Cyber security analyst jobs in Hanover Park, IL - 122 jobs

About the job at GVW Group, LLC. Job Title: Chief Information Security Officer (CISO). . Reports to: Chief Financial Officer (CFO) of GVW Group. Job Summary The Chief Information Security Officer (CISO) is responsible for establishing and maintaining the enterprise's vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO is a key leadership role tasked with safeguarding sensitive data, mitigating risks, ensuring compliance, and responding effectively to cybersecurity incidents. Key Responsibilities Strategic Leadership Develop, implement, and maintain an enterprise-wide information security strategy and roadmap. Advise senior management and the Board of Directors on cybersecurity risks, compliance, and emerging threats. Align security initiatives with business objectives to support growth while managing risk. Risk Management and Compliance Identify, assess, and prioritize cybersecurity risks and establish measures to mitigate them. Ensure compliance with relevant legal, regulatory, and contractual requirements (e.g., GDPR, HIPAA, CCPA, ISO 27001). Develop and enforce company-wide security policies, procedures, and standards. Cybersecurity Operations Oversee the design, implementation, and maintenance of security infrastructure, including firewalls, intrusion detection systems, and encryption technologies. Lead the development of incident response plans and oversee their execution in case of security breaches. Conduct regular audits, risk assessments, and penetration testing to ensure system integrity. Emerging Threats and Innovation Monitor the threat landscape and emerging technologies to proactively address vulnerabilities. Develop partnerships with industry groups, government agencies, and vendors to stay ahead of cybersecurity trends. Oversee security for cloud infrastructure, DevSecOps, and third-party vendors. Qualifications Education & Certifications Bachelor's degree in Computer Science, Information Technology, or a related field (Master's preferred). Industry certifications such as CISSP, CISM, CISA, or CRISC are highly desirable. Experience 10+ years of experience in information security, IT risk management, or related fields, with at least 5 years in a senior leadership role. Proven track record of managing enterprise-level cybersecurity programs. Skills & Competencies Deep understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, COBIT). Strong analytical, problem-solving, and decision‑making skills. Excellent leadership, communication, and collaboration abilities. Experience in incident response, cloud security, and data protection strategies. Key Performance Indicators (KPIs) Reduction in security incidents and breaches. Compliance with regulatory and internal security standards. Employee cybersecurity awareness scores. Incident response times and recovery rates. Compensation We offer an attractive compensation and benefits package, to include base salary, incentive bonus opportunities, and benefits such as medical, dental, vision options, 401(k) plan, etc. We know how to fine‑tune corporate security because we've led effective and efficient Fortune 500‑level security programs. The SEC helps businesses find the best balance of risk mitigation, cost, and innovation. Want insight delivered to your inbox? Subscribe to Security Insight newsletter. #J-18808-Ljbffr

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Job Title: Cyber Security Analyst Duration: 12 Months Location: Oakbrook Terrace, IL Job Description: Responsible for planning, designing, and implementing a process for cyber security monitoring, incident detection, and incident response. 1-3 yrs of experience and a Bachelor's degree in IT systems or a related discipline. Position Requirements: - Configuration and administration of logging aggregation and security event monitoring tools (like Industrial Defender, Splunk, etc.) - Configuration and maintenance of performance monitoring tools (like Solarwinds, Uptime, CA Spectrum, etc.) o Understands and can configure tools and endpoint systems to use SNMP for monitoring - General IT Support (application patching, client updates, remote access and administration tools) - General Networking knowledge (IP Networking, OSI Stack, etc.) Additional Information Thanks & Regards' ___________________________________________________________________________ Vikram Bhalla | Team Recruitment | Mindlance, Inc. | W: ************ All your information will be kept confidential according to EEO guidelines.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: SAPTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. We are seeking capable, talented, and motivated team-contributors at our Northrop Grumman Rolling Meadows site. Our products range from advanced sensing technologies to state-of-the-art targeting and tracking systems that are deployed in Electro-Optical Infrared (EOIR) and Radio Frequency Electronic Warfare (RFEW) systems. These systems are designed, developed, built, integrated, and tested by the capable folks at our company to protect the lives of US and Allied warfighters in present and future conflicts. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world's biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today. If you are interested in consideration to be included as a part of this team, we would invite you to apply. Northrop Grumman Mission Systems Sector (NGMS) is seeking a Staff Systems Security Engineer to join our Systems Security Engineering team. The Security Engineering team is cross-disciplinary across the security domain; encompassing embedded Systems Engineering, Cybersecurity, Software Security and Anti-Tamper Engineering. Roles & Responsibilities: · Design/develop system architectures and generate system designs to be implemented in a cost-effective manner. Implement and ensure compliance with government policies (e.g., JSIG, DAAPM, NIST 800-53, CNSSI 1253, DODI 5200.39, etc.) by reviewing process tailoring needs and approving documented procedures. Guide and monitor technical documentation/publication to document trades studies, system designs, analysis, and results related to a systems security posture such as identifying Critical Program Information (CPI) and creation of Anti-Tamper Plans Develop an understanding of system interfaces and how to protect them. Assist with the definition of key capabilities and performance requirements. Adapt production and development products to meet unique customer needs and support the development of system security functions. Collaborate with security engineering team(s), across a portfolio of programs, through the duration of program execution to solve issues and to prepare for requirements sell off. Support technical work products developed by the larger engineering team in support of major milestone deliveries (e.g.: SRR, SVR, PDR, CDR, TRR, PRR). Authoring technical documentation such as white papers, proposal technical volumes, and program milestone briefings. Collaborate with security engineering team(s), across a portfolio of programs, through the duration of program execution to solve issues and to prepare for requirements sell off. Other duties may include technical leadership, business capture activities, interfacing with industry partners and the USG. This position will be full-time, on-site at our Rolling Meadows, IL location. This position is contingent upon Funding/Contract award, special access program and acquiring and maintaining the necessary US Government security clearance per customers' requirements prior to start. Basic Qualifications for a Staff Systems Security Engineer: Bachelor's degree in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 12+years of related experience, a Master's degree in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 10+ years of related experience or a PhD in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 7+ years of related experience. 