54 Vulnerability Assessment jobs in the United States

Memorial Cancer Institute (MCI), part of Memorial Healthcare System, is seeking a BE/BC physician, dedicated to women?s breast health and cancer risk assessment to join a multidisciplinary team in delivering world class cancer care. MCI is recognized by the National Accreditation Program for Breast Centers and is a designated Cancer Center of Excellence by the Florida Department of Health.The physician will join a comprehensive team of five (5) breast medical oncologists and four (4) breast surgical oncologists with robust APP support. The successful candidate will oversee development of a breast cancer risk-assessment clinic and will collaborate with genetic counseling team and clinical support APPs to bring cancer risk assessment and contemporary high risk cancer screening to a busy, academically driven, multidisciplinary breast cancer program. The physician will be expected to manage medical risk reduction therapy and high-risk surveillance consults for patients with known high-risk lesions, genetic mutations, and /or strong family history of breast cancer. The ideal candidate will be excited about program development and community outreach and will be comfortable leading a team of APPs who will see patients in follow up. This is an outstanding opportunity to join an established program with a strong reputation in the community, and a state-of-the-art facility with innovative technology.This is a full-time employed position with the multispecialty Memorial Physician Group. The position offers competitive benefits and a compensation package that is commensurate with training and experience. Professional malpractice and medical liability are covered under sovereign immunity.HeC_JSBenefits OverviewAs part of the Memorial family, your well-being is important to us. Memorial provides several programs and benefits to ensure you feel supported and connected in your professional and personal life including Health, Dental, Vision, Life Insurance, Dependent Care/Healthcare FSA accounts, and Retirement Plans. Some benefits are paid for by Memorial. Some are split between you and Memorial. Some are offered to you at a group discount, and others are paid for by you. We care about keeping you healthy ? physically, mentally, socially, and financially. Some of our additional benefits include Paid Time Off (PTO), Adoption Assistance, Disability Insurance, Education Assistance, Parental Leave Pay, Accident Insurance, Critical Illness Insurance, Hospital Indemnity Insurance, Identity Theft Protection, Legal Services, Long-Term Care, Pet Insurance, Reproductive Medicine, Physician Wellness Program, Public Service Loan Forgiveness (PSLF), and Relocation Reimbursement.Memorial Cancer Institute is taking cancer care to the next level, diagnosing, and treating virtually all cancers, utilizing the most advanced modalities and treatment options. With a long-standing commitment and focus on research and clinical trials, our expert oncologists find innovative solutions to the most complex cases, offering our patients access to advanced therapies and new drugs in development. Memorial Cancer Institute?s Breast Program is certified by the National Accreditation Program for Breast Centers (NAPBC). Memorial Cancer Institute holds numerous certifications including, Commission on Cancer, ASCO-Quality Oncology Practice (QOPI), Foundation for the Accreditation of Cellular Therapy (FACT), and American College of Radiology (ACR) for Radiation Oncology. In addition, Memorial Cancer Institute has a unique partnership with Florida Atlantic University (MCIFAU) and is designated as a State of Florida Cancer Center of Excellence, one of only six in the state.About Memorial Healthcare System

Associate, AML Risk Assessment - Hybrid - Boston, MACountry: United States of America
Your Journey Starts Here:
Santander is a global leader and innovator in the financial services industry. We believe that our employees are our greatest asset. Our focus is on fostering an enriching journey that empowers you to explore diverse career opportunities while nurturing your personal growth. We are committed to creating an environment where continuous learning and development are prioritized, enabling you to thrive both professionally and personally. Here, you will find ample opportunities to connect and collaborate with talented colleagues from around the world, sharing insights and driving innovation together. Join us at Santander, where you are supported by a culture of engagement and a commitment to your success.
An exciting journey awaits, if you are interested in exploring the possibilities We Want to Talk to You!
The Difference You Make:
Ideal Candidate will have a background in l arge data set analysis, a strong understanding of AML risk and strong writing ability with advisory or risk assessment experience .

