Everyone Is a Caregiver

At UMass Memorial Health, everyone is a caregiver – regardless of their title or responsibilities. Exceptional patient care, academic excellence and leading-edge research make UMass Memorial the premier health system of Central Massachusetts, and a place where we can help you build the career you deserve. We are more than 16,000 employees, working together as one health system in a relentless pursuit of healing for our patients, community and each other. And everyone, in their own unique way, plays an important part, every day.

• Serves as a subject matter expert (SME) on cybersecurity topics across business initiatives.
• Maintains confidentiality & preserve privilege in all investigations & sensitive cybersecurity matters.
• Understands and utilizes a Systems Thinking approach to design, troubleshooting, operations, & investigation.
• Develops and delivers writing and presentations with clear, concise language & narrative style to audiences of varying background and specialty.
• Supports technical controls required to achieve & support regulatory and legal requirements including HIPAA, PCI-DSS, state privacy laws, et al.
• Understands & supports the goals of the CIS Critical Security Controls.
• Conducts & supports security workstreams including cyber threat intelligence, security operations, incident response, vulnerability management, risk assessment, secure architecture/design, application security, communication/network security, endpoint detection & response (EDR), & network access control (NAC/ISE).
• Assesses security controls and evaluate posture of systems, devices, and processes.
• Defines foundational controls addressing new risk scenarios and mature existing controls to address significant changes.
• Conducts & supports risk management activities across business units.
• Evaluates third party risk for alignment with organization security controls & policies.
• Trains staff on proper risk assessment and management methodology.
• Serves as an escalation resource for confirmation and resolution of complex risk scenarios.
• Researches attack trends & maintain current knowledge of attack techniques, tactics, & practices to manage risk surface and reduce time to detection.
• Develops detective controls, exposure tracking, and remediation paths for evolving threats.
• Provides operational support for security monitoring alerts, triaging, and maintenance.
• Trains and support staff in applying tools, techniques, and processes required to enhance skills and increase operational performance.
• Performs level 1 & 2 incident response activities including detection, containment, & documentation.
• Preserves, documents, & analyzes forensic evidence and artifacts using best practices & commercial/open-source tools (e.g., EnCase, Access Data, Autopsy, Volatility, etc.)
• Authors & presents case studies & investigative analysis resulting from security events & incidents.
• Performs original analysis of threat intelligence signals from internal and public sources resulting in actionable Indicators of Attack/Compromise (IoA/C) collateral.
• Maintains currency and train staff on tools & intelligence-driven trends informing evolving attack methodology.
• Leads threat hunting activities across multiple platforms to support the Cyber Threat Intelligence (CTI) function.

Required:

• Bachelor’s degree or equivalent experience.
• 8+ years IT/IS experience w/ 4+ years in a Security-focused role.
• Experience in Cybersecurity, IT/IS, Internal Audit, or a related discipline.
• Ability and desire to research emerging technical challenges and assimilate knowledge quickly.
• Demonstrated abilities for analytical understanding, attention to detail, and critical thinking.
• Ability to understand problem logic and produce solution-oriented proposals.
• Ability to train technical personnel in System Thinking analysis methods.
• Ability to identify and mitigate vulnerabilities and explain how to avoid them to non-technical audience.
• Ability to analyze large datasets using standard methods and tools (e.g., Excel, SQL, etc.) to distill actionable intelligence or understanding.
• Excellent time management and communication skills (written and verbal).

Preferred:

• Masters' degree in Computer Science, Information Systems, or related discipline.
• Relevant industry certifications: (ISC)2, ISACA, SANS, vendor-specific, etc.

This position may have a signing bonus available a member of the Recruitment Team will confirm eligibility during the interview process.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

We’re striving to make respect a part of everything we do at UMass Memorial Health – for our patients, our community and each other. Our six Standards of Respect are: Acknowledge, Listen, Communicate, Be Responsive, Be a Team Player and Be Kind. If you share these Standards of Respect, we hope you will join our team and help us make respect our standard for everyone, every day.

