Information Security Engineer jobs at Capital Group - 333 jobs

A leading procurement platform company in San Francisco is seeking a Software Engineer to develop core identity products like authentication and encryption key management. The role requires experience in web application and API development, particularly with Python, Typescript, React, and GraphQL. The salary range is competitive, between $150,000 - $180,000, and the company offers a variety of perks, including start-up equity and flexible PTO. Apply now and join a diverse and inclusive company culture. #J-18808-Ljbffr

This remote position supports cybersecurity governance by performing risk and control self-assessments (RCSAs), evaluating cybersecurity controls, and supporting key risk management processes. The role helps identify risk and control gaps, assess cyber risks, and recommends improvements to strengthen the organizations cyber posture. The position provides risk analysis, documentation, and control development support across cybersecurity teams, acting as a resource for process owners and contributing to continuous improvement initiatives. Responsibilities Execute cybersecurity process level RCSAs in partnership with business function owners and stakeholders Document risk and controls assessment results, risk ratings, and supporting evidence in accordance with Enterprise Risk Standards Draft, update, and refine control risk and control statements to ensure clarity, effectiveness, and alignment with cybersecurity processes Review existing risks and controls for design effectiveness, identifying gaps, inconsistencies, or opportunities for improvements Partner with business function owners to periodically update inherent and residual risk ratings for process level risks Assist cybersecurity teams with updating control effectiveness and control environment ratings on a regular cadence Evaluate cybersecurity risks and controls against Enterprise Policies and Standards, regulatory requirements, and industry standards Support remediation planning by documenting gaps, improvement recommendations, and target-state control enhancements Participate in projects, assessments, or escalated tasks requiring risk and control expertise Qualifications Bachelor's Degree and 8 years of experience in Information security, cybersecurity, risk management, or a related field OR High School Diploma or GED and 12 years of experience in Information security, cybersecurity, risk management, or a related field Experience performing risk assessments, RCSAs, or controls testing Working knowledge of cybersecurity processes, controls and risk concepts Familiarity with frameworks such as NIST CSF, NIST SP 800-53 Ability to write clear, actionable control statements and assessment findings Strong analytical, documentation, and communications skills Ability to work collaboratively with technical and non-technical stakeholders Preferred 4-7 years of experience in Information or cyber security risk or control assessment Experience supporting cybersecurity programs within a financial institution or regulated environment Certifications such as Security+, SSCP, CISA, CISM, CISSP, CRISC Understanding of threat landscapes, IT processes, and common control frameworks Experience supporting process improvements, control rationalization, or evidence evaluation The base pay for this position is generally between $120,000 and $180,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment. This job posting is expected to remain active for 45 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at **************************************** #J-18808-Ljbffr

A financial services company in San Francisco is seeking an experienced security professional to assess access controls and mentor peers in security best practices. The candidate should have over 6 years of experience in security operations and a Bachelor's degree. The role offers competitive compensation ranging from $157,000 to $200,000, along with a hybrid work model and comprehensive benefits. #J-18808-Ljbffr

Natixis CIB is seeking a dynamic and experienced Vice President of Network Security to lead and enhance our network security infrastructure across the AMER region. This strategic leadership role requires a deep technical understanding of network security and the ability to drive initiatives that protect our systems while mentoring a talented engineering team. The job responsibilities include, but are not limited, to the following: Infrastructure Oversight: Lead the design and administration of Natixis CIB AMER's network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity. Technology Initiatives: Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals. Continuous Monitoring: Ensure optimal network performance through continuous monitoring, dashboard creation, promptly addressing any security incidents. Documentation Management: Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts, to support operational efficiency and facilitate effective communication. Cross-Department Collaboration: Collaborate with infrastructure teams to resolve network-related challenges and ensure seamless operations across departments. Audit and Security Coordination: Work closely with audit and IT Security teams in both AMER and BPCE-IT to provide necessary documentation and implement remediation plans as required. Staff Mentorship and Training: Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team. Vulnerability Assessments: Conduct vulnerability assessments and manage patching processes to effectively mitigate and report security risks across the AMER region. Security Reporting: Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents, and trends to inform strategic decision-making. LOD1 Security Management: Manage Line of Defense 1 (LOD1) network security controls and request as specified by the IT Risk Department. Strategy Alignment: Coordinate with AMER and Head Office IT Security teams to assure alignment on security strategies and policies. Tool Proficiency: Profiecent knowledge of security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response. Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; Master's preferred. 6+ years of hands-on experience in network security management, preferably within the financial services industry. Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation. Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security is a plus. Highly desirable CISSP, CISM. Strong project management and leadership experience. Excellent communication and problem-solving skills, with a focus on collaboration and teamwork. Extensive understanding of network technologies - L2, L3, VXLAN, BGP, LAN/WAN/VPN Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy-pac scripting Troubleshooting knowledge of network and security systems with minimal guidance is required. OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience is required. Excellent oral and written communication and documentation skills are essential. Ideal candidate must have a strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure design, and troubleshooting. Among these technologies, knowledge of Arista and Cisco design, configuration and automation is a definite plus Knowledge of scripting languages such as Python, PoweShell, or Ansible. The individual will need to be very organized, flexible, results oriented and able to multi-task to meet the demands of our dynamic environment The candidate should be a self-starter, be able to work with minimal supervision, properly and effectively report project/work status to management and peers, take full ownership and responsibility of the tasks assigned to her/him and work them through completion. The candidate should be able to demonstrate both technical capabilities and in-depth knowledge of various security and network concepts, technologies, and best practices The candidate should have the ability to convey in non-technical terms complex technical explanations related to problems, designs, etc. Knowledge of Ansible Scripting is a plus Knowledge of micro segmentation tools such as Illumio or VM Ware NSX is a plus Natixis is an equal opportunity employer, committed to a workplace free of discrimination. Natixis will not tolerate any form of discrimination based on age, color, mental or physical handicap or disability, pregnancy, marital status, sexual orientation, national origin, alienage, ancestry or citizenship status, race, religion, sex (including sex stereotyping, gender identity, gender expression or transgender status), veteran status, creed, genetic information or carrier status, or any other protected characteristic as established by law. Respect for all means that we deal with each person as an individual and not as a member of any group. All qualified applicants will receive consideration for employment. Management is expected to provide leadership in supporting the firms EEO program by taking steps to promote EEO in all facets of employment including recruitment, hiring, retention, promotion, performance assessment, and career-development opportunities. The salary range for the VP position will be between $150,000 - $180,000. Natixis is required by law to include a reasonable estimate of the compensation range for this role. Actual base salary will vary and will be based on several factors including, but not limited to, relevant experience, education, skills set, applicable licensure and certifications, and other business and organizational needs. Base salary is only one component of our total rewards package. Natixis also offers a generous benefits package, and you may be eligible for a discretionary incentive award depending on company and individual performance.