The Associate - AML Risk Assessment serves as a subject matter expert for the conduct of scheduled and ad-hoc assessments of BSA / AML and OFAC risk across lines of business and an assessment of controls in place to mitigate such risks. Reporting to the Deputy BSA/AML Officer within the BSA/AML and OFAC Advisory team, t he Advisor will ensure the assessments address regulatory, legal and enterprise policy requirements, emerging risks and trends and the impact to such risk driven by supporting controls. This role will perform risk assessments, synthesize analyses, identify root cause(s), and provide recommendations to management that influence business solutions

* Plan, manage, and execute the annual risk assessment process that assesses the BSA/AML and Sanctions compliance risk across the bank including all lines of business. This process identifies the inherent level of compliance risks, assesses the effectiveness of related controls, and determines the residual compliance risk levels.
* Conduct ad-hoc assessments to document Santander's exposure to emerging risks and trends and the status of existing, or need for creation of, supporting controls for mitigation.
* Support other risk assessments and analysis as requested.
* Analyze both qualitative and quantitative data and generate thematic observations and strategic recommendations.
* Prepare written reports for a variety of stakeholders, including executive-level reporting for regularly scheduled Compliance Committee meetings.
* Document and organize supporting evidence.
* Design and execute governance routines to enhance efficiency and quality.

What You Bring:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Bachelor's Degree or equivalent work experience: Finance, Business or equivalent field. - Required.

5+ Years Compliance, Legal, Regulatory, or Financial Services. - Preferred.

* Advanced knowledge of BSA, USA PATRIOT Act, and OFAC Sanctions regulatory requirements.
* Experience monitoring and assessing money laundering and sanctions risk in a retail and commercial banking environment.
* Experience planning, executing, and reporting on compliance monitoring and assessment activities.
* Strong analytical skills with the ability to identify detailed compliance and project risks while simultaneously understanding overall strategy.
* A highly motivated self-starter who is adaptive and skilled at navigating the complexities associated with cross-functional projects and large organizations.
* Proven success in working both independently and collaboratively.
* Excellent at managing multiple projects and consistently meeting deadlines.
* Excellent interpersonal skills with experience building strong relationships with a variety of internal and external stakeholders (including examiners and auditors).
* Excellent communication skills, both written and verbal, interacting with non-executive and executive management across business lines and control functions.
* Excellent presentation skills with the ability to articulate complex problems and solutions through concise and clear messaging.
* Demonstrated experience facilitating change to achieve measurable results.

Certifications:
Certified Anti-Money Laundering Specialist - preferred

It Would Be Nice For You To Have:
Established work history or equivalent demonstrated through a combination of work experience, training, military service, or education.
What Else You Need To Know :
The base pay range for this position is posted below and represents the annualized salary range. For hourly positions (non-exempt), the annual range is based on a 40-hour work week. The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

Base Pay Range

Minimum: $73,125.00 USD
Maximum: $125,000.00 USD
Link to Santander Benefits:
Santander Benefits - 2025 Santander OnGoing/NH eGuide (foleon.com)
Risk Culture:
We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.
EEO Statement:
At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions :
Frequent minimal physical effort such as sitting, standing and walking is required for this role. Depending on location, occasional moving and lifting light equipment and/or furniture may be required .

Employer Rights:
This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate your employment at any time for any reason.
What To Do Next :
If this sounds like a role you are interested in, then please apply.
We are committed to providing an inclusive and accessible application process for all candidates. If you require any assistance or accommodation due to a disability or any other reason, please contact us at to discuss your needs.

Primary Location: Boston, MA, Boston

Other Locations: Massachusetts-Boston

Organization: Santander Holdings USA, Inc.

Job Description

Job Description

Job Title: Security Analyst

Location: Boston, MA (Hybrid)
Department: Infrastructure/Security
Job Type: Full Time
Reports To: Information Security Lead

About the Role

We are seeking a detail-oriented and proactive Security Analyst to join our growing security team. This role is critical in protecting our organization’s systems and data from cyber threats. The ideal candidate will have a strong technical background, keen analytical skills, and a passion for staying ahead of evolving security risks.

Key Responsibilities

• Monitor networks, systems, and applications for security threats and vulnerabilities.

• Investigate security incidents, perform root cause analysis, and develop remediation plans.

• Respond to alerts generated by security tools (SIEM, IDS/IPS, antivirus, etc.).

• Perform architectural review of new system design/software

• Conduct regular vulnerability assessments and penetration testing.

• Audit systems and applications to ensure security standards are being met and maintained.

• Collaborate with IT and engineering teams to implement security best practices.