3 years of cumulative experience on DoD based platforms and/or systems regarding the application of Cybersecurity RMF or Anti-Tamper with competencies in security threat analysis, systems architecture, engineering design, requirements derivation, validation, and verification. Must have demonstrated experience in leading teams to solve technical problems, including decomposition, root cause analysis, solution development, implementation and monitoring Experience contributing to and/or making technical presentations to internal and external customers. Ability to obtain and maintain a minimum of a Secret Clearance with additional customer specified clearance prior to start. Preferred Qualifications for a Staff Systems Security Engineer: Advanced degrees in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields. Experience with design verification testing, reverse engineering, embedded software development, Cybersecurity, or Anti-Tamper Possess a DoD 8140 certification, e.g. CompTIA Security+, CISSP, or similar. Experience with proposals and creating basis of estimates (BOEs) Primary Level Salary Range: $163,200.00 - $244,800.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities include, but are not limited to: • In-depth analysis of malware, including authoring analysis reports. • Tracking malware campaigns, malicious actors, and related infrastructure. • Creation of tools and scripts to assist in the analysis of malware analysis. • Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications: • Strong direct experience of analyzing malware. • Intermediate to advanced malware analysis skills. • Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e-crime, and cyber espionage actors. • Experience creating tools and scripts to accelerate malware and threat analysis. • Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. • Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. • Experience authoring YARA, Suricata, and EKFiddle detection rules. • Experience with penetration testing and/or adversary emulation is a plus. • Able to work independently on tasks, but also work well within a team environment Desired Qualifications: • Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills: Cyber Security Data Privacy and Protection Problem Solving Process Management Threat Analysis Business Acumen Data and Trend Analysis Interpret Relevant Laws, Rules, and Regulations Risk Analytics Stakeholder Management Access and Identity Management Data Governance Encryption Information Systems Management Technology System Assessment Shift: 1st shift (United States of America) Hours Per Week: 40 Pay Transparency details US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540) Pay and benefits information Pay range$95,700.00 - $144,900.00 annualized salary, offers to be determined based on experience, education and skill set.Discretionary incentive eligible This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.BenefitsThis role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

About Us: Valent North America LLC is the shared services organization of Valent U.S.A. LLC and Valent BioSciences LLC, which are part of the Valent group of companies. As a wholly owned subsidiary of Sumitomo Chemical Co., Ltd., Valent North America unites the corporate Finance, Human Resources, Information Technology, Legal, and Environmental Health & Safety functions to maximize service delivery practices across the Valent group of companies. Valent U.S.A. engages in the development, registration, sales, and marketing of integrated technological solutions for crop production and pest management that deliver value for customers and stakeholders. Valent BioSciences is a worldwide leader in the research, development, manufacturing, and commercialization of biorational products for the agriculture, public health, and forest health markets. Sumitomo Chemical is one of Japan's leading chemical companies, offering a diverse range of products globally that support a wide variety of industries and help enhance peoples' daily lives. General Description Responsible for monitoring, detecting, responding to, and remediating security threats across Valent USA and Sumitomo Biorational Company's (SBC) technology landscape. Ensures the continuous operation and improvement of security tools, automates security workflows, and supports the implementation of security controls across on-premises and cloud environments. Leads initiatives to advance company-wide cybersecurity services and requires a high-level technical expertise to provide guidance on information security best practices. Contributes to information security policy maintenance; assists with the design of security education, training, and monitors compliance with third-party suppliers, SBC IT Security policies, regulatory requirements, and applicable laws. Reports to the Security Operations Manager and works closely with internal IT teams, managed service providers, legal, and compliance stakeholders to safeguard Valent's and SBC's systems, data, and users. Principle Responsibilities Security Monitoring, Detection, and Response Operate and tune security monitoring platforms including SIEM, endpoint detection and response (EDR), identity protection, email security, and cloud security tools. Triage and investigate security alerts, determine root cause, and take appropriate containment and remediation actions in coordination with internal and external teams. Support incident response activities following defined procedures, including incident logging, escalation, containment, eradication, recovery, and lessons learned. Collaborate with the Security Operations Manager and managed security services provider (MSSP) to refine detection rules, correlation logic, and incident escalation procedures. Security Tool Engineering and Automation Configure, maintain, and improve security tools to ensure optimal performance and coverage. Identify opportunities to automate operational tasks such as log analysis, incident response steps, and reporting using scripting tools (e.g., PowerShell or Python). Assess new security technologies to determine fit within the security ecosystem and assist with tool evaluation and implementation. Vulnerability and Risk Management Analyze vulnerability scan results and coordinate remediation efforts with infrastructure, application, and cloud teams. Monitor risk remediation timelines and ensure closure of findings from audits, risk assessments, and penetration tests. Support third-party risk assessments and ensure external vendors meet security requirements. Security Governance and Compliance Support Contribute to the development and maintenance of information security policies, procedures, standards, and technical documentation. Support J-SOX IT General Controls (ITGCs) compliance, including evidence collection, access reviews, and operational control testing. Participate in disaster recovery testing, business continuity planning, and cybersecurity awareness initiatives. Reporting and Continuous Improvement Generate weekly and monthly operational reports summarizing security events, vulnerabilities, and remediation progress. Recommend process improvements to reduce incident response time, eliminate manual tasks, and enhance the effectiveness of security controls. Support efforts to improve security awareness and user behavior through data-driven insights and technical guidance. Cross-Team Collaboration Collaborate with infrastructure, applications, and network teams to ensure secure configuration of systems and services. Support project teams by providing security input on new technologies, architecture reviews, and implementation plans. Participate in security-related projects and initiatives assigned by the Security Operations Manager. Qualifications Technical Competencies Solid understanding of cybersecurity concepts including threat detection, incident response, vulnerability management, access control, and log analysis. Experience operating and supporting tools such as SIEM, EDR, MFA, email security, cloud security posture management (CSPM), and vulnerability scanners. Knowledge of hybrid and cloud security best practices, including Microsoft Azure security technologies. Familiarity with common attack techniques and the MITRE ATT&CK framework. Experience with scripting languages (e.g., PowerShell, Python) is preferred for automation and tool integration. Understanding in securing hybrid, single, or multi cloud environments, leveraging cloud native tools as well as other 3rd party tools to establish a layered security approach. Experience in developing, documenting, and maintaining security policy, standards, and procedures Skills Proven ability to work under stress in emergencies, with flexibility to handle multiple