Company Description

“We’re not in the shipping business; we’re in the information business” -Peter Rose, Expeditors Founder

Global supply chain management is what we do, but at the heart of Expeditors you will find professionalism, leadership, and a friendly environment, all of which foster an innovative, customer service-based approach to logistics.

• 18,000 trained professionals
• 350+ locations worldwide across 60+ countries
• Fortune 500
• Globally unified systems

• Maintain list of all risks, controls and procedures related to the department's audit activities, work with control performers and risk owners to ensure timeliness and accuracy of results and successful completion of audit.
• Support interim and final IS audit procedures around IT general and application controls and provide support on the completion of these procedures, meeting with the internal and external auditors frequently toward the end of audit periods.
• Assist with identifying and assessing IS risk & relevant controls, including participation in annual risk and control reviews.
• Review and perform QA over audit evidence, relevant processes, and procedural documentation before submitting to the auditors.
• Facilitate internal and external audit walkthroughs of IT controls alongside process/control owners.
• Assist and support 1st Line with identifying and documenting issues identified during audit and developing remediation plans for improvement.
• Documenting, managing and maintaining IS audit programs, procedures and artifacts.
• Ensuring control performers' and risk owners' understanding of control objectives, artifacts and control health.
• Measuring and identifying cybersecurity risk associated with critical clients and suppliers.

Minimum Qualifications

• Bachelor's degree in Information Systems, Accounting, Business, or in a relevant field
• Understanding of and experience with the Sarbanes-Oxley (SOX) compliance requirements, the COSO and COBIT frameworks and the Governance, Risk and Compliance (GRC) management models
• Understanding NIST Cybersecurity frameworks, CMMC
• Critical thinking/problem solving skills
• Strong verbal and written communication skills
• Excellent project management skills
• Data visualization skills for highlighting and trending control performance
• High level of integrity, ownership, accountability and initiative
• Knowledge of the basic nature of auditing, enterprise IT environment and information system concepts, and IT audit principles and practices a plus

Preferred Qualifications

• Certification preferred (CISA, CPA, CIA)
• 3+ years IT audit experience, through public accounting/auditing and/or industry experience

This position is on-site and will reside in the greater Seattle, WA. area at one of the following locations depending on availability. Candidates must be local or willing to relocate. Relocation assistance is not offered for this position.

• Downtown Seattle
• Federal Way
• Lynnwood
• Bellevue (Factoria)

Applicants are required to be eligible to lawfully work in the U.S. immediately; employer will not transfer or sponsor applicants for U.S. work authorization (such as an H-1B visa) for this opportunity.

Expected base salary: $140,000 to $157,000

Expeditors offers excellent benefits:

• Paid vacation
• Holidays (10)
• Flexible Days (2)
• Paid Sick Time (accrual rate of 1 hour of sick time per 30 hours paid)
• 401(k) Retirement Savings Plan with employer match
• Employee Stock Purchase Plan (ESPP)
• Medical, Prescription Drug, Dental & Vision Coverage
• Health Savings Account (HSA)
• Life and Disability Insurance
• Paid Parental Leave (additional eligibility criteria)
• Dependent Care Flexible Spending Account (DC FSA)
• Commuter Benefit
• Employee Assistance Program (EAP)
• Training and Personnel Development Program
• Educational Assistance and Reimbursement
• Position is full time (40 hours per week) Monday through Friday
• Business professional dress code

All your information will be kept confidential according to EEO Guidelines.

We are

CONNECTING HEALTH AND WEALTH. Come be part of remarkable.

The Identity Access Management (IAM) Security Analyst will actively participate in the implementation of the Health Equity enterprise wide IAM Program. The role requires technical exposure to IAM tool suites such as Omada, SailPoint, Oracle Identity Manager (OIM), and Okta. It requires continuous participation in the implementation of new IAM tool connectors, UAT testing of all IAM integrations, process documentation, and continuous support and participation in initiatives that enhance the IAM program. The IAM Program is committed to enhancing processes and procedures that support automated access administration, single sign-on (SSO), directory services and technical integrations, as well as supporting behavioral analytics. The ideal candidate is technical and has experience in technology and security administration across large organizational networks, including third-party entities.

This role includes active contributions to the IAM Program at HealthEquity, including identification of internal and external IAM risks and opportunities for improvement. You will engage business and technology teams to ensure a solid understanding of IAM practices and certification requirements to safely maintain and track access within the HealthEquity environment, You will be expected to be a proactive corporate citizen and generate security solutions that enhance business and reduce risk.

• Act as an IAM SME by identifying internal and external identity and access management risks and opportunities for improvement
• Actively participate in the IAM tool implementation
• Support the integrations decentralized access (application and platform) into the IAM tool
• Define roles and entitlements within HealthEquity applications and platforms
• Participate and support user access certification (UAC) campaigns
• Create and maintain metrics associated with UACs and application/platform integrations
• Participate in security projects for the Identity Access Management Team
• Develops, solicit, and maintain all necessary and appropriate documentation for assigned projects
• Act as the liaison among partners to review, document, and communicate system activities to ensure access assignments or requests are completed consistent with service level and IAM standards
• Drive processes to understand access requirements and develops role models and standards for IAM processes
• Conduct business interviews to build roles that align with RBAC (Role-based access controls), data mining of business role descriptions and end-user training
• Partner with Application Administrators to address business and technical issues involved in deploying, governing, and extending identity services
• Capture user identity administration exceptions and determines and documents course of action for resolution
• Analyze root cause to recommend resolutions for provisioning and de-provisioning activities in accordance with standards, policies, and procedures
• Identify, implement, and improve current processes to support the Identity Access Governance program including controls, data quality, security risk reduction, and regulatory compliance
• Identify and define mitigation plans for risks and issues related to project timeline, resources, or quality.
• Coordinate and conduct impact assessment across all relevant Operations teams
• Partner with IT development group and core business unit to develop and implement new systems and improvements of existing systems
• Facilitate collaboration and leads multi-functional teams to drive projects to completion
• Participate in User Acceptance Testing (UAT) phases for defect fixes, improvements, and other pivotal initiatives