As an equal opportunity and affirmative action employer, UMass Memorial Health recognizes the power of a diverse community and encourages applications from individuals with varied experiences, perspectives and backgrounds. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, gender identity and expression, protected veteran status or other status protected by law.

If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at talentacquisition@umassmemorial.org. We will make every effort to respond to your request for disability assistance as soon as possible.

Overview

Planned Systems International (PSI) is an Enterprise IT services company who focuses on designing, building, securing, and operating cutting-edge software solutions that drive mission success and operational excellence for Federal Government organizations. We are currently seeking a Cybersecurity SME to support The Tactical Assault Kit/Team Awareness Kit (TAK) Product Center (TPC) in all cyber security efforts across all stages of the software development lifecycle. They will collaborate closely with development teams and site reliability engineers to integrate robust security standards and best practices. These duties will incorporate a product wide road map for cyber security compliance for the CI/CD environment and implementing the same. The goal is to attain a continuous ATO for the TPC.

• The TAK Cyber Security SME will develop a road map for cyber security compliance for the TAK CI/CD environment and related activities.
• Will implement the same with the goal for TPC to attain a continuous ATO.
• Will develop TPC policy and best practices to be compliant with DoD and NIST requirements.
• Will assess risk using RMF to identify by hazard level, likelihood of occurrence, and actions to mitigate. This will create a prioritization of effort for cyber security activity as well as how to respond to emergent security situations.
• The candidate will participate in the Agile software development process to ensure security is part of this work as implemented by TPC.

Required Qualifications:

• Master's degree in computer science or related technical discipline, or the equivalent combination of education, professional training, or work experience.
• 5+ years technical experience in systems/network administration.
• 5+ years experience in DoD or military service, providing Cyber Security Risk Management Framework (RMF) and certification and accreditation processes.
• Familiarization in security tools (ACAS, McAfee, Solar Winds, etc.).
• Formal DoD Risk Management Framework (RMF) training including documentation, artifacts, products, and tools.
• CI/CD pipeline system experience and familiarization with relevant artifacts, and products.
• Zero Trust policy and implementation experience.
• Policy and guidance writing proficiency.
• Information Assurance Technical (IAT) and IASAE Level 3 certifications.
• Certified Information Systems Security Professional (CISSP) and Information Systems Security Engineering certification.
• Required to obtain appropriate Computing Environment (CE) certifications for the operating system(s) and security-related tools/devices they support.
• Experience with Amazon Web Services (AWS) infrastructure and service offerings.
• Active Secret Security Clearance.

Preferred Qualifications:

• Certified Ethical Hacker certification.

Company Benefits

PSI offers full-time, benefits eligible employees a competitive total compensation package that includes paid leave, and options for employer sponsored group medical, dental, vision, short-term and long-term disability, life insurance, AD&D coverage, legal services, identity theft, and accident insurance. Flexible spending account and health saving account options offer pre-tax savings for qualified medical, dental, and vision expenses. The company sponsored 401(k) retirement plan has an employer contribution match that is immediately vested. We invest in the professional growth of our employees through professional courses, certifications, and tuition reimbursement programs.

EEO Commitment

It is company policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits, and termination, are made without regard to race, color, religion, age, sex, sexual orientation, pregnancy, gender identity, genetic information, national origin, citizenship status, veteran status, protected veteran status, disability, or any other characteristic protected by applicable federal, state, or local law.

Reasonable accommodations for applicants and employees with disabilities will be provided. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources by emailing HRDepartment@plan-sys.com, or by dialing 703-575-8400.

Company

Alaska Airlines

The Team

Guided by our purpose, core values, and leadership principles, we are creating an airline people love. Our corporate teams set the strategies and operational plans to ensure the success of our company. Whether we use our expertise in accounting, human resources, finance, planning, legal, marketing, or any of our operational divisions, our shared passion for travel and our guests is what motivates us to achieve excellence each day. If you share our passion for creating an airline people love, we want to hear from you.