high-pressure situations simultaneously. Ability to work well under minimal supervision. Strong analytical and problem-solving skills to enable effective resolution of security events and identified risks. Strong team-oriented interpersonal skills, with the ability to communicate effectively with a broad range or people and roles, including vendors and IT business partners. Strong written and verbal communication skills. Educational, Training, and Previous Experience Bachelor's degree or equivalent work experience. At least 5 years of Information Security experience (10 years preferred). At least five years of “hands-on experience”. Possess at least one of the following professional certifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Cloud Security Professional (CCSP) Physical Demands and Work Environment The physical demands and work environment characteristics described below are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Physical Demands include constant sitting, walking, standing, simple grasping and fine manipulation with hands; frequent bending at the neck and waist; and occasional squatting, climbing, kneeling, crawling, twisting at the neck and waist, power grasping, pushing, and pulling with hands, reaching above shoulder level, lifting and carrying up to 25 lbs. Work Environment includes exposure to or working in or around equipment and machinery, including a computer keyboard and mouse. It may require occasional travel. Frequency Definitions : Constant = Over 40% / Frequent = Up to 40% / Occasional = Up to 10% What We Offer We recognize that compensation and benefits play a crucial role in your career decisions. That's why we're dedicated to equitable pay practices and transparency in how we reward our employees. Base Salary: The estimated annual base salary for this position ranges from: $120,000 to $140,000. Individual pay is based upon location, skills, experience, and other relevant factors. Incentives: All full-time employees are eligible for an incentive program or profit-sharing program in addition to their base salary. Benefits: High-quality healthcare coverage starting on day one, with options for medical (HSA/HRA), vision, and dental plans 5% company contribution to your 401(k), plus a quarterly discretionary bonus Immediate 100% vesting of all retirement contributions Financial assistance programs to support your goals Life and disability insurance for added security Generous paid time off, including vacation, holidays, and volunteer days Flexible work arrangements available Our Commitment to a Sustainable Future At Valent Group of Companies, we're proud to power a sustainable future through our work. Sustainability and corporate social responsibility (CSR) have been at the core of our culture since the beginning. Today, they continue to drive everything we do. Join us in making a meaningful impact and contributing to a better world. Valent U.S.A., Valent North America LLC, Valent BioSciences LLC and Mycorrhizal Applications LLC are an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation and/or identity, national origin, citizenship, immigration status, disabilities, or protected veteran status. #LI-HYBRID

Join the Global Information Security (GIS) department at CME Group as a Sr. Cyber Security Engineer - Threat Simulation. You will be an integral part of our Offensive Security organization, directly contributing to improving CME Group's security posture. This high-impact role is responsible for the execution of Red Team adversary emulations against our complex hybrid environment, proactively testing and strengthening our internal and internet-facing systems. You'll also be a key participant in Purple Team activities to continuously improve the organization's cyber detection and response capabilities. This is a perfect opportunity for a sharp, action-oriented engineer to become a key part of a team of highly skilled cybersecurity professionals who execute a pivotal role in protecting and defending national critical infrastructure. What You'll Get * Elevate your expertise in a supportive environment fostering continuous learning, rapid career progression, and an inclusive, global team culture. * Gain broad exposure to CME Group's diverse products, asset classes, and cross-functional teams, expanding your impact across critical financial infrastructure. * Receive a competitive salary and comprehensive benefits package. What You'll Do As a key member of our offensive security team, you will: * Execute high-impact Red Team exercises against our complex hybrid cloud environments, driven by real-world threat intelligence and the MITRE ATT&CK Framework. * Engineer and maintain robust Red and Purple Team infrastructure, continuously automating processes for efficiency and scale. * Co-design and lead joint Purple Team exercises, directly partnering with cyber defense to improve detection and response capabilities. * Innovate through continuous research into new offensive security TTPs (Tactics, Techniques, and Procedures) and drive knowledge transfer across the security organization. * Conduct specialized, ad-hoc offensive security tests utilizing industry-leading and internally developed tooling to uncover subtle security gaps. * Author comprehensive post-exercise reports, including detailed technical findings, compromise narratives, and strategic, risk-rated recommendations for remediation. * Mentor cyber defense teams during incident investigations, providing critical subject matter expertise on attacker tradecraft and mindset. * Champion security awareness and technical knowledge-sharing by collaborating with information security, technology, and business stakeholders. What You'll Bring We're looking for an engineer with a robust offensive mindset and a proven track record of breaking and building in complex enterprise environments. Technical Mastery * 5+ years' experience wielding industry-standard penetration testing and adversary emulation tools (e.g., Cobalt Strike, Sliver, Mythic, Bloodhound, Burp Suite). * Expert understanding of the MITRE ATT&CK Framework and advanced evasion techniques used to bypass modern security controls. * Strong comprehension of the cyber kill chain and the full lifecycle of an Advanced Persistent Threat (APT) targeting financial institutions. * Proficiency in at least one scripting language (e.g., Python, PowerShell) and experience with a compiled language (e.g., Go, C#) for tool development. * Deep experience attacking and securing complex cloud, on-prem, and hybrid environments, from initial access through actions on objective. * Solid knowledge of Windows and Linux system hardening concepts, Purple Team automation strategies, and vulnerability rating methodologies. * Proven experience with security within at least one major cloud provider (e.g., AWS, Azure, GCP). Nice to Haves: * Previous hands-on experience performing sophisticated adversary emulations/simulations specifically within the financial services sector. * A recognized offensive security industry certification (e.g., OSCP, GPEN, GXPN, OSWE, eCPTX) demonstrating specialized, high-impact skills. * Familiarity with modern enterprise security standards and frameworks (e.g., TIBER-EU, CBEST, NIST CSF). * Experience conducting offensive security exercises against emerging technologies, such as AI/ML systems or mac OS. #LI-DD1 #LI-Hybrid CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future. The pay range for this role is $116,600-$194,300. Actual salary offered will be dependent on a wide array of factors including but not limited to: relevant experience, skills, education and comparison to internal employees (where relevant). Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program. Through our benefits program, we strive to offer flexibility, value and choice. From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active pension plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic benefits package for our team and their dependents. CME Group: Where Futures are Made CME Group is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it - all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more. At CME Group, we embrace our employees' unique experiences and skills to ensure that everyone's perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic. Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here.