**Department:** Security**FLSA Status:** Exempt / Full-Time Salary**Union Code:** Non-Union**Minimum Pay Rate:** $82,400**Maximum Pay Rate:**$92,200**Join Our Team at Barclays Center!**Congratulations on taking the first step toward embarking on an exciting new adventure at Barclays Center! Our focus is YOU!At Barclays Center, we're more than just a venue - we're a dynamic community driven by a shared passion for creating unforgettable live experiences. We're dedicated to nurturing our team members and empowering them to thrive in an environment where innovation, collaboration, and a love for sports entertainment intersect.If you're someone who lives and breathes events, fueled by an unwavering passion for creating magic in every moment, then we want you to join us in shaping the future of live entertainment. Come be a part of our vibrant community, where every day offers the chance to inspire, innovate, and make memories that last a lifetime!**Our Company Values**We understand that it is important for you to know what our values are to determine if they align with yours. Our four company values, Care, Integrity, Accountability and Growth Mindset, are reflected in everything that we do here at Barclays Center. From the interview process to employee recognition, we make certain to incorporate the four values.**Key Attributes for Success**To excel in this role, candidates must possess a genuine passion for service, strong teamwork abilities, adaptability, effective communication skills, a guest-centric approach, problem-solving capabilities, and keen attention to detail. These attributes are essential for creating unforgettable experiences and maintaining a positive atmosphere for our guests. Joining our team promises not only a fulfilling experience but also an opportunity to make a meaningful difference in the lives of our guests and contribute to the success of Barclays Center.**Strong Teamwork Abilities:*** Enjoys collaborating effectively with colleagues and partners.* Likes building and nurturing strong relationships within the team.* Values the importance of teamwork in achieving shared goals.**Adaptability:*** Enjoys handling unexpected challenges with flexibility and composure.* Wants to quickly adjust to changes in the environment to ensure guest satisfaction.* Thrives in dynamic and fast-paced work environments.**Proactive Problem-Solving:*** Desires to identify and resolve issues creatively and efficiently.* Enjoys handling guest concerns with empathy and professionalism, turning challenges into opportunities.* Likes taking initiative to address potential problems before they escalate.**Meticulous Attention to Detail:*** Wants to pay close attention to details that contribute to organizational satisfaction.* Enjoys ensuring every aspect of service delivery is meticulously executed to maintain high standards.* Desires to take pride in delivering flawless capabilities through meticulous attention to detail.**ESSENTIAL DUTIES & RESPONSIBILITIES: What You Will Do*** Assist with the installation, configuration, and maintenance of security systems, including surveillance cameras, access control systems, alarm systems, and other related technologies and applications.* Supervise employees and operations in all areas of Security, including the Dean and Event Level Command Centers.* Maintain high standards for security equipment, including inventory management, cleaning, and distribution for security personnel.* Collaborate closely with outside contractors to ensure the optimal operation of our security equipment and systems.* Ensure that staffing levels for operating security systems during events are appropriate. Properly brief, deploy, and redeploy staffing resources as necessary to maintain effective security operations.* Implement and monitor the daily event and non-event badging system to ensure proper access control and security compliance.* Conduct comprehensive training and information-sharing sessions with employees on the operations of building security systems. Develop and execute training programs to enhance employee awareness and proficiency.* Conduct regular assessments and audits of security systems to identify vulnerabilities. Implement necessary improvements to maintain the integrity and effectiveness of the security infrastructure.* Manage the operation, and execution of events at Barclays Center, ensuring all security protocols are followed and the safety of attendees is maintained.* Respond promptly to requests from upper management, risk management, and other departments for investigations, ensuring timely and accurate delivery of required information and footage.* Provide comprehensive administrative support, complete projects and tasks, and update security forms, databases, and office records to ensure smooth security operations.* Develop, manage, and update all departmental policy and procedural guidelines, ensuring compliance with industry standards and regulatory requirements.* Collaborate closely with the IT department to ensure seamless integration and alignment of security systems with IT infrastructure and protocols, facilitating efficient communication and troubleshooting.* Demonstrate understanding of managing both internal and external customer requirements and measurement criteria.* Establish positive and collaborative relationships with customers, including local, state, & federal fire, police authorities, and international authorities.* Develop, create, and implement an accepted and sustainable security culture.* Ensure processing, adjudication, and disposition of corporate personnel security actions comply with US Government and International statutory, regulatory, customer contractual, and business requirements* Assist with confidential investigations, ensuring timely and accurate delivery of required information and or footage.* Provide comprehensive administrative support, complete projects and tasks, and update security forms, databases, and office records to ensure smooth security operations.* Help develop, manage, and update all departmental policy and procedural guidelines, ensuring compliance with industry standards and regulatory requirements.**CANDIDATE PROFILE: Who You Are*** The Manager of Security Systems is a results-driven security professional with extensive experience overseeing security operations, risk management, and venue safety for high-profile events.* Adept at managing comprehensive security systems, including CCTV, access control, and screening equipment, ensuring operational readiness and compliance with industry standards.* Proven track record in project management, successfully leading security infrastructure upgrades, vendor coordination, and budget oversight.* Skilled in developing and executing security protocols for large-scale events while fostering strong relationships with internal stakeholders and law enforcement agencies.* Committed to delivering exceptional service, enhancing security technology, and driving continuous improvements in operational efficiency.**KEY COMPETENCIES: Skills You Possess*** Minimum of 2 years customer/guest service experience, preferably in a sports and/or entertainment facility.* Proficiency in Microsoft Office Programs (Word, Excel, Outlook, PowerPoint) is required.* Proficient in the operation of CCTV systems* Proficient in general IT operations. Certifications strongly preferred.* Ability to be proactive, recognize problems and find solutions.* Excellent interpersonal, verbal and written communication skills.* Ability to work in a fast-paced environment and simultaneously manage a high level of detail across multiple projects.* Ability to demonstrate flexibility and quickly adapt to changes while maintaining high levels of productivity and effectiveness under pressure.* Ability to work well within a team environment, assisting and supporting team members whenever #J-18808-Ljbffr

United Community is seeking an experienced Information Security Controls Analyst to serve as a subject matter expert in evaluating and strengthening our cybersecurity and technology controls. This role plays a critical part in assessing risk exposure, recommending control improvements, and ensuring alignment with regulatory standards and business risk tolerance. You'll collaborate with enterprise risk, compliance, and legal teams to provide visibility into our risk posture and drive meaningful change across the organization. What You'll Do Review and document the adequacy of security and technology controls across business and IT environments. Evaluate control posture through interviews, documentation reviews, and workflow analysis. Recommend and support implementation of risk reduction strategies via policies, procedures, and technical controls. Partner with risk management and security leadership to align controls with organizational risk tolerance. Identify control strengths and weaknesses related to privacy, security, resiliency, and compliance. Document and advocate for control improvements that balance risk with operational efficiency. Support control development across testing, QA, and production environments. Present control effectiveness reports to senior risk leadership. Stay current on regulatory requirements, internal policies, and industry best practices. Requirements For Success Experience: 3+ years in cybersecurity or IT practitioner roles. 2+ years in IT risk or controls analysis. Practical experience with risk management and IT control frameworks. Education: Bachelor's degree preferred in Information Assurance, Computer Science, Engineering, or a related technical field. Required Skills: Strong understanding of risk frameworks (CRI, COSO, RMF, COBIT, NIST). Familiarity with regulatory standards (PCI, FFIEC, SOX, HIPAA, GDPR, CCPA, GLBA). Experience with CIS CSC, ISO 2700, or NIST CSF. Excellent written and verbal communication across all organizational levels. Strong organizational skills and ability to meet SLAs. Sound judgment and decision-making in complex scenarios. High integrity, trustworthiness, and adaptability. Preferred Skills: Certifications such as CISSP, CISA, CRISC, or CISM. Technical experience with enterprise networks, applications, and directory services. Familiarity with enterprise GRC platforms. Conditions of Employment Must be able to pass a criminal background & credit check This is a full-time, non-remote position FLSA Status: Exempt We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state, or local protected class. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Pay Range USD $49,972.00 - USD $76,958.00 /Yr.