• Assist in maintaining and updating security policies, procedures, and documentation.

• Support compliance initiatives (e.g., NIST, PCI-DSS)

• Stay informed of the latest security trends, tools, and technologies.

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent work experience).

• 2–4 years of experience in an information security or SOC role.

• Experience with endpoint protection tools, firewalls, IDS/IPS, and vulnerability scanners.

• Solid understanding of TCP/IP, common network protocols, and operating system internals.

• Excellent problem-solving, analytical, and communication skills.

Preferred Qualifications

• Security certifications such as Security+, CEH, GSEC, or CISSP.

• Experience in cloud security (AWS, Azure, or GCP).

• Scripting or automation skills (Python, Bash, PowerShell).

• Experience with the following security platforms:

• Palo Alto

• Microsoft Defender Suite

• Zscaler ZPA/ZIA

• Vulnerability Management Software (Rapid7 or similar)

• Experience with industry standards and compliance (e.g. NIST, PCI-DSS)

Job Description

Job Description

Project Background:

Nuclear Command, Control, and Communications (NC3) represents the capabilities which enable the President to exercise nuclear command and control authorities and the Department of Defense’s (DOD’s) nuclear forces to act upon the President’s direction. The NC3 Enterprise is critical to deterrence and credible nuclear warfighting, but it has not progressed at the pace of technological innovation. The NC3 Enterprise Center (NEC) was established to address future strategic environments, monitor and assess current capabilities, define future NC3 architectures and ensure modernized NC3 capabilities align with the nuclear triad.

Job Description:

The contractor shall support the government in determining operational risk across the NC3 Enterprise. The team shall identify data collection requirements to develop a risk analysis framework. The findings will support the ability to assess current and future risks to determine the impact on NC3 operations across the NC3 Enterprise.

Job Requirements:

At least 8 years of experience in the following:

• NC2/NC3 operation capabilities and procedures, experience in the operations platforms, communications, and modes of operations, to include current efforts in developing survivable and endurable NC2/NC3 capabilities, and an understanding of Chairman, Joint Chiefs of Staff Instructions, Manuals, and nuclear Emergency Action Procedures.
• Familiarity with the Joint Risk Analysis process and how it applies to NC3 enterprise; applying NC3 expertise, providing support for timely NC3 risk capability assessments and advice on mitigation options; experience employing cross-cutting methodology to measure risk for integrated systems; proficiency in building risk metrics and maintaining a framework for assessments.
• COCOM level experience with participating in various NC2/NC3 forums including, but not limited to, NC2/NC3 Issues Working Groups, Policy and Procedures working groups, and others.

At least 3 years of experience in the following:

• Background and training in one or more of USSTRATCOM assigned UCP missions, assignment at the Combatant Command, Joint Staff, Service, or MAJCOM level.
• Staffing complex packages and adjudicating content

Security Clearance Required:

A Top Secret (TS) security clearance with eligibility for Sensitive Compartmented Information (SCI).

We are an Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. Constellation West will not discharge or, in any other manner, discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

About The Organization

Constellation West is an award winning company that delivers Information Technology (IT) engineering services and solutions and non-IT subject matter expertise worldwide. Established in 1997, Constellation West is an industry leader, partnering with key organizations. As a prime contractor or preferred subcontractor, we have a continual list of opportunities to fill nationwide with multiple agencies such as the Department of Veteran Affairs, the Department of Defense, civilian agencies, and the national intelligence community. Many positions supporting the U.S. federal government require our employees to be granted security clearances.

Constellation West is dedicated to delivering comprehensive solutions encompassing all facets of system and network engineering, administration, and management. Our goal is to attract individuals who are ready to tackle exciting challenges and contribute to a dynamic team. Do you have the expertise and skills to solve intricate problems? If so, we invite you to join us and become part of a stimulating work environment that recognizes your hard work and commitment. Don't let this incredible opportunity to make an impact pass you by!

Benefits include but are not limited to:

• Tuition reimbursement

• Competitive 401(k) plan

• Competitive Health Benefits

• 11 Paid Holidays!

• A Generous PTO Plan!

• Veteran Hiring Preference

Constellation West is proud to be an EEO/AA employer M/F/D/V

Job Description

Job Description

Codeworks is an IT Services firm headquartered in SE Wisconsin, known for our strong commitment to quality and for our direct client relationships.