A large retail company is looking for a talented Security Engineer to join our dynamic Information Security team. As one of the nation's leading retailers, we handle massive volumes of customer data, e-commerce transactions, point-of-sale systems, supply chain networks, and cloud-based infrastructure. We're seeking a proactive Security Engineer to design, implement, and maintain robust security controls that protect our digital assets, ensure compliance, and defend against evolving cyber threats in a fast-paced retail environment. In this hands-on position, you'll play a key role in safeguarding our IT ecosystem-including on-premises systems, cloud environments (AWS/Azure), web applications, payment processing platforms, and internal networks-while supporting our mission to deliver secure, seamless shopping experiences for millions of customers. Pay Rate: $110-$115/hr We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements Bachelor's degree in Computer Science, Information Security, Cybersecurity, Engineering, or a related field (or equivalent experience). 3+ years of experience in cybersecurity, with at least 2 years in a Security Engineer or similar technical role. Strong hands-on experience with security tools and technologies (e.g., Splunk/ELK, CrowdStrike, Palo Alto, AWS Security Hub, Azure Sentinel, Burp Suite, Qualys, or similar). Proficiency in scripting/automation (Python, PowerShell, Bash) for security tasks. Solid understanding of networking protocols, cloud security (AWS/Azure/GCP), container security, and modern authentication methods (OAuth, SAML, MFA). Experience with retail or e-commerce environments is highly desirable (e.g., protecting payment card data, securing web-facing applications, or handling high-volume transactional systems). Relevant certifications such as CISSP, CEH, OSCP, CompTIA Security+, CCSP, or GIAC are preferred. Excellent problem-solving skills, attention to detail, and ability to thrive in a fast-paced, collaborative environment.

CTC is a cutting-edge proprietary trading firm with a long-term vision and a clear focus on helping the world price and manage risk. Our fun and trusting culture inspires us to solve the industry's most challenging problems and take calculated risks in a collaborative environment. We strive to be the most innovative firm in the industry today, tomorrow, and long into the future while upholding ethical excellence. We believe that CTC makes a positive impact on the markets, the lives of our employees, and all the communities to which we belong. Started in 1995 by a team of forward-thinking Traders, we are proud to call ourselves an industry leader that keeps making markets and each other better. THE ROLE Ready to make an immediate impact at the heart of cybersecurity? Join CTC as an Information Security Operations Engineer, where every day puts you front and center in defending our systems. This isn't just monitoring screens. It's live fire, quick thinking, and creative problem solving. You'll be using powerful tools, investigating real threats, and teaming up with passionate pros who will help you develop top-tier security skills. You'll get a backstage pass to how attacks unfold, sharpen your instincts, and design smarter, faster responses. Our Security Operations team is growing quickly, making a real impact, and leading the charge to keep our business safe. This is your chance to launch your cybersecurity career with immediate responsibility, plenty of variety, and a team that is genuinely invested in your growth. In this role, you will get an inside look at how security works at a trading firm, master core tools and playbooks, and collaborate with people who enjoy solving tough problems together. Every day is different, and every win matters. WHAT YOU'LL DO * Monitor and triage alerts across security platforms such as SIEM, EDR, email, and identity, cutting through noise to kick off investigations as needed * Execute and improve incident response playbooks by gathering evidence, containing low-severity events, escalating thoughtfully, and communicating clearly * Perform daily security checks to ensure healthy systems, track issues through to closure, and keep runbooks updated * Support phishing investigations and user-reported security events, sharing findings to keep our teams protected * Assist with vulnerability and patch reviews alongside engineering, confirming that risks are remediated * Create detailed case documentation including timelines, artifacts, observables, and post-incident summaries to support learning and improvement * Suggest and build improvements for processes and playbooks, tuning detections and developing smart automations * Collaborate with technology partners across the firm, sharing context and building trust through fast, reliable service * Help teammates thrive, reduce repetitive work, improve signal over noise, and deliver consistent results WHAT WE'RE LOOKING FOR * Genuine interest in cybersecurity operations and a drive to build a career in SOC or incident response. Internships, school projects, or labs are welcome * Basic understanding of networking, Windows and Linux systems, and enterprise technology. Able to dig into logs and troubleshoot issues * Familiarity with at least one core security tool or domain, such as SIEM, EDR, email security gateways, or identity and MFA, and ready to learn more * Strong instincts for structured troubleshooting, evidence gathering, and writing clear documentation for tickets and incident handoffs * Basic scripting or automation skills in Python or PowerShell, or a willingness to learn and automate repetitive tasks * Curiosity, clear communication, and a collaborative mindset * Detail-oriented and service-driven with a disciplined approach to procedures, meeting SLAs, and seeking ways to improve outcomes * Willingness to join on-call or after-hours rotations as needed NICE TO HAVES * Hands-on experience with security platforms such as SIEM queries, endpoint detections, phishing analysis, or sandboxing * Familiarity with ticketing tools, incident tracking, or on-call workflows, and exposure to SOAR or automation tools * Coursework, certifications, or labs in security operations, such as Security+, SIEM fundamentals, or networking basics * Understanding of vulnerability management and experience working with engineering teams on remediation Compensation The salary range for this role is listed below. This role is also eligible for an annual discretionary bonus. The discretionary bonus will be dependent upon the individual's skills, experience, qualifications, and firm performance. Salary Range $150,000-$175,000 USD Most teams at CTC, with the exception of Trading, follow a hybrid workplace model, subject to change based on business need. Our Benefits We strongly believe in the well-being of our employees and their families so we offer outstanding benefits to support you both professionally and personally. These benefits include generous medical coverage, paid parental leave, free breakfast and lunch (plus healthy snacks, of course), wellness reimbursement, quarterly recharge days, and a variety of other benefits focused on providing the best employee experience. (Disclaimer: interns and contractors are not eligible for benefits at CTC) Our Commitment to Diversity, Equity and Inclusion At CTC, we aim to cultivate a workplace that celebrates diversity and each person feels included, engaged and empowered. Where each of us feels we belong. We are committed to having a diverse workforce and are proud to be an equal opportunity employer. CTC does not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or to apply for a position, please contact us at ***********************. Note that emails sent to this email account for non-disability related issues, such as following up on an application, will not receive a response. Use of Artificial Intelligence (AI) Information submitted by job applicants may be subject to review and analysis by automated systems, including Artificial Intelligence (AI), as part of the recruitment process. Such systems are utilized to enhance the efficiency and effectiveness of our hiring procedures. Applicants are advised that any information provided may be evaluated by AI tools to ensure an equitable and thorough assessment.