Role Summary

The Principal Security Engineer - IAM is an individual contributor looked to as the subject matter expert in Identity management and privileged access, and is part of a team responsible for developing, implementing, and maintaining AAG’s identity and access management systems. The primary goals of this IAM Engineer are to ensure that only authorized individuals have access to information and resources across the enterprise and to help influence leadership and define long-term strategies for security solution design, maintenance, resource planning, disaster recovery and continuity; ensuring cost effective and appropriate solutions are delivered.

• Acts as the lead subject matter expert in cybersecurity identity solutions engineering.
• Defines the long-term strategy for the design, maintenance, resource planning, disaster recovery and continuity for security solutions used to secure the enterprise’s resources.
• Liaisons and partners directly with IAM Architect, to assist in maintaining the strategy and vision of our IAM technology systems.
• Solves the complex problem of sourcing the security tools/solutions required to enable and enhance the Identity team’s capabilities in a cost effective and efficient manner.
• Provides mentoring to other engineers on the team.
• Owns core Identity technologies: Active Directory, Identity Management, SSO/MFA, Privileged Access Mgmt and helps to ensure they meet governance and compliance requirements.
• Influences across CyberSecurity and external teams to design and engineer security solutions for securing the enterprise.
• Leverages creative thinking and innovation, with pragmatic outcomes, that build constructive business relationships and gain the trust of others.
• Drives continuous process and technology improvements across the Identity and CyberSecurity solutions stack.

Required

• A minimum of 7 years of experience in security engineering, security operations, or development
• Bachelor’s degree with a focus in Computer Science or a related field, or an additional two years of relevant training/experience in lieu of this degree.
• Demonstrated ability to influence and clearly communicate across vast sections of IT and the business, including company leaders.
• High school diploma or equivalent.
• Minimum age of 18.
• Must be authorized to work in the U.S.

Preferred

• Industry certification in information security (e.g. CISA, CISSP, and/or GIAC).
• Experience working with diverse security tools/solutions Experience coding with common languages and providing integrations with REST or SOAP API’s.
• Proven experience developing and executing plans, meeting deadlines, operating under tight time constraints.
• Experience monitoring trends in information technology, identity & access, and security that could have an impact on the security of the organization's products, processes, infrastructure, or customers.

Job-Specific Leadership Expectations

Embody our values to own safety, do the right thing, be kind-hearted, deliver performance, and be remarkable.

Salary Range

$136,100 - $204,100 / year

Salary Details

Pay will be based on multiple factors, including and not limited to location, relevant experience/level and skillset while balancing internal equity relative to other Alaska/Horizon employees. Alaska/Horizon is committed to fair, unbiased compensation along with competitive benefits in all locations in which we operate.

Note: We don’t typically hire at the top of the range.

Total Rewards

Alaska Airlines and Horizon Air pay and benefits can vary by company, location, number of regularly scheduled hours worked, length of employment, and employment status.

• Free stand-by travel privileges on Alaska Airlines & Horizon Air
• Comprehensive well-being programs including medical, dental and vision benefits
• Generous 401k match program
• Quarterly and annual bonus plans
• Generous holiday and paid time off

For more information about Alaska/Horizon Total Rewards please visit our career site and view benefits.

FLSA Status

Exempt

Regular/Temporary

Regular

Requisition Type

Management

Apply by 7:00 PM Pacific Time on

9/18/2024

Location

Seattle - Hub

Equal Employment Opportunity

We are proud to be an Equal Employment Opportunity (EEO) and Affirmative Action (AA) employer that is committed to diversity, equity, and inclusion. We take affirmative action to ensure equal opportunity for all qualified applicants and employees and do not discriminate based upon race, color, religion, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, national origin, age, protected veteran or disability status, genetic information (including family medical history), political views or activity, or other legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local law. We may use your information to maintain the safety and security of Alaska Airlines and Horizon Air, its employees, and others as required or permitted by law. People of color, women, LGBTQIA+, immigrants, veterans, and persons with disabilities are encouraged to apply.