Who We’re Looking For:

The IT Security, Compliance, & Risk Coordinator serves as the lead facilitator for agency cybersecurity compliance, audit readiness, and risk oversight ensuring alignment with IT policies and standards, PCI DSS, and industry recognized frameworks. This role helps to guide agency IT security policy and procedure development, oversee audit responses, coordinates IT solution security review intake processes, manages the agency IT vulnerability management program, triages IT security exception requests and initiates review workflows, and maintains systems documentation such as risk registers and security review assessments.

Responsibilities:
IT Compliance & Risk Assessment Management:

• Develop, implement, maintain, and monitor adherence to IT security or compliance policies and procedures, including data protection regulations or internal security policies, ensuring alignment with industry standards and regulatory requirements.
• Conduct regular scans and coordinate risk assessments to identify potential security threats and vulnerabilities within IT systems, including those related to use of cloud-hosted solutions, AI use cases, and emerging technology integrations.
• Develop and implement risk mitigation strategies while collaborating with partner agencies or managed service providers and internal technical teams to identify and address identified vulnerabilities, security, and compliance gaps.
• Oversee data governance activities to protect sensitive data and ensure compliance with privacy and security requirements.
• Support application security governance, including lifecycle management, secure design guidance, and vendor compliance reviews.

IT Incident Response Planning and Execution:

• Assist in the development and maintenance of IT incident response plans and procedures. Test and evaluate existing IT incident response plans for effectiveness.
• Educate IT staff, and non-IT staff as appropriate, on IT incident response procedures providing clear actionable steps to assist staff in a timely resolution.
• Participate in incident response activities, including investigation, documentation, and notification or status updates of ongoing security incidents.
• Create and maintain post-mortem documentation or tracking of resolved incidents, tracking patterns, and informing IT or agency leadership on incident impact, root cause, and steps taken to avoid subsequent incidents.

IT Risk Reporting:

• Analyze incident trends to recommend improvements to security controls and processes.
• Utilize enterprise and agency resources for security monitoring and reporting of risk levels, network activity, email threat detection (e.g., spam, malware, phishing).
• Produce executive-level risk and security reports for IT leadership and other key stakeholders.

Cybersecurity Awareness and Training:

• Lead agency-wide cybersecurity education and compliance initiatives, ensuring awareness and adherence to PCI DSS, NIST-based, and state-level standards.
• Develop and deliver cybersecurity awareness programs to educate employees about security best practices and emerging threats.

Audit Functions:

• Coordinate and prepare audit responses for oversight bodies including but not limited to the Department of Administration (DOA) or Legislative Audit Bureau (LAB).
• Plan and execute IT audits to evaluate the effectiveness of security controls and compliance with policies.
• Prepare detailed audit reports.
  

Qualifications:

• 5+ years of experience in cybersecurity compliance, audit coordination, or related risk management roles.
• Experience managing IT security review processes, IT security exception workflows, and developing security policies or procedures.
• Experience creating and automating reports from industry standard IT security tools (e.g., Splunk, IronPort, Tenable, Cloudflare).
• Experience coordinating vulnerability management programs and application security lifecycle oversight.
• Proven ability to coordinate complex risk assessments and compliance activities
• Strong knowledge of:
  • IT Security Incident Response planning and preparation
  • PCI DSS standards and SAQ preparation.
  • NIST-based frameworks and government security standards.
  • both direct and indirect AI-related risks (i.e., “AI as a default”)
  • data governance and privacy protection practices.
• Experience collaborating with cross-functional IT teams and program area staff, external auditors, and regulatory agencies.
• Excellent communication and analytical skills, with ability to translate complex IT security related topics for diverse often non-technical audiences.
• Demonstrated ability to develop and deliver effective training programs.
• Industry certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC), or Security+ (preferred but not required).

About Codeworks: Codeworks has over 25 years of experience serving Fortune 1000 companies in Wisconsin as well as our client's national locations. Our recruiting team excels at evaluating, advising, and connecting IT professionals with new opportunities that will satisfy their expectations regarding income and opportunity for growth. At Codeworks, we're committed to diversity, equity, and inclusion in our workforce and beyond. We believe in equal opportunities and value the unique perspectives that every individual brings to our team. Join us in creating an inclusive, innovative, and collaborative workplace where your talents can thrive.