Note: This job does not offer any Visa sponsorship. We are looking for applicants already living in the USA. Our client is seeking a highly skilled and motivated Cyber Security Engineer to their dynamic team. As a Cyber Security Engineer, you will be responsible for protecting our organization's computer systems, networks, and data from cyber threats. You will play a critical role in designing, implementing, and maintaining security measures to ensure the integrity, confidentiality, and availability of our systems. Key Responsibilities: Design, implement, and maintain robust security architectures for IT systems and networks. Conduct thorough analyses of potential cyber threats and vulnerabilities to our systems. Develop and implement response plans for security breaches, including immediate actions to contain and mitigate damage. Continuously monitor systems for security breaches, analyze security alerts, and provide timely responses. Perform regular risk and vulnerability assessments to identify and address security weaknesses. Provide training and guidance to staff on security policies, procedures, and best practices. Maintain detailed documentation of security measures, incidents, and remediation activities. Work closely with IT professionals, departments, and external partners to strengthen overall security posture. Qualifications: Bachelors degree in Cyber Security, Computer Science, Information Technology, or a related field. Proven experience in cyber security roles, with a strong understanding of security protocols, cryptography, authentication, and authorization. Proficiency in security technologies such as firewalls, IDS/IPS, antivirus software, and SIEM systems. Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Strong analytical and problem-solving skills to identify and address security issues. Excellent verbal and written communication skills to effectively convey security concepts to non-technical stakeholders. Meticulous attention to detail to identify and mitigate potential security threats. Preferred Qualifications: Masters degree in Cyber Security or a related field. Experience in industries such as finance, healthcare, or government. Familiarity with programming languages like Python, Java, or C++ for automation and scripting. Knowledge of cloud security practices and experience with platforms like AWS, Azure, or Google Cloud.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client.* Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Role -Business Analyst/ Information Security Governance Analyst Project Overview: We are seeking an analyst with experience in governance of security products, authentication, authorization, and access management with business analysis background. These resources will support the SaaS initiatives Contractor's Role: As a member of Governance team you will play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .Net etc. Experience level: Level 3 Qualifications - Bachelor's degree in computer science, audit or a related discipline and experience in information security, or an equivalent combination of education and work experience. - Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. - 5 -6 years of experience in the Information Security or Audit role. - Strong collaboration skills and a analytical ability - Knowledge of SOX methodology implementation for applications & Internal & External Audit executions Requirements Nice to Haves: - Knowledge on Obsidian Remediation Tasks & Responsibilities - Drive governance and risk framework around applications using authentication and authorization - Define and respond to risks surrounding the business functions and the security capabilities - Define and respond to audits from internal and external parties - Knowledge of control execution and design - Collect and maintain evidence of control testing - Collect and maintain evidence of application attestation to standards

Full-time Description WHO WE ARE: At ZBeta we endeavor to be the most sought-after Security Partner in the world. This drives every decision we make, and the most effective way to realize this goal is through garnering a reputation for excellence and innovation in everything we do. The ZBeta Innovation Lab (LabZ) initiative is a specialized team and program with the mission of inventing, developing, testing, and analyzing better ways, both big and small, to do physical security - for us, for our clients, and for the industry. LabZ seeks to optimize the value of physical security to the client's business mission, to optimize the value of the solutions we recommend, design, deliver, and manage, and to continuously identify opportunities to perform at a higher level. The LabZ program helps ensure that ZBeta and its approach are always data-driven, technology-led, and human-centered. Find out more about us here. WHO YOU ARE: You are a forward-thinking strategic partner with a passion for the physical security mission and for building programs, optimizing operations, and delivering integrated solutions. You excel in fast-paced settings where your leadership abilities can catalyze meaningful action and tangible progress towards objectives. You thrive in a workplace culture that is: Innovative Excellence Focused Reliable Detail Oriented Adaptable Highly Organized Client Obsessed Curious Resilient Does this sound like you? If so, join us in our mission to redefine security standards and make a lasting difference in our community. WHAT YOU'LL DO: The Physical Security Research Engineer (PSRE) is a critical resource of the ZBeta LabZ team and will conduct research and proof of concept (PoC) testing at the LabZ facility for clients and internal teams. The PSRE assists in requirements gathering, testing, and report production in the ZBeta LabZ program and leads, develops, manages, and completes key LabZ efforts for the testing and analysis of stand-alone and integrated physical security technology solutions. The PSRE is familiar with security software applications, integrations, and network-connected devices and engages both internally and externally, working collaboratively with other LabZ engineering resources and with project and production team members. The PSRE will help grow, mature, and optimize the LabZ program by contributing to the tools and processes LabZ uses to effectively evaluate