Job Description Job Title: Information Security Analyst is an on-site assignment (preferred). The Information Security (IS) Analyst is responsible for protecting the bank's digital assets and infrastructure (including cloud infrastructure) from cyber threats and managing information security risks in alignment with industry standards and regulatory expectations. This role involves monitoring systems, analyzing security incidents, conducting risk assessments, assisting with executing Identity & Access Management (IAM) processes, and ensuring compliance with regulatory requirements. The IS Analyst also assists with establishing sound governance functions and ensuring internal controls are operating effectively. Wage Type: Salaried Essential Duties & Responsibilities: To perform this job successfully, an individual must be able to perform each of the essential duties satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Monitor and analyze security alerts from tools such as SIEM, IDS/IPS, DLP, and endpoint protection systems. Investigate and respond to cybersecurity incidents, including root cause analysis and remediation. Conduct vulnerability assessments and penetration testing; lead efforts to recommend mitigation strategies and ensure remediation plans are executed timely. Support Secure Development Lifecycle (SDLC) processes and ensure secure development processes are imbedded and enforced throughout the SDLC. Manage processes for securing the bank's cloud infrastructure, with a focus on Microsoft Azure and AWS. Monitor emerging (or changes to) regulatory requirements, threats, and industry trends, advising leadership on necessary changes and improvements Generate reports and metrics for management and regulatory bodies. Maintain and update IS policies, procedures, and standards in alignment with industry frameworks (i.e., NIST CSF 2.0) and regulatory requirements (FFIEC, GLBA, etc.). Develop and maintain security documentation, playbooks, and training materials. Manage and monitor security awareness, education, and training to employees. Perform internal and vendor IS risk assessments (including data privacy and other regulatory risk assessments). Lead remediation efforts of control gaps identified. Assist in the management and testing of the bank's Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) to ensure operational resiliency and rapid recovery in case of disruptions. Support centralized IAM governance and daily processing of access requests and provisioning. Manage IS metrics monitoring and reporting; Prepare reports and dashboards to communicate compliance performance to senior management and stakeholders; Monitor and report on the status of risk remediation activities. Support audits, inspections, and reviews conducted by regulators and external parties. Carries out responsibilities in a manner consistent with our values and operating principles, in accordance with policy and applicable laws, and with a commitment to commitment to continuous improvement and process excellence. Any other duties as assigned. Key Deliverables: Satisfactory audit results and regulatory examinations. Timeliness and accuracy of risk assessments and reporting. Satisfactory and timely resolution of compliance incidents. Organizational Structure: Reports to: Director of Information Security Supervises: NA Qualifications: Education: Bachelor's degree in Business Administration, Finance, Risk Management, Law, or a related field. Certifications such as CRISC, CISA, CISM, CISSP, or equivalent are preferred. Required Knowledge/Skills: 2-4 years of experience in an IS or cybersecurity role, preferably in the banking or financial services sector. Familiarity with banking regulations, Interagency Information Security Standards and cyber security frameworks (e.g., NIST 2.0 CSF/RMF, PCI DSS, FFIEC, FDIC part 364 Appendix B, GDPR, etc.). Strong technical aptitude with Microsoft Azure and AWS Cloud Infrastructure with experience managing cloud security tools (i.e. Sentinel, Defender, Purview, AWS Security Hub and other native security tools, etc.) Strong analytical and problem-solving skills. Knowledge of risk assessment methodologies and compliance frameworks. Ability to manage multiple priorities and work collaboratively in a team environment. Talents: Proactive and analytical professional with a strong understanding of regulatory compliance in the banking sector. Strong positivity. Mission driven, competitive, goal oriented, and motivated to develop themselves and others. Energetic, resourceful, and appropriate work intensity to get the work done Strong people acumen and relationship skills; Naturally pre-disposed to quickly establish positive personal and professional relationships. Other: Ability to interpret a variety of instructions furnished in written, oral, diagram or schedule form. Must be able to lift to 20 pounds. TransPecos Banks will not accept unsolicited resumes from any source other than the candidate. We will consider any candidate for whom an Agency submits an unsolicited resume, to have been referred to us by the Agency free of any charges or fees, other than those agencies we engage on a specific search. TransPecos Banks will not pay a fee for any placement resulting from the receipt of an unsolicited resume.

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit *************** Nomura Services, India supports the group's global businesses. With world-class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support, the firm plays a key role in facilitating the group's global operations. At Nomura, creating an inclusive workplace is a priority. Our approach to inclusion encompasses a variety of initiatives, including sensitization campaigns, implementing conducive policies & programs, providing infrastructure support and engaging in community events. Over time, we have made meaningful progress in these areas, and this commitment has been well-recognized across the industry. We are proud recipients of the prestigious Top 10 Employers award by the India Workplace Equality Index (IWEI), IWEI Gold Employer of Choice awards, India CSR Leadership Award 2024 for Holistic Village Development Program and the YUVA Unstoppable Changemaker Awards. Division Overview: The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm's information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firms polices. The Global Information Security Team is based in Europe, Asia, India and America. Business Unit Overview: The team's focus is to serve as the single point of contact for all Information security related queries, concerns and technologies. Provide a high standard of user and business support in a responsive and timely manner across all businesses, take responsibility and ownership for maintaining the global strategy and controls for the delivery and operational deployment of global security initiatives in a manner consistent with the common business goals and objectives. Skills & Experience * Bachelor's degree in computer science, Cybersecurity, Information Technology, or related fields with 8-12 years' experience in Information Security with at least 3-5 years in a SOC Leadership. * Strong knowledge of security technology areas like Security Operations Center, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc. * Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as per agreed SLA. * Hands-on experience with MITRE ATT&K, incident response frameworks such as NIST and SANS. * Sound knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection) * Should have sound knowledge of SIEM/EDR/Data Lake/UEBA such as ArcSight, QRadar, Elastic search, SOAR etc. and help team in investigating security issues and/or complex operational issues * Should have experienced in the Usecase management lifecycle and stay updated with New Threat threats to integrate in SOC monitoring. * Should have previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations and cloud monitoring would be add-on. * Experience in implementing and monitoring Cloud Security controls for AWS and Azure cloud * Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases) * Other Experience * Good organization, communication, and coordination skills are essential for this position. * This job requires managing projects and delivering services so experience in either project management or ITIL service management is desired. * Preferred * Any security certifications, such as: GCIH, CISSP, CISM, Security+, CEH, CCSK, or similar industry recognized certifications. * Project management certifications, such as PMP, Prince2, or CSM. * Other best-practice IT certifications such as ITIL or COBIT * Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC. * Experience working in a global team. * Personal Characteristics * Strong communication skills, ability to work comfortably with different regions. * Good team player, ability to work on a local, regional and global basis and as part of joint cross location teams and cross functional teams. * Ability to be pro-active and self-manage tasks through to completion. * Able to perform under pressure. Position Specifications: Corporate Title VP Functional Title SOC Manager Experience 15+ years' experience in Information Security with at least 5+ years in a SOC Leadership Qualification B.E / B.Tech / MCA / M.Tech Location Powai, Mumbai Requisition No Role & Responsibilities: We are seeking an experienced and proactive SOC Manager to lead our 24x7 Global SOC team. The ideal candidate will be responsible for managing security analysts, overseeing daily operations, coordinating incident response efforts, and continuously enhancing threat detection, analysis and response capabilities. The SOC Manager will ensure operational excellence, threat coverage, and alignment with enterprise security policies, compliance mandates, and business objectives. The SOC Manager will be expected to: * Lead and manage a team of SOC analysts across various shifts, ensuring 24x7 operational coverage. * Oversee the monitoring, detection, analysis, and response to cyber threats, incidents and vulnerabilities. * Establish, document, and refine SOC processes, playbooks, and workflows for consistent and effective response. * Manage Global and Regional stakeholder, Business Units, SOC services Expansion at group level and Manage Compliance to Global and regional regulators DORA, MAS * Coordinate with internal IT, legal, compliance risk, and external stakeholders during security incidents and investigations. * Drive use case development, detection tuning, and threat hunting initiatives using SIEM, SOAR, and threat Intelligence platforms. * Implementation of SOC control objectives and drive continuous improvement to SOC Metrics * Ensure SOC performance through KPIs, SLAs, and continuous service improvement initiatives. * Perform regular threat modeling, incident simulations (tabletop exercises), and post-incident reviews. * Evaluate and recommend new tools, services, capabilities to improve SOC effectiveness. * Ensure compliance with relevant security standards (e.g., ISO 27001, NIST, GDPR, etc.). * Mentor and develop SOC team members through coaching, training, and career development plans. * Support internal and external audit by providing necessary evidences and documentation. Additional Responsibilities * Create, develop, and manage tools and scripts/process to assist in the monitoring of cyber risk, intelligence sources, and automation of processes. * Develop metrics and reporting programs for senior leadership. * Project management of Intelligence Lifecycle, including documentation. * Occasional off-hours and weekend work required. All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)). Requirement (indicate mandatory and/or preferred): Mandatory * Drive SOC Strategy as per the Global Leadership strategy: * Strong knowledge of Security log data pipeline solution * Understanding of Log sources onboarding covering MITRE ATT&K Framework * Ensure parser development for unsupported logs sources * Security Data Lake implementation * Proven experience on UEBA for Insider Threat detection * Usecase management for SOC Monitoring Nomura Leadership Behaviours: Leadership Behaviours Description Element Exploring Insights & Vision Comprehensively analyse the nature of the problems we face and set our focus toward the future vision * Gather Intelligence * Create a vision * Identify an issue Making Strategic Decisions Analyse options and feasibility to resolve issues, in making judgments and recommendations * Identify countermeasures * Assess feasibility * Make a judgment Inspiring Entrepreneurship in People Promotes the vision and goals to others in such a way that inspires commitment and independent contributions * Influence * Inspire * Commit Elevating Organizational Capacity Maximize organizational productivity through leadership development and engagement * Have an ownership in own development * Support other's growth * Encourage organizational growth Inclusion Respect diverse perspectives and promote psychological safety and the creation of a risk culture * Foster psychological safety * Encourage the active participation of all talent * Foster a risk culture We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer's responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age. * Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer. The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates.