Codeworks is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws.

Codeworks, LLC discloses that the anticipated hourly pay starts at $33/hr for this position. This rate is subject to change based on job-related factors, including client requirements where applicable.

All full time Codeworks employees are eligible to enroll in the company’s medical, dental, vision, and life insurance plans. Additionally, employees can participate in Codeworks’ 401(k) retirement plan.

#LI-DNI

Job Description

Job Description

SGI Global is seeking a Security Analyst to support the U.S. Government Publishing Office (GPO). The Security Analyst will play a pivotal role in protecting the integrity and confidentiality of classified information, adhering to established legal and policy frameworks.

Responsibilities

• Demonstrate comprehensive knowledge of and adherence to security requirements established in legislation, regulations, and policy statements, including but not limited to E.O. 10450, E.O. 12968, Adjudicative Guidelines for Determining Eligibility for Access to Classified Information.
• Possess a deep understanding of current investigative techniques, practices, and legal limitations.
• Exhibit familiarity with subversive and foreign intelligence service organizations, operations, and methods of the Department of State, DCSA, and OPM.
• Understand and apply security regulations and policies affecting employment within the U.S. Government Publishing Office and Executive Order 12968.
• Be knowledgeable about factors affecting the suitability of applicants for Federal Government employment, as outlined in 5 CFR 731 and 3 FAM 622.
• Stay updated on the results of court cases and other legal determinations impacting the personnel security program.
• Analyze and evaluate investigative reports of a complex nature and proficiently prepare oral and written summaries of the contained information.
• Review security forms for completion and accuracy.
• Demonstrate the ability to draw sound conclusions and make recommendations solely based on factual information, producing logically organized, clear, concise, and unbiased written products.
• Effectively communicate and collaborate with individuals at various levels within the Department and other Federal agencies.
• Administration and maintenance of personnel security systems (DISS, NBIS, eAPP, NP2 Portal, CVS/PIPs, fingerprinting).
• Security clearance process handling, including initiation, submission, and monitoring.
• Compliance reporting and security training for personnel.

Qualifications

• Citizenship: The applicant must be a U.S. Citizen or a Naturalized Citizen.
• Security Clearance: Can obtain a U.S. Government Publishing Office security clearance at the Secret or Top-Secret level.
• Education: A High School Diploma

SGI Global provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.

Job Posted by ApplicantPro

Job Description

Job Description

WE ARE HEALTHCARE SYSTEMS OF AMERICA. Our mission is to elevate healthcare standards, improve patient outcomes, and create value for communities across the United States. Healthcare Systems of America (HSA) is more than a healthcare provider-we're a community built on excellence, innovation, and compassion. If you're looking for a career that makes a difference, empowers you to grow, and gives you the opportunity to impact lives, HSA is where you belong.

Healthcare Systems of America operates 8 community hospitals across 3 states. We service a multitude of patients and their families across our vast network, while remaining committed to the professional development of our staff, the functional improvement of our patients, and the cultivation of strong partnerships within our communities.

WHAT WE OFFER

• Career Growth & Development - We are an essential, stable and growing company with many opportunities for training and advancement within the medical field that all employees and team members can benefit from.
• Supportive & Inclusive Culture - We foster an environment where every team member is valued, heard, and empowered to succeed.
• Meaningful Work - Every day, you'll contribute to patient care, cutting-edge medical solutions, and life-changing treatment and technologies.

POSITION SUMMARY

The Security Analyst performs investigations and analysis to support cybersecurity operations across HSA Hospitals' Microsoft-centric environments. This role reviews SOC escalations, conducts internal investigations, and collaborates with team members to remediate threats and improve security processes with consideration for HIPAA compliance and privacy.

PRIMARY RESPONSIBILITIES

• Analyze and validate security incidents escalated by the SOC provider.
• Perform proactive investigation of alerts generated internally from Microsoft Windows, server, and Azure environments.
• Document findings, create incident tickets, and assist in remediation planning.
• Support vulnerability management and threat hunting activities.
• Contribute to improvements in security processes, playbooks, and reporting.
• Maintain awareness of emerging cyber threats relevant to healthcare and Microsoft environments.
• Interpret and apply HIPAA security and privacy requirements in daily operational work.