physical security products against real-world design requirements and generate research reports. This is an in-office position at the ZBeta LabZ location in Schiller Park, IL. Relocation assistance provided. Core Competencies Growth Minded: High self-awareness of strengths and areas for development with a curiosity and appetite for change and innovation Data-Driven: Strong analytical skills, with the ability to work effectively with data and think critically Collaborative: Ability to solicit and understand multiple perspectives and maximize the application of team talent and experience Evaluative: Ability to evaluate outputs rigorously to ensure consistent excellence in delivery Tactical: Ability to recognize current priorities, manage changes and risks, and efficiently clear roadblocks and resolve issues Position Responsibilities The essential duties and responsibilities include, but are not limited to the following: ZBeta Lab Environment In partnership with ZBeta LabZ team, maintain a ZBeta test/dev environment of technology solutions that represent both client and industry standards. Work with ZBeta IT to build appropriate server environments and remote access abilities for LabZ platforms. Load, configure, and update Lab environment software applications, and wire, connect, and configure test hardware, devices, and technologies. Design and build (or manage the production of) custom testing apparatus, devices, and mechanisms. Maintain current knowledge of and training in key applications and products. Solution Testing Work with ZBeta LabZ team and client resources to plan, implement, and conduct hands-on testing of physical security products, applications and functions, and integrated solutions. Lead the development of testing concepts to address client and industry needs, challenges, & opportunities. Manage and execute testing scope related to server, application, and IoT elements. Create test plans and testing requirement documentation, record and analyze testing results, and document outcomes and conclusions in testing reports. Research & Requirements Gathering Conduct studies and analysis of technology categories, trends, solution proposals, and industry approaches. Research, collect, and analyze relevant documentation and data to reach meaningful conclusions, form opinions of value propositions, generate ideas for solutions and approach improvement, and categorize study topics in terms of potential application and impact to client and industry needs and expectations. Work with consultants to gather requirements for client proof of concept tests and internal teams for quarterly research projects. Research Program Development Assist in the development and ongoing management of process, approach, and standards for the research performed in the ZBeta LabZ program. Identify opportunities and initiatives for improvements in the efficiency and thoroughness of ZBeta LabZ research deliverables. Hold regular research update meetings to review, improve, and manage the status of ongoing projects and deliverables. Requirements WHAT YOU'LL NEED: Experience: 5+ years of physical security industry and technology experience. 3+ years of experience in a software or hardware engineering role. Education: Bachelor's degree in engineering, computer science, or related technical field, or equivalent work experience Knowledge: Knowledge of and working familiarity with server and network storage solutions, operating systems architecture and key considerations, and network architecture models and principles. Professional knowledge of and training in the principles of electrical systems, components, and circuits. Skills: Highly proficient in the use of Microsoft Office applications including Word, Excel, PowerPoint, Teams, OneNote and Visio Proficiency in project management tools, such as MS Project, SharePoint and QuickBase Training and manufacturer certification in multiple industry-leading platforms and equipment components, with particular emphasis on software applications and network-connected security devices. Genetec and LenelS2 experience a plus. Abilities: Demonstrated excellence in communication and interpersonal skills, with proven ability to communicate and present complex information to technical and non-technical stakeholders, both verbally and in written form Strong technical documentation, technical writing, and data analysis and interpretation skills Exceptional attention to detail and highly organized, with the ability to prioritize and balance workloads Team player with the ability to establish collaborative working relationships across all levels of the organization Self-directed problem solver who takes the initiative to start projects, work unsupervised, complete tasks independently, solve roadblocks, and address issues before they become problems Physical Demands: Lifting and Carrying: Ability to lift and carry equipment weighing up to 50 lbs or more, including cameras, control panels, and tools. Climbing and Crawling: Must be able to climb ladders, scaffolding, and operate a high lift to install and maintain equipment Manual Dexterity: Requires good hand-eye coordination and fine motor skills for handling tools, wiring components, and making precise adjustments to security systems Kneeling, Squatting, and Crawling: Must be comfortable kneeling, squatting, or crawling to install or troubleshoot security equipment. WHAT WE OFFER: Competitive salary based on job-related skills, experience, and qualifications Our excellent benefits package includes 100% paid premiums on health, dental, vision, and life insurance, a 401(k) retirement plan, and significant work schedule and workplace flexibility. Diverse and supportive culture WHAT'S IMPORTANT TO KNOW: Full-time, in-office role at our Schiller Park, IL LabZ facility (relocation assistance provided). While ZBeta is a remote-first company, this role requires hands-on, on-site lab work. This position is not eligible for visa sponsorship Candidates must be able to meet client and/or government security screening requirements for the role This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. As a condition of employment, the successful candidate will be required to provide proof of citizenship. The successful completion of a background check is required upon hire and every two years thereafter We look forward to connecting with individuals who are passionate about our mission and can bring diverse contributions to our team - not just those who check all the boxes. We are committed to creating a supportive, encouraging environment where everyone can fully express their diverse perspectives, showcase their talents, and grow their knowledge, skills, and abilities. The base pay offered will depend on factors, including but not limited to job-related knowledge, skills, experience, and internal equity. At ZBeta, new hires are rarely placed at the top of the pay range; compensation is determined by the specific circumstances of each position and candidate. A note to third-party recruiters - we do not accept unsolicited agency resumes, and we are not responsible for any fees related to unsolicited resumes. Salary Description $110,000 - $130,000

