additional wellness support.
• The Road Ahead - We offer 401k and a match component!
• Professional Development - We provide tuition reimbursement; this benefit is offered after 6 months of service.
• Give Back! We believe in community support. We know everyone gives in their own way, that's why we offer paid volunteer time-off to you to help an organization of your choice.

• First thing first, if you're interested in the role, please apply.
• A talent acquisition team member will review your resume in partnership with the hiring manager. If your experience would lend to this opportunity a recruiter will contact you.
• We conduct "in-person" (Teams) interviews and provide additional interview information or other items needed at that time.

• Experience with technical programs including MS Office Suite and a strong working knowledge of Excel.
• You have excellent organizational skills.
• You have excellent communication skills written and verbal.
• You have strong Microsoft Office Skills with a strong working knowledge of Excel.
• You have strong attention to detail in a fast-paced work environment, and the ability to manage and prioritize multiple projects simultaneously.