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit *************** Nomura Services, India supports the group's global businesses. With world-class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support, the firm plays a key role in facilitating the group's global operations. At Nomura, creating an inclusive workplace is a priority. Our approach to inclusion encompasses a variety of initiatives, including sensitization campaigns, implementing conducive policies & programs, providing infrastructure support and engaging in community events. Over time, we have made meaningful progress in these areas, and this commitment has been well-recognized across the industry. We are proud recipients of the prestigious Top 10 Employers award by the India Workplace Equality Index (IWEI), IWEI Gold Employer of Choice awards, India CSR Leadership Award 2024 for Holistic Village Development Program and the YUVA Unstoppable Changemaker Awards. Global CISO (Chief Information Security Office) is looking for a Data Security Associate, this individual will be part of global data security team and collaborate closely with other technical and business stakeholders to protect and secure sensitive information. The Data Loss Prevention (DLP) Operations Lead will serve as a critical function within the Information Security team, providing leadership and hands-on expertise in managing enterprise DLP technologies. This role ensures that sensitive, regulated, and proprietary data remains protected against loss, leakage, or misuse across endpoints, networks, cloud, and email systems. The DLP Operations Lead is a key player in bridging technology, policy, and people, ensuring operational excellence and alignment with broader cybersecurity objectives. The purpose of this role is to operationalize DLP capabilities to prevent data exfiltration and support enterprise-wide data protection strategies. The DLP Operations Lead will ensure ongoing monitoring, incident response, and continuous improvement of policies in accordance with risk and compliance frameworks Responsibilities: * Lead daily operations of Symantec DLP platforms across endpoints, network, and cloud for all Nomura global regions. * Monitor, triage, and investigate DLP incidents, ensuring timely response and resolution. * Manage and fine-tune policies, rules, and thresholds to reduce false positives and improve detection accuracy. * Coordinate with SOC, Legal, HR, and Business units on incident management and escalation. * Maintain integration with SIEM tools and ticketing systems for streamlined alerting and response. * Generate regular reports, dashboards, and metrics to track performance and risk indicators. * Collaborate with data classification and compliance teams to align DLP policies with business context. * Oversee DLP system upgrades, patching, and vendor coordination for Symantec. * Support internal and external audits with DLP logs, documentation, and analysis. * Provide guidance and mentorship to junior analysts or DLP support staff. Knowledge, Skill, Experience Required: Required: * 08-12 years of experience in cybersecurity or information protection. * 7+ years managing Symantec/Forcepoint DLP in an enterprise environment. * Experience with cloud security (e.g., Microsoft 365, Azure Information Protection) and Forcepoint DLP is a plus. * Strong hands-on experience in Symantec DLP (policy design, administration, incident handling). * Deep understanding of data classification, regulatory compliance (e.g., GDPR, SEBI, PCI-DSS, CCPA etc.), and data protection best practices. * Familiarity with integration of DLP systems into SIEM, SOAR, and case management tools. * Experience working with endpoints, email security gateways, and cloud DLP modules. * Strong analytical and investigative capabilities. * Ability to develop risk narratives, executive summaries, and incident reports. * Excellent communication and stakeholder management skills. Beneficial: * Symantec and Forcepoint DLP Certification * Microsoft Certified: Information Protection Administrator Associate (SC-400) * Data Privacy or Security Certifications: CIPP/E, CIPT, CDPSE, CISSP will be a bonus * Azure Security / Microsoft 365 Security certifications Personal Characteristics: * Ability to work cross-functionally with compliance, security, legal, and business data owners * Excellent communication and documentation skills * Proactive, detail-oriented, and outcome-driven * Strong analytical and troubleshooting mindset * Curious, continuously learning, and adaptable to evolving tech landscapes. Nomura Leadership Behaviours: Leadership Behaviours Description Element Exploring Insights & Vision Comprehensively analyse the nature of the problems we face and set our focus toward the future vision * Gather Intelligence * Create a vision * Identify an issue Making Strategic Decisions Analyse options and feasibility to resolve issues, in making judgments and recommendations * Identify countermeasures * Assess feasibility * Make a judgment Inspiring Entrepreneurship in People Promotes the vision and goals to others in such a way that inspires commitment and independent contributions * Influence * Inspire * Commit Elevating Organizational Capacity Maximize organizational productivity through leadership development and engagement * Have an ownership in own development * Support other's growth * Encourage organizational growth Inclusion Respect diverse perspectives and promote psychological safety and the creation of a risk culture * Foster psychological safety * Encourage the active participation of all talent * Foster a risk culture We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer's responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age. * Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer. The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates.