The Role We're looking for an Information Security Governance, Risk & Compliance Analyst to join our growing Information Security team. This role will be reporting to the Manager of Information Security Governance, Risk & Compliance. Our security team works to create a strong Information Security function within GTI that enables the business to continue its tremendous growth. The Information Security Governance, Risk & Compliance Analyst is responsible for maintaining continuous compliance with security policies, industry laws, and regulations (HIPAA, SOX, NIST, etc.). The candidate must communicate effectively with business partners and team members to help raise the level of security awareness, security compliance, and security risk. The candidate will perform environment-specific risk assessments factoring in both qualitative and quantitative risks and assist with the deployment of various controls based on those assessments. This role will also involve ongoing monitoring and improvement of security governance, ensuring a proactive approach to risk management. The role is based out of our Chicago, office. While the role is primarily remote, you need to live in the Chicagoland area and commute to the office on an as needed basis. Responsibilities Own the relationship working with IT and business stakeholders to perform ongoing internal and vendor risk assessments, providing reporting to stakeholders, and ensuring appropriate action is taken. Update and track KPIs from the Information Security risk register and work with stakeholders on developing Corrective Action Plans to address risks. Provide guidance to newer staff working with internal IT stakeholders for vulnerability management, ensuring vulnerabilities are remediated in accordance with policy and SLAs. Own the process for working with IT and business stakeholders to perform ongoing compliance reviews in line with security policies, information security regulations (HIPAA, SOX/ITGC), and security frameworks (NIST, MITRE, etc.). Assist with ongoing internal operations and tasks, including ITGC security reviews. Spearhead the ongoing internal and external SOX and HIPAA audits and other security audits that are relevant to GTI's business. Provide updates and insight during the development and maintenance of Information Security policies, standards and procedures, aligning with NIST. Lead the identification of security training and awareness initiatives for the organization. Participate in incident response tabletops, business continuity tests, and other compliance activities and exercises. Maintain KPIs and KRIs for Information Security risk & compliance activities. Execute tasks as a member of the Information Security team as assigned by management. Provide mentorship and guidance to Associate Information Security GRC Analysts. Stay up to date on relevant laws and regulations to ensure continuous compliance and audit readiness. Collaborate with the IT and security teams in response to security incidents, ensuring proper documentation and reporting. Qualifications 3+ years of experience with responsibilities relating to security and compliance. Bachelor's degree or higher in Information Security or Information Technology may help you stand out but is not required. Demonstrated work experience can be substituted. Strong written and oral communication skills. Strong conceptual understanding of Information Security theories. Knowledge of network, application, and cloud security controls. Knowledge of regulatory frameworks and compliance standards such as NIST, MITRE, OWASP, HIPAA, PCI-DSS and SOX. Strong analytical and problem-solving skills with well-organized and structured work habits, and the ability to identify and mitigate risks. Security certifications, such as CRISC, CISA are preferred, but not required. We're doing some big things, and we'll find some roadblocks along the way, big and small. A big part of this role is keeping an even keel and finding the route through or around the obstacles. This role requires lots of communication with customers and everyone at GTI. Your colleagues will rely on your ability to translate security requirements into digestible bits of information for them. Customers will expect you to quickly articulate components of the GTI security program to help them assess risk, including as part of the business development process. An insatiable intellectual curiosity and the ability to learn quickly in a complex space. Additional Requirements Must pass any and all required background checks Must be and remain compliant with all legal or company regulations for working in the industry Must be a minimum of 21 years of age #LI-HYBRID The pay range is competitive and based on experience, qualifications, and/or location of the role. Positions may be eligible for a discretionary annual incentive program driven by organization and individual performance. Green Thumb Pay Range$80,000-$100,000 USD

About the Role MetroSys is seeking a skilled Information Security Engineer II to support and lead efforts around vulnerability management within a dynamic, enterprise-scale environment. This individual will be instrumental in identifying and addressing security vulnerabilities across systems, networks, and applications. The ideal candidate brings a deep understanding of vulnerability scanning tools, remediation prioritization, and collaborative risk mitigation strategies. You will work closely with cross-functional teams to enhance the organization's security posture and help ensure compliance with industry standards. If you thrive in fast-paced environments and are passionate about cybersecurity, this is an exciting opportunity to grow and make an impact. Key Responsibilities Lead the end-to-end vulnerability management lifecycle: scanning, analysis, prioritization, reporting, and remediation tracking. Perform regular vulnerability assessments and support remediation efforts in collaboration with infrastructure and application teams. Track and assess emerging threats and zero-day vulnerabilities using vendor bulletins and threat intelligence feeds. Generate reports and dashboards to communicate risk posture and mitigation progress to technical and executive stakeholders. Maintain and optimize vulnerability scanning tools to ensure full visibility and accurate detection across the environment. Assist in security incident response involving known or suspected exploited vulnerabilities. Support regulatory and compliance audits (e.g., PCI, NIST, HIPAA) by providing documentation and metrics. Continuously improve processes, documentation, and tooling in the vulnerability management program. Qualifications Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience). 3+ years of experience in information security, with a strong emphasis on vulnerability management. Hands-on experience with scanning tools (e.g., Tenable, Qualys, Rapid7). Solid understanding of network architecture, operating systems (Linux, Windows), and web applications. Familiarity with CVSS scoring, risk modeling, and remediation prioritization frameworks. Ability to work with scripting or automation tools (Python, PowerShell, Bash) is a plus. Excellent communication and problem-solving skills; ability to clearly explain security findings to non-security audiences. Experience with compliance frameworks such as PCI DSS, NIST, HIPAA, or ISO 27001. Relevant certifications are a plus (e.g., CISSP, Security+, LFCS, RHCSA).