EXPERIENCE/EDUCATION REQUIREMENTS

• Bachelor's degree in Cybersecurity, Information Technology, or related field, or equivalent real-world experience and job history in security operations or analysis.
• 2+ years of experience in security analysis, incident response, or SOC operations.
• Strong familiarity with Microsoft Windows operating systems, server infrastructure, and Azure environments.
• Understanding of HIPAA compliance and its relevance to security operations.

CERTIFICATIONS PREFERRED

• Security+, CySA+, GCIH, or similar.
  
  

Senior Security Consultant (Secure Code Review + Web Application Penetration Testing)

Job Category : Services

Requisition Number : SENIO001571

Apply now

• Full-Time
• Remote

Locations

Showing 1 location

Remote - US
241 N 5th Avenue
Suite 1200
Minneapolis, MN 55401, USA

Remote - US
241 N 5th Avenue
Suite 1200
Minneapolis, MN 55401, USA

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most. NetSPI secures the most trusted brands on Earth through Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS). Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at

NetSPI is seeking a Senior Security Consultant who will serve as a resource for delivery of secure code review and web application penetration assessment. This position requires an understanding of various web technologies, enterprise secure development and risk management. In addition, it requires experience with application security assessments/testing, as well as demonstrated competencies in problem solving, client service, written/verbal communication, and project execution.

Responsibilities:

• Conduct in-depth penetration testing and secure code review assessments on web applications
• Dynamically exploit vulnerabilities found in codebase and correlate insecure coding practices into dynamic application vulnerabilities
• Deliver secure code review assessment on programming languages such as Java, C#, Python, C/C++, Perl, PHP
• Analyze and identify security vulnerabilities in source code using both automated and manual static analysis tools and techniques
• Train and assist developers in writing secure software and remediating existing vulnerabilities
• Provide oversight to peers on service lines through QA process
• Mentor and assist team members in effectively delivering assessments and enhancing skillsets
• Present detailed penetration test findings to clients and assist in remediation planning
• Engage in research to develop new penetration testing methods, tools, and innovative exploit techniques
• Contribute to the cybersecurity community through tools, presentations, white papers, and blogging
• Maintain consistency with other internal requirements related to day-to-day administration tasks (time keeping, status updates to clients, etc.)

Minimum Qualifications:

• Minimum of 3-5 years of experience in application security including both secure code review and web application penetration testing
• Exceptional familiarity in all Burp Suite functions. Published Burp extensions and ability to create new Burp Suite extensions preferred
• Detailed understanding of the OWASP Top 10 and CWE Top 25 issues with focus on ability to identify and remediate vulnerability in source code
• Ability to explain risk and business impact of security vulnerabilities to variety of audience
• Bachelor’s degree or higher, preferably in Computer Science, Engineering, Mathematics, IT, or a related field; equivalent experience will also be considered.
• Willingness to travel up to 25%

Preferred Qualifications:

• Experience in detecting, analyzing and providing recommendation guidance on security vulnerabilities using SAST and/or manual secure code review in at least two of the following languages: Java, C#, PHP, Python, C/C++
• Experience in software development in at least one server-side programming language

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

Qualifications Skills Behaviors

:

Motivations

:

Education Experience Licenses & Certifications

Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws.For further information, please review the Know Your Rights notice from the Department of Labor.

#J-18808-Ljbffr

Lead Consultant, Human Health Risk Assessment and Chemical Fate/Transport/Exposure Modeling

Ramboll is a global architecture, engineering, and consultancy company. As a foundation-owned people company, founded in Denmark, we believe that the purpose of sustainable change is to create a thriving world for both nature and people. So, that’s where we start – and how we work. Our history is rooted in a clear vision of how a responsible company should act and being open and curious is a cornerstone of our culture. Ramboll in the Americas has thousands of experts working across more than 70 offices. Ramboll experts deliver innovative solutions across Environment & Health, Water, Energy, and Planning & Urban Design.

Are you eager to develop your excellence in our collaborative, inclusive, diverse, and empowering culture at Ramboll? When you start with Ramboll, you’ll be joining a company that strives to make a difference – for our employees, clients, and society.

If this sounds like you, or you’re curious to learn more, this role could be the perfect opportunity. Join our Health Sciences team and work with us to close the gap to a sustainable future.