Responsibilities: * Implement and manage Microsoft Purview Information Protection policies for data classification and labeling. * Configure and maintain Information Rights Management (IRM) capabilities within Microsoft 365. * Deploy and monitor Symantec DLP policies to prevent unauthorized data transfers and mitigate risks. * Use BigID for automated data discovery across structured and unstructured data environments. * Configure customized policies and rules to discover and classify sensitive data. * Work closely with compliance, IT, and business units to define classification use cases and DLP policies. * Investigate and respond to DLP incidents, ensuring proper documentation and escalation. * Perform ongoing tuning of data protection rules to reduce false positives and improve accuracy. * Support audit and regulatory requests by providing detailed reports on policy coverage and incidents. * Participate in solution architecture reviews and offer technical guidance for data protection initiatives. * Contribute to the development and enhancement of standard operating procedures and technical documentation. Knowledge, Skill, Experience Required: Required: * 6-8 years of experience in Information Security, with at least 3 years in Data Protection technologies. * Hands-on experience with Microsoft Purview Information Protection and Sensitivity Labels. * Technical proficiency in Symantec Data Loss Prevention (DLP) platform (including endpoint, network, email policies). * Strong understanding of BigID data discovery tool for both structured and unstructured data. * Good knowledge of encryption, data obfuscation, and tokenization techniques. * Familiarity with regulatory and compliance standards (e.g., GDPR, DORA, CCPA, RBI guidelines). * Experience with Microsoft 365 Security & Compliance Center. * Strong scripting or automation skills (PowerShell preferred) are a plus. * Excellent troubleshooting, analytical, and communication skills. Beneficial: * Symantec and Forcepoint DLP Certification * Microsoft Certified: Information Protection Administrator Associate (SC-400) * Data Privacy or Security Certifications: CIPP/E, CIPT, CDPSE, CISSP will be a bonus * Azure Security / Microsoft 365 Security certifications Personal Characteristics: * Strong attention to detail and process adherence. * Self-motivated and proactive in identifying and addressing issues. * Strong team player with the ability to work independently. * Able to handle multiple tasks and prioritize effectively in a fast-paced environment. * Excellent verbal and written communication skills. We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer's responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age. * Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer. The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates.

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit *************** Nomura Services, India supports the group's global businesses. With world-class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support, the firm plays a key role in facilitating the group's global operations. At Nomura, creating an inclusive workplace is a priority. Our approach to inclusion encompasses a variety of initiatives, including sensitization campaigns, implementing conducive policies & programs, providing infrastructure support and engaging in community events. Over time, we have made meaningful progress in these areas, and this commitment has been well-recognized across the industry. We are proud recipients of the prestigious Top 10 Employers award by the India Workplace Equality Index (IWEI), IWEI Gold Employer of Choice awards, India CSR Leadership Award 2024 for Holistic Village Development Program and the YUVA Unstoppable Changemaker Awards. Division Overview: The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm's information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firm's polices. The Global Information Security Team is based in Europe, Asia, India and America. Business Unit Overview: The team's focus is to serve as the single point of contact for all Information security related queries, concerns and technologies. Provide a high standard of user and business support in a responsive and timely manner across all businesses, take responsibility and ownership for maintaining the global strategy and controls for the delivery and operational deployment of global security initiatives in a manner consistent with the common business goals and objectives. Position Specifications: Corporate Title Associate Functional Title Lead Information Security Analyst Experience 5 - 8 years Qualification B.E / B.Tech / MCA / M.Tech Requisition No 10861 Role & Responsibilities: * Assist in the design and deliver of cyber security - global phishing exercises with appropriate data analysis to determine effectiveness of cyber security awareness and training measures. * Develop and deliver a cyber-culture and learning programme with assistance from the wider * global cyber security team applicable for all regions. * Develop and implement annual mandatory cyber awareness training. * Create a yearly action plan of activities including developing and deploying online and face to face training courses through the year. * Conduct regular global phishing exercises. Develop the exercise, record hit rates and reporting rates to be broken down by region, business and location. Run re-tests. Develop executive reporting on phishing test results and future plans and follow-up training. * Draft regular and effective cyber security awareness content (messages, presentations, reports) to drive regular awareness of ongoing cyber security measures. * Develop specific training for high-risk user groups. * Work with internal communications and other key stakeholders to ensure the program is in line with our brand guidelines and company goals * Work in collaboration with our threat intelligence team to identify the risks to the company and what training is needed to help mitigate them. * Work in collaboration with our Security Operations centre to understand key incident trends in order to further develop training programme. * Maintain the cyber culture and learning program to deliver long term results, not just raising awareness but changing behaviours to create an embedded cyber secure culture * Create regular reports for key stake holders and management to show the program metrics. * Ability to constructively challenge the status quo in defining measurements for cyber security culture campaigns * Use interactive and innovative training methods to engage staff. * Help develop the Information Security team training programme to maintain constant learning. * Manage the relationships with our cyber culture and learning vendors * Project manage cyber culture and learning initiatives * Assist the wider cyber security team with business as usual activities Mind Set Mandatory Desired Domain * Ability to form complex communications/messages in a simple, clear and concise manner to present to senior management and stakeholders across the organisation. * Advanced skills in Microsoft office (MS Excel - formulas, pivots, macros. Experience in MS Power BI desirable) and MS PowerPoint. * Direct experience of delivering security culture change and shift away from compliance driven behaviours to an embedded approach to people cyber risk management * Strong communication skills, ability to work comfortably with different regions * Actively participate within internal project community * Good team player, ability to work on a local, regional and global basis and as part of joint cross location initiative * Self-motivated, able to work independently and with a team * Able to perform under pressure. Nomura Leadership Behaviours: Description Element Exploring Insights & Vision Comprehensively analyse the nature of the problems we face and set our focus toward the future vision * Gather Intelligence * Create a vision * Identify an issue Making Strategic Decisions Analyse options and feasibility to resolve issues, in making judgments and recommendations * Identify countermeasures * Assess feasibility * Make a judgment Inspiring Entrepreneurship in People Promotes the vision and goals to others in such a way that inspires commitment and independent contributions * Influence * Inspire * Commit Elevating Organizational Capacity Maximize organizational productivity through leadership development and engagement * Have an ownership in own development * Support other's growth * Encourage organizational growth Inclusion Respect diverse perspectives and promote psychological safety and the creation of a risk culture * Foster psychological safety * Encourage the active participation of all talent * Foster a risk culture We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer's responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age. * Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer. The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates.