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

AYR Global IT Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations by providing proven and experienced consultants to our clients. Our competitive, transparent pricing model and industry experience make us a top choice of Global System Integrators and enterprise customers with federal and commercial projects supported nationwide. Job Role: Data and System Security Engineer Location: Lincolnshire, IL Duration: 6+ Months Qualifications Job Description: Data and System Security engineer Experience with data encryption management solutions, such as Vormteric and CloudLink Experience with PKI management solutions, such as ADCS and External providers Investigative and analytical problem solving skills Customer service/support experience Additional Skills:PKI Knowledge of encryption management technologies, such as Vormetric, CloudLink. Additional Information If anyone might be intersted please send resumes to kmarsh@ayrglobal (dot) com or you can reach me direct at **************

Build your best future with the Johnson Controls team As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of buildings to serve people, places and the planet. Join a winning team that enables you to build your best future! Our teams are uniquely positioned to support a multitude of industries across the globe. You will have the opportunity to develop yourself through meaningful work projects and learning opportunities. We strive to provide our employees with an experience, focused on supporting their physical, financial, and emotional wellbeing. Become a member of the Johnson Controls family and thrive in an empowering company culture where your voice and ideas will be heard - your next great opportunity is just a few clicks away! What we offer Paid vacation/holidays/sick time - 15 days of vacation first year Comprehensive benefits package including 401K, medical, dental, and vision care - Available day one Extensive product and on the job/cross training opportunities with outstanding resources Encouraging and collaborative team environment Dedication to safety through our Zero Harm policy Check us Out: A Day in a Life at Johnson Controls: What you will do Under specific direction, assists in the design, configuration, and operation of building systems including security, fire, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Assists in the development of software programs, commissioning and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How you will do it Design and configure technically complex Security & Fire systems as defined by the contract documents. Create flow diagrams, sequence of operations and bill of material, network layouts and electrical schematics as required. Develop and test software programs necessary to operate the system per the intent of the project requirements. Use your ability to integrate different Security subsystems with each other. Coordinate and create the necessary drawings and equipment schedules for submittals and installation. Select, order, and track the delivery of materials for assigned projects. Coordinate factory-mounting processes to meet factory and project schedule. Assist in the loading and commissioning of all system and network-level controllers as required. Assist in validation of complete system functionality and troubleshoot problems with subcontractors and other trades to ensure proper operation. Provide field change information to the project team for the creation of as-built drawings and software. Keep management and JCI contractor or customer informed of job progress and issues. Assist in performing site-specific training for owner / operator on the total building control system. Participate in release meeting with project field team. Perform value engineering to provide cost effective results while maintaining customer satisfaction. Adhere to safety standards. Operate with a high degree of regard to employee and subcontractor safety. What we look for: Required Experience in setting up application deployment (Installation, Configuration, Integration with other components) on Cloud environment based on underlying Application Architecture Experience in Disaster Recovery setup Administration, Maintenance and support of the Application instances on Reference, Validation and Customer environments Identify any known incident resolutions using a knowledge management system Apply identified resolutions to the incident and interact with the customer to ensure the incident has been properly resolved Antivirus - Symantec (Installation, updates and remediation's of antivirus client for servers and computers Off-shift support for machine moves quarterly maintenance Deployment of physical and virtual server deployment, troubleshooting and maintenance Ability to learn security software programs (I.E. C-cure9000, Milestone, Genetec) Strong technical skills in the domain of Windows Server 2008/2012, Microsoft Hyper-V and SCCM/SCOM/SCVMM is essential Basic MS SQL database and scripting skills is an asset Basic MS SQL database and scripting skills is an asset HIRING SALARY RANGE: $85,000 - $106,000 Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** #LI - AD2 #LI - DS1 Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities include, but are not limited to: * In-depth analysis of malware, including authoring analysis reports. * Tracking malware campaigns, malicious actors, and related infrastructure. * Creation of tools and scripts to assist in the analysis of malware analysis. * Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications: * Strong direct experience of analyzing malware. * Intermediate to advanced malware analysis skills. * Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e-crime, and cyber espionage actors. * Experience creating tools and scripts to accelerate malware and threat analysis. * Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. * Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. * Experience authoring YARA, Suricata, and EKFiddle detection rules. * Experience with penetration testing and/or adversary emulation is a plus. * Able to work independently on tasks, but also work well within a team environment Desired Qualifications: * Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills: * Cyber Security * Data Privacy and Protection * Problem Solving * Process Management * Threat Analysis * Business Acumen * Data and Trend Analysis * Interpret Relevant Laws, Rules, and Regulations * Risk Analytics * Stakeholder Management * Access and Identity Management * Data Governance * Encryption * Information Systems Management * Technology System Assessment Shift: 1st shift (United States of America) Hours Per Week: 40