Your new role

As Lead Consultant, you will be working in a challenging and variable environment that will include detail-oriented independent work and possible client interactions under supervision. Projects include assisting with human health risk assessments for hazardous waste sites, Brownfield redevelopment sites, ambient air releases, and indoor air sources, as well as product safety evaluations and litigation support.

Your key responsibilities will be:

• Compiling, organizing, and managing environmental data and databases; performing statistical and geospatial analyses of environmental and other data
• Evaluating the environmental fate and transport of chemicals
• Estimating human exposures to chemicals in different environmental media (e.g., air, soil, sediment, fish tissue, produce, water, etc.) and calculating health risks
• Reviewing and summarizing regulatory guidance, literature documents, and technical reports related to human exposures, chemical toxicity, risk assessment, and chemical fate and transport; extracting relevant data and interpreting results
• Assisting with preparation of technical reports, scopes of work, proposals, and presentations including development of summary tables and figures, composing narrative summaries, and performing quality assurance/quality control of work products

Your new team

You will be a part of Ramboll’s Health Science Spearhead’s Risk Assessment and Community Health group inthe firm’s Oakland, CA office. Our team is innovative, international, and supportive. You will collaborate actively with your colleagues in the Health Science Spearhead as well as the Air Quality and Climate group and Site Solutions group to play a critical role in defining and delivering on challenging and interesting projects that involve multiple clients and geographic regions.

About you

From the moment you start at Ramboll, we will support your personal and professional development, we want you to continue to grow with our company! While we look forward to supporting your continued learning and development, for this role we have identified some qualifications, skills, and capabilities that will set you up for success.

These include:

• Master’s or PhD degree in Environmental Science or Engineering, Environmental Health Science, Environmental Toxicology; would consider Industrial Hygiene or Toxicology, with 1+ years’ relevant experience required.
• 2+ years of chemistry background are required.

Desired skills/experience:

• Proficiency with MS Office
• Knowledge in risk assessment, exposure assessment, and fate and transport of chemicals in the environment
• Demonstrated strong quantitative and problem-solving skills; experience with MS Access or other relational databases (e.g., SQL) for managing, querying, and analyzing environmental data; statistical analysis or data analysis capabilities in R, Python, or SQL
• Excellent organizational and time management skills; strong written and oral communication skills
• GIS capability is a plus

Ready to join us?

Please submit your application with your up-to-date CV. We invite diversity in all its forms and encourage applicants from all groups to apply.

Thank you for taking the time to apply! We look forward to receiving your application.

Equality, Diversity, and Inclusion

Equality, diversity, and inclusion are at the heart of what we do. At Ramboll, we believe that diversity is a strength, and that different experiences and perspectives are essential to creating truly sustainable societies. We are committed to providing an inclusive and supportive work environment where everyone is able to flourish and reach their potential. We also know how important it is to achieve the right balance of where, when, and how much you work. At Ramboll, we offer flexibility as part of our positive and inclusive approach to work. We invite applications from candidates of all backgrounds, regardless of age, disability or medical condition, gender identity, marriage and domestic partnership, pregnancy and maternity, race, ancestry, or national origin, religion or belief, sex and sexual orientation, military service and veteran status, or any other protected characteristic. Ramboll wants to ensure opportunities are accessible to candidates with disabilities. So, please let us know if there are any changes we could make to the application process to make it more comfortable for you. You can contact us with such requests.

Salary Transparency Statement

At Ramboll, your base pay is only part of your overall total compensation package. At the time of this posting, this role is likely to be compensated at an annualbase salary between $93,742 and $117,178. Actual pay may be more or less than the posted range, depending on numerous factors, includingexperience, geographical location, internal equity, market conditions, education/training andskill level, and does not include bonuses, overtime, or other forms of compensation or benefits.

All your information will be kept confidential according to EEO guidelines.

Let's close the gap - talent video - September 2024 Let's close the gap - talent video - September 2024 Let's close the gap - talent video - September 2024

0:33

Share "Let's close the gap - talent video - September 2024"

Share from current time

00:00

0:00

Ramboll in numbers

: 18 000

more than 18,000 employees worldwide

: 300 office

across 35 countries

in Revenue

: 6 markets

Buildings, Transport, Energy, Environment & Health, Water and Management Consulting

#J-18808-Ljbffr