A System Security Analyst analyzes and implements system(s) security measures to protect sensitive data and infrastructure. * Implement and maintain security software like firewalls, encryption programs, and intrusion detection systems * Identify vulnerabilities in systems and networks, conduct penetration testing, and recommend mitigation strategies * Work closely with the systems team and Info Sec team to implement and enforce security policies and procedures, ensuring compliance with industry standards * Stay informed about the latest IT security trends and threats, and research new security solutions * Verify the security of third-party vendors and collaboration to meet security requirements * Technical knowledge of enterprise-class technologies such as cloud (AWS and Azure), firewalls, routers, switches, wireless access points, VPNs, and desktop and server operating systems * Thorough understanding of Microsoft's enterprise technology platform, including Azure, Active Directory, SQL, Office 365, and the Windows server and desktop operating systems, patching and vulnerabilities analysis * Hands-on experience with the following technology vendors and products: CyberArk, Okta, CyberReason, Splunk, Vulnerability Scanners Qualifications: * Bachelor's degree or equivalent with certifications related to Information Security e.g. CISA, CISSP, * 5-7 years of relevant experience * Preferred: Technical knowledge of enterprise-class technologies such as cloud (AWS and Azure), firewalls, routers, switches, wireless access points, VPNs, and desktop and server operating systems. Thorough understanding of Microsoft's enterprise technology platform, including Azure, Active Directory, SQL, Office 365, and the Windows server and desktop operating systems patching and vulnerabilities analysis Skills: * CyberSecurity trends and latest threats and ethical hacker training * Working knowledge of Microsoft Excel and MS Word; basic keyboarding and calculator skills, must be able to do simple math and carry out written instructions * Travel to a variety of locations to perform work and/or attend meetings as required * Work occasionally requires more than 40 hours per week to perform the essential functions of the position * Lifting in an office setting may be required up to 30lbs. ANBTX strongly encourages candidates that are fluent in English and Spanish to apply. Jobs that specifically require candidates to be bilingual will be posted as a requirement.

About the Role iCapital is looking to hire a Vice President Information Security Governance Specialist. This individual will be a key person in iCapital's second line of defense team. The ideal candidate will support the organization's security governance program by ensuring compliance with regulatory requirements, security frameworks, and contractual obligations. This role involves reviewing the information security program against industry standards, assessing security clauses in client and vendor contracts, designing and maintaining security controls, and responding to regulatory audits. Responsibilities Assist in authoring, maintaining, and updating security governance policies and standards to align with industry frameworks and management direction. Evaluate the organization's information security program against common frameworks (e.g., ISO 27001, CIS, NIST 800-53, SOC 2) and applicable regulations (e.g., NYDFS, DORA, FFIEC, GDPR). Identify gaps and recommend control enhancements to align with compliance requirements. Review and negotiate information security sections of client and vendor contracts in partnership with the Legal team. Ensure contractual obligations meet internal security standards, regulatory expectations, and reasonability. Collaborate with Technology, Information Security, and Risk teams to design, document, and enhance security controls for infrastructure, applications, and data. Coordinate responses for internal and regulatory audits for information security team. Qualifications 7-10 years of experience in information security governance, compliance, or risk management in a financial service, fintech, or technology-driven environment Bachelor's degree in information security, risk management, or a related field Strong written and verbal communication skills Excellent analytical and problem-solving skills Able to manage multiple priorities and deadlines in a fast-paced environment Comfortable engaging with senior leaders Knowledge of cybersecurity frameworks (ISO, CIS, NIST, SOC 2) and audit processes CISM, CRISC, or CISSP certifications are preferred Benefits The base salary range for this role is $150,000 to $180,000. iCapital offers a compensation package which includes salary, equity for all full-time employees, and an annual performance bonus. Employees also receive a comprehensive benefits package that includes an employer matched retirement plan, generously subsidized healthcare with 100% employer paid dental, vision, telemedicine, and virtual mental health counseling, parental leave, and unlimited paid time off (PTO). We believe the best ideas and innovation happen when we are together. Employees in this role will work in the office Monday-Thursday, with the flexibility to work remotely on Friday. For additional information on iCapital, please visit **************************************** Twitter: @icapitalnetwork | LinkedIn: ***************************************************** | Awards Disclaimer: ****************************************/recognition/ iCapital is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Job Description Support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

**You are the brains behind our work ...** At Citi, we do not just adapt to change - we drive it. Our Full Time Technology Analyst Program is where forward-thinking talents meet unparalleled opportunities. This is your chance to innovate, influence, and make an impact in the most global financial institution! Citi Technology partners to ensure that Citi's platforms can "Be the Best" for clients globally, with a diverse and ethical workforce that applies innovation and automation to deliver a world class client experience and strengthen our reputation. We have over 30,000 technologists globally who are dedicated to serving our clients' needs across the firm. By utilizing a broad range of technologies, we are at the forefront of innovation. We seek to drive our systems and processes towards scalable, low-latency, high frequency enterprise systems to support Citi's strategic priorities. **We provide you with the knowledge and skills you need to succeed...** We're committed to teaching you the ropes. The 2-year Analyst Program starts in July and begins with a robust training program. Here at Citi, rotational programs are intended to help you build a broad skillset and accelerate your career growth by gaining exposure to more than one team in Cyber Security. Our rotational program will help you discover the best fit for your skills and long-term career goals at Citi. **Your time here will look something like this...** Our technological solutions are the foundations of everything we do. We keep the bank safe and provide the technical tools our workers need to be successful. We design our digital architecture and ensure our platforms provide a first-class customer experience. Our operations teams manage risk, resources, and program management. We focus on enterprise resiliency and business continuity. We develop, coordinate, and execute strategic operational plans. Essentially, Chief Information Security Office (CISO) works together to ensure the safety of Citi's and our clients' assets and information. You will make tangible contributions to high-impact, real-world projects that directly influence the evolution of banking. Your work could involve anything from developing next-generation digital banking solutions and fortifying our cybersecurity defenses to driving data-powered innovations and transforming customer experiences. Be a part of impactful initiatives that shape the future of finance. **As a member in our program, you can expect:** + **Global Exposure:** Work in globally scoped projects with cross-functional teams and gain insights into how technology drives the financial sector worldwide. + **Continuous Learning:** Benefit from structured learning, networking, mentoring, and development programs that are designed to sharpen your technical prowess, enhance your business insight, and cultivate your leadership skills. + **Real Impact:** Contribute to real-world projects that shape the future of banking, from developing next-gen digital banking solutions to enhancing our cybersecurity defenses and driving data-powered innovations. **We want to hear from you if...** We are in a hunt for trailblazers with a passion for technology and drive to make a difference. To join this elite program, you should: + Be graduating between December 2025 and May 2026. + Pursuing bachelor's degree in Cyber Security, Computer Science, Computer Engineering, Information Technology, Management Information Systems, or other tech related degree. + GPA of 3.0 or better is preferred. + You will not require sponsorship for U.S. work authorization now or anytime in the future. + You have an interest working in a high-tech global technology environment and have a fundamental understanding of technologies, including by not limited to programing languages (C++, Java, etc.), application development, or basic concepts of relational databases. + Be a problem solver who thrives on innovation and enjoys tackling challenges head-on. + Possess a global outlook and a willingness to collaborate across cultures and time zones. + Have excellent communication skills, project management, leadership, attention to detail, and the ability to work well within diverse teams. + Ability to pass technical interviews consisting of basic algorithmic programming exercises. + Must be collaborative and adaptable, with excellent communication skills. Prior experience working on agile teams is desirable. **Who we think will be a great fit...** A dedication to learning and a true passion for business are vital. As industries all over the globe continue to restructure and grow, we are hiring professionals who have a global perspective on the future of banking and want to make an impact. We value diversity and so do you. We will also be looking for the following: + Are ambitious, with relentless drive to succeed in a fast-paced, dynamic environment. + Are curious about how technology can revolutionize finance and are eager to be at the forefront of this transformation. + Want to grow into a future tech leader, with a passion for both technology and its application in the global financial industry. Annual Salary = $90,000USD ------------------------------------------------------ **Job Family Group:** Management Development Programs ------------------------------------------------------ **Job Family:** Training ------------------------------------------------------ **Time Type:** Full time ------------------------------------------------------ **Primary Location:** Irving Texas United States ------------------------------------------------------ **Primary Location Full Time Salary Range:** $80,000.00 - $115,000.00 In addition to salary, Citi's offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire. ------------------------------------------------------ **Most Relevant Skills** Please see the requirements listed above. ------------------------------------------------------ **Other Relevant Skills** For complementary skills, please see above and/or contact the recruiter. ------------------------------------------------------ **Anticipated Posting Close Date:** Nov 21, 2025 ------------------------------------------------------ _Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law._ _If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (*************************************************************************** ._ _View Citi's EEO Policy Statement (*********************************************** and the Know Your Rights (*********************************************************************************************** poster._ Citi is an equal opportunity and affirmative action employer. Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