Provide IAM process guidance and requirements, creates IAM solutions, collaborates with business partners and engineers, and creates roles for application onboarding

Required Qualifications

• Bachelors degree, or the equivalent years related experience required
• Experience crafting process documentation
• Exposure to policy and regulatory environment of information security
• Participate in multiple highly visible projects and initiatives
• Ability to work in a fast-paced environment with changing priorities
• Use indirect leadership to influence peers and leadership
• Demonstrate time management and priority setting skills
• Identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
• Understanding of IAM principles
• Exposure to IAM tools such as Omada, SailPoint Identity Access Management, Oracle Identity Manager, Okta, etc.
• Good communication skills

Preferred Qualifications

• Preferred experience in end user interaction in developing, documenting, and implementing business roles and procedures
• CISSP or similar security certification preferred

Salary Range

$28.85 To $36.06 / hour

Benefits & Perks

The compensation range describes the typical minimum or maximum base pay range for this position. The actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives as part of the total compensation package, in addition to a full range of benefits including:

• Medical, dental, and vision
• HSA contribution and match
• Dependent care FSA match
• Full-time team members receive a minimum of 18 days of annual PTO and 13 paid holidays per year
• Adventure accounts
• Paid parental leave
• 401(k) match
• Personal and healthcare financial literacy programs
• Ongoing education & tuition assistance
• Gym and fitness reimbursement
• Wellness program incentives

Come be your authentic self

Why work for HealthEquity

HealthEquity has a vision that by 2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more.

Come be your authentic self

HealthEquity, Inc. is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity’s applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.

HealthEquity is committed to your privacy as an applicant for employment.  For information on our privacy policies and practices, please visit HealthEquity Privacy

Overview

At Criterion Systems, we developed a different kind of business—a company whose real value is a reputation for excellence built upon the collective skills, talents, perspectives, and backgrounds of its people. By accepting a position with Criterion Systems, you will join a group of professionals with a collaborative mindset where we share ideas and foster professional development to accomplish our goals. In addition to our great culture, we also offer competitive compensation and benefit packages, company-sponsored team building events, and advancement opportunities. Criterion Systems is a Military/Veteran Friendly Company therefore we encourage Veterans to apply.

• Cloud System Administration:
• Support the management of software licenses, security certificates, and domain name registrations.
• Pro-actively track and address approaching expirations and potential security vulnerabilities.
• Monitor and manage the life-cycle of security certificates and domain registrations, ensuring all assets remain up-to-date and secure.
• Cloud Security Monitoring:
• Conduct ongoing monitoring of cloud systems and applications to ensure compliance with security policies and standards.
• Ensure that cloud-based services and applications adhere to established security frameworks and policies (agency-specific, industry standards, and vendor best practices).
• Regularly review compliance status and report findings.
• Remediation and Response:
• Assist in the identification and resolution of anomalies and suspicious activity, ensuring proper documentation and follow-up actions are taken to prevent future occurrences.
• Facilitate and coordinate remediation efforts with system owners.
• Briefings, Reports, and Documentation:
• Maintain up to date documentation and SOPs for security sustainment activities, including software license management, certificate management, and domain registration processes.
• Ensure that all procedures are clearly defined and accessible to relevant stakeholders.
• Support development of briefings and reports.

Required Experience, Education, Skills & Technologies

• Active DoD TS/SCI Clearance
• Bachelor’s degree in Engineering, Computer Science, or related field (or additional 4 years of experience in lieu of degree).
• DoD 8570 IAT II Certification or higher
• 4+ years of experience including significant experience in cloud system administration
• Strong understanding of security certificate management, software licensing, and domain registration processes.
• Familiarity with compliance standards such as FedRAMP, and experience in maintaining compliance in cloud environments
• Expertise using Microsoft Excel to analyze large amounts of data and develop reports
• Excellent written and verbal communication skills, with the ability to produce detailed reports and documentation.

Preferred Experience

• Experience supporting and/or participating in cloud application security assessments preferred

• Security Clearance Level
• Minimum TS/SCI
• Certification
• DoD 8570 IAT II Certification or higher (e.g., Security+, CCNA Security, CySA+, GICSP, GSEC, CND, SSCP) https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications
• Work Schedule
• Full-time hybrid, on-site 3 days/week
• Pay Rate
• The projected compensation range for this position is 110,000 - $120,000. Please note that the salary information is a general guideline only. Criterion Systems considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills as well as market and business considerations when extending an offer.
• Benefits Offered
• Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Tuition/Training Assistance, Parental Leave, Paid Time Off, and Holidays.

Criterion Systems, LLC and its subsidiaries are committed to equal employment opportunity and non-discrimination at all levels of our organization. We believe in treating all applicants and employees fairly and make employment decisions without regard to any individual’s protected status: race, ethnicity, color, national origin, ancestry, religion, creed, sex/gender, gender identity/gender expression, sexual orientation, physical and mental disability, marital/parental status, pregnancy (including childbirth, lactation, and related medical conditions), age, genetic information (including characteristics and testing), military and veteran status, or any other characteristic protected by law.