We're building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what's right for our clients. At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute. To learn more about CIBC, please visit CIBC.com JOB PURPOSE As an Analyst within the US Information Security Data Science and Reporting team, you will play a critical role in supporting the CSO organization's metrics, reporting, and analytics, providing ongoing and initiative support. You will be responsible for the development, aggregation, evaluation, and communication of key metrics and insights that drive decision-making across multiple legal entities and business lines. This role requires a blend of technical expertise, business acumen, and strong communication skills to deliver high-impact reporting and support strategic projects. Support may also include other teams under the Chief Security Office. Support may include and is not limited to Fraud, Operational Resilience, Third Party Governance & Physical Security. KEY ACCOUNTABILITIES Metrics Reporting and Analysis: Understand data and visualize for stakeholder consumption Aggregate CSO level reporting for packaging Apply base reporting template to legal entities and functional group reporting Support the creation, maintenance, and enhancement of dashboards across multiple legal entities, including direct ownership of select BAU dashboards. Support creation of materials for various reporting committees and forums and address associated follow up requirements Coordinate reporting reviews and approvals Create and maintain reporting documentation, ensuring appropriate retention Metrics Development and Projects: Collaborate with Enterprise and US service owners to identify, test, and implement new metrics; modify existing metrics as needed. Contribute to mandatory and enterprise projects such as RAS/KRI refresh, non-RAS metrics refresh, US and Enterprise Data Strategy initiatives. Map metrics to domains, controls, and threats to ensure comprehensive coverage and continuous improvement. AI and Automation: Support the management of the US Information Security AI and Automation inventory and roadmap. Build out use cases and automate reporting processes where feasible. Collaborate with stakeholders to document requirements and direct and prioritize automation efforts. Projects Participate in enterprise, US region or department initiatives General Assist US Information Security service owners in presenting metrics to stakeholders in a clear and impactful manner. Perform controls as assigned control performer Implement continuous improvement areas Create and maintain procedural documentation Complete ad hoc research and reporting requests Work closely with US CSO organization, Data Governance, AI Governance, 1B, 2LOD and Enterprise, as required. Support summer internship activities COMPLIANCE REQUIREMENTS/RESPONSIBILITIES As an employee of CIBC, the incumbent must comply with all applicable CIBC and Line of Business policies, standards, guidelines and controls. AUTHORITIES/DECISION RIGHTS As a key contributor to the business unit, this job has the authority to recommend changes to business processes in order to enhance operational efficiency and effectiveness. CONDUCT & CULTURE RISK Our CIBC risk culture is based on employees striving to exceed the expectations of ourselves and our leadership's identification and mitigation of risks in their daily responsibilities, not just in quarterly or annual monitoring/assessments. We all are accountable for managing risk. As an employee of CIBC the incumbent must conduct themselves (and foster an environment for others) in a manner consistent with our strong risk culture. This includes: Following all aspects of the CIBC Code of Conduct, as well as all applicable CIBC policies, frameworks, guidelines, processes and controls At all times acting in accordance with our Purpose and shared values, to achieve our Bank's strategic goals Understanding and following the qualitative and quantitative components of our Risk Appetite Statements Completing all annual Corporate Mandatory Training and Testing modules, as well as any additional business-specific modules, as required and employing the learnings in daily activities and undertakings Escalating matters through one of the appropriate channels identified in the CIBC Code of Conduct (i.e., HR, management, Ethics Hotline, Whistleblower, etc.) upon observing activities that may be inconsistent with CIBC's policies, frameworks, guidelines, processes and controls Speaking up if witnessing behaviors that drive poor or unfair outcomes for clients, team members or other stakeholders Escalating matters that can result in adverse market practices and outcomes, thereby negatively impacting CIBC's reputation as a leading financial institution KNOWLEDGE AND SKILLS Bachelor's degree in Data Science, Computer Science, Business Analytics, or a related field. Masters degree is a plus 2+ years of experience in data analysis, reporting, or business intelligence, preferably within financial services Proficiency in data visualization tools (e.g., Tableau, Power BI), SQL, Excel, and Python. Experience with GRC platforms (e.g. MetricStream,OneTrust, Archer) is a plus Experience with control frameworks (e.g. NIST CSF) is a plus Strong analytical, problem-solving, and critical thinking skills. Excellent written and verbal communication skills, with the ability to translate complex data into actionable insights for executive audiences. Demonstrate ability to manage ambiguity, independently manage multiple priorities and projects in a fast-paced environment. Customer focused, with action orientation Strong attention to detail, organization skills, and a commitment to continuous improvement. You know that details matter. You notice and question things that others don't. Your critical thinking skills help to inform your decision-making. You are a curious learner, staying current on industry trends. You challenge the status quo and have a passion for continuous improvement. You're goal-oriented. You're motivated by accomplishing individual and team based goals and consistently delivering your best to make a difference. You have a passion for excellence, holding yourself accountable. Work Arrangement: At CIBC we enable the work environment most optimal for you to thrive in your role. This position does not offer visa sponsorship. This role is part-time (24 hours a week) and has an expected hourly rate of $38-$42 per hour for the Chicago market based on experience, qualifications, and location of the position. The successful candidate may be eligible to participate in the relevant business unit's incentive compensation plan, which may also include a discretionary bonus component. CIBC offers a full range of benefits and programs to meet our employee's needs; including Medical, Dental, Vision, Health Savings Account, Life Insurance, Disability, and Other Insurance Plans, Paid Time Off (including Sick Leave, Parental Leave and Vacation), Holidays and 401(k), in addition to other special perks reserved for our team members. #LI-TA At CIBC, your goals are a priority. We start with your strengths, ambitions and strive to create opportunities to tap into your potential. What you need to know CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact ********************************** You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit. We may ask you to complete an attribute-based assessment and other skills tests (such as simulation, coding, MS Office). Our goal for the application process is to get to know more about you, all that you have to offer, and give you the opportunity to learn more about us. Expected End Date 2026-07-31 Job Location IL-70 W Madison St, 9th Fl Employment Type Temporary (Fixed Term) Weekly Hours 24 Skills Analytical Thinking, Decision Making, Information Security, Internal Auditing, Security Risk, Technical Training, Troubleshooting, Vendor Management

“I can be myself at work.” You are more than a job title. We want you to feel comfortable doing great work and bringing your best, authentic self to everything you do. We value your talents, traditions, and uniqueness-and we're committed to fostering a strong sense of belonging in a respectful workplace. We intentionally seek diverse perspectives, experiences, and backgrounds, investing in a culture designed to celebrate differences. We believe that belonging leads to better outcomes and a stronger community of associates united by our mission. At Capital, we live our core values every day: Integrity, Client Focus, Diverse Perspectives, Long-Term Thinking, and Community. “I can influence my income.” You want to feel recognized at work. Your performance will be reviewed annually, and your compensation will be designed to motivate and reward the value that you provide. You'll receive a competitive salary, bonuses and benefits. Your company-funded retirement contribution will factor in salary and variable pay, including bonuses. “I can lead a full life.” You bring unique goals and interests to your job and your life. Whether you're raising a family, you're passionate about where you volunteer, or you want to explore different career paths, we'll give you the resources that can set you up for success. Enjoy generous time-away and health benefits from day one, with the opportunity for flexible work options Receive 2-for-1 matching gifts for your charitable contributions and the opportunity to secure annual grants for the organizations you love Access on-demand professional development resources that allow you to hone existing skills and learn new ones I can succeed as a Security Engineer III ~Data Loss Prevention at Capital Group. As a Security Engineer III in Data Loss Prevention, you'll take the lead in deploying, managing, and fine-tuning data loss prevention (DLP) and data protection tools across our enterprise systems. Your mission is to keep sensitive information safe by implementing strong technical controls, optimizing DLP policies to cut down false positives, and ensuring compliance with regulations like GDPR and HIPAA. You'll dive into threat modeling, fix vulnerabilities, and automate security configurations using scripting and infrastructure-as-code tools. A solid background in cloud, network, and application security is key, along with hands-on experience with DLP platforms such as Symantec, Microsoft Purview, or Zscaler. This role gives you autonomy while working closely with IT, DevOps, and compliance teams to embed security into everyday workflows. You'll also mentor junior engineers, support incident response, and translate technical risks into clear, actionable guidance for stakeholders. I am the person Capital Group is looking for. You are responsible for deploying, configuring, and maintaining enterprise Data Loss Prevention (DLP) platforms to safeguard sensitive information across cloud, web, endpoint, and email channels. You create and tune DLP policies to detect and prevent unauthorized data exfiltration. You automate security controls using scripting and infrastructure-as-code, ensuring alignment with regulatory and internal standards. You ensure the health and operational stability of the DLP platform by monitoring performance, troubleshooting issues, and executing standard operational procedures to maintain reliability and effectiveness. You support incident response efforts and collaborate closely with incident response and threat detection teams to continuously improve DLP operations. You tune policies based on real-world detection patterns, enrich alert workflows with contextual data, and refine playbooks to reduce false positives. Required Skills: Minimum 3-5 years in data protection or in Information Security A Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). You have demonstrated proficiency with DLP tools and technologies such as Symantec, Microsoft, Zscaler, or Palo Alto DLP platforms. You possess in-depth knowledge of data protection methods, including encryption (for data at rest and in transit), data masking, and tokenization techniques. You have a strong understanding of data privacy regulations and compliance standards (e.g., GDPR, HIPAA, CCPA). You are experienced with data classification frameworks and applying controls based on data sensitivity. “I can apply in less than 4 minutes.” You've reviewed this job posting and you're ready to start the candidate journey with us. Apply now to move to the next step in our recruiting process. If this role isn't what you're looking for, check out our other opportunities and join our talent community. “I can learn more about Capital Group.” At Capital Group, the success of the people who invest with us depends on the people in whom we invest. That's why we offer a culture, compensation and opportunities that empower our associates to build successful and prosperous careers. Through nine decades, our goal has been to improve people's lives through successful investing. We know that our history is a testament to the strength of the people we hire. More than 9,000 associates in 30+ offices around the world help our clients and each other grow and thrive every day. Find us on LinkedIn, Instagram, YouTube and Glassdoor. Southern California Base Salary Range: $125,909-$201,454San Antonio Base Salary Range: $103,508-$165,613New York Base Salary Range: $133,471-$213,554 In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings. You can learn more about our compensation and benefits here . * Temporary positions in the United States are excluded from the above mentioned compensation and benefit plans. We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.

3M has a long-standing reputation as a company committed to innovation. We provide the freedom to explore and encourage curiosity and creativity. We gain new insight from diverse thinking, and take risks on new ideas. Here, you can apply your talent in bold ways that matter. : JOB DESCRIPTION: What You'll Do As a key member of the IT Security Compliance team, reporting to the Team Lead - Security Compliance, you will: * Execute day-to-day cybersecurity risk, compliance, and assurance activities. * Support global cybersecurity certifications including ISO 27001 and ISO 27017, evaluating control effectiveness and reviewing evidence of controls. * Assist in achieving ISO 27001 certification by identifying risks and implementing controls. * Maintain and continuously improve 3M's Information Security Management System (ISMS). * Create, update, and manage ISMS documentation, reports, and audit records. * Act as Subject Matter Expert (SME) for PCI DSS, advising stakeholders, conducting internal assessments, and driving PCI DSS v4.0.1 reviews, gap assessments, and control evaluations. * Provide high-level knowledge support on other frameworks and standards including NIST, SOX, SWIFT, and TISAX. * Deliver timely written reports, metrics, and updates to cybersecurity management. * Collaborate and communicate effectively across teams and with stakeholders. What We're Looking For * Education: Bachelor's degree with a minimum of 4 years of experience in Information Security, GRC, or related roles. * Certifications (preferred): ISO 27001 Lead Auditor/Implementer, PCI ISA, CISA, CISM, CRISC, or equivalent. * Skills & Knowledge: * Strong knowledge of information security risk standards, frameworks, and methodologies. * Experience working with GRC tools such as OneTrust, Archer (or similar). * Excellent written and verbal communication skills. * Ability to manage multiple priorities and adapt to evolving business needs. Learn more about 3M's creative solutions to the world's problems at ********** or on Instagram, Facebook, and LinkedIn @3M. Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement. Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly. 3M Global Terms of Use and Privacy Statement Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms. Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.

This position is responsible for ensuring that the Bank's Security operations and preventive controls are managed and maintained in accordance with established Information Security policies, standards and procedures, published regulations and industry best practices. Primarily responsible for the constant review of vendor security controls in comparison with policies and industry frameworks, risk assessments, determination of control gaps and their remediation. ESSENTIAL FUNCTIONS Performs vendor security risk assessments to determine inherent risk on proposed projects and assesses vendor security controls to determine residual risk. Evaluates the potential exposure to application security risks and threats based on industry security frameworks and recommends appropriate mitigation. Assesses security practices including Information Security governance, Identity and access control, Incident monitoring and response, Vulnerability assessment and Penetration tests, Network Security and Endpoint Security, among others. Acts as liaison with Third Party Risk Management, Information Technology and business department Relationship Managers related to vendor risk assessments. Reports information security risks and follows-up remediations. Remediates audit and regulatory findings and recommendations related to Information Security and Vendor Risk Management. QUALIFICATIONS Education: College degree in Information Technology or Information Security or equivalent; Security+, SSCP, CISSP, CISM or similar information security certifications preferred. Experience: Minimum two years of experience in Information Security Risk, Information Security Operations or Security Auditing. Proven experience on third-party risk management and vendor security assessments. Working knowledge of security practices such as Endpoint Security, Network Security, Security Operations and Security Governance required. Experience working with Vendor Risk Management (VRM) applications preferred. Skills/Ability: Proven ability to initiate and manage projects. Excellent communication and problem-solving skills. Strong inter-personal communication and collaboration skills. Self-starter, highly motivated, and able to work with general supervision. OTHER DETAILS $28.84 - $33.65 / hour Pay determined based on job-related knowledge, skills, experience, and location. This position may be eligible for a discretionary bonus.