Cyber security analyst jobs in Hobart, IN

Job Title: Senior Information Security Engineer - AI Primary Location: Rosemont, IL - Hybrid, 3 days onsite Direct Hire TalentFish is casting a line for a Senior Information Security Engineer - AI/Artificial Intelligence. This is a Direct Hire role based in Rosemont, IL with a hybrid schedule (3 days onsite) with our premier client. This is a new, exciting position within an awarded top Chicago employer organization where you'll contribute to the organization's Responsible Artificial Intelligence governance by assessing the security, integrity, and risks associated with the use of AI models and technologies. This role is hands-on and works closely with multi-disciplinary teams to evaluate AI use cases and maintain AI security frameworks and standards. What You Bring to the Role (Ideal Experience) • Bachelor's degree in Computer Science, Mathematics, or related field • 5+ years of total professional experience, including security, data security, or control validation experience • 2-3 years of practical, hands-on experience working with Artificial Intelligence technologies; working directly with AI models or ML systems • Ability to evaluate AI model risks, including bias, data exposure, data leakage, and model poisoning • Data processing or analytics skills are a plus What You'll Do (Skills Used in This Position) • Lead security assessments for AI models, including Large Language Models (LLMs), Natural Language Models (NLMs), and Small Language Models (SLMs) • Participate in review committees to assess AI use cases for value, complexity, feasibility, risk, compliance, and strategic alignment • Review AI architecture and usage within internal and third-party solutions to ensure adherence to AI security frameworks and regulatory requirements • Support development and maintenance of AI security standards, frameworks, and governance models • Provide education on AI security best practices, emerging risks, and mitigation strategies • Perform additional related responsibilities as required Compensation Information The expected salary range for this position is $120,000 - $150,000 per year, depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, 401(k), and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations. This role requires authorization to work in the U.S. without current or future visa sponsorship. All offers are contingent upon the completion of a background check, which may include but is not limited to reference checks, education verification, employment verification, drug testing, criminal records checks, and any required certifications or compliance requirements based on the end client's background check policies and applicable laws. TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening, and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible. At TalentFish we are an Equal Opportunity Employer; we embrace and encourage diversity!

About Us Founded in 2014, we offer the industry's first and only cloud-based, fully-customizable, end-to-end software solution to automate securities-based lending from origination through the life of the loan. By combining thought leadership in suitability and risk management with industry-leading education and the latest technology, Supernova enables advisors to deliver holistic, goals-based advice and to help their clients achieve financial wellness. We partner with the industry's largest banks, most prominent insurance companies and leading online brokerages to democratize access to securities-based lending and better the entire financial ecosystem. Why Join Supernova? At Supernova Technology, we believe that the best results come from a team that is passionate, driven, and supported in all aspects of their professional lives. Here, you'll work alongside talented and innovative individuals who are committed to driving the future of securities-based lending technology. We foster a culture of collaboration, continuous learning, and growth, where each person's contributions make a real impact. Job Overview We are seeking a highly motivated and detail-oriented Security Engineer to help secure our securities-backed lending SaaS platform. The successful candidate will focus primarily on application security, secure SDLC, and application vulnerability management, while also assisting with the execution and implementation of broader information security initiatives. You'll partner with engineering, SRE/DevOps, and business teams to embed security into our build and delivery processes, support risk reduction across cloud and endpoint surfaces, and drive measurable remediation outcomes in a regulated financial-services environment. RESPONSIBILITIES: Perform hands-on web/API penetration tests, validate scanner findings, and provide clear PoCs, impact statements, and prioritized remediation aligned with OWASP. Integrate and tune SAST, DAST, SCA, container, and secret-detection tools in CI/CD; define pass/fail gates and PR checklists. Conduct lightweight threat modeling and security design reviews for new features such as authentication, session management, and secrets handling. Manage the full application vulnerability lifecycle (discover → prioritize → fix → retest → close) with SLAs and metrics. Assist in hardening AWS and ECS/Docker workloads (IAM roles, network segmentation, image policies, logging/monitoring) and support patch hygiene across cloud, container, and endpoints. Participate in incident response, including exploit reproduction, log analysis, impact assessment, and lessons learned. Provide evidence for audits (ISO 27001, SOC 2, NIST SSDF), maintain policies and developer guidance, and support vendor/security evaluations. Translate findings into developer-ready tickets, publish secure-coding guidance, and partner with engineering to streamline secure delivery. Prototype automation, explore AI/LLM-assisted workflows to improve triage and code review, and share improvements across teams. Contribute to organization-wide cybersecurity training and awareness efforts. QUALIFICATIONS: Bachelor's degree in security engineering, information assurance, or related field. 2-3 years of experience in security or software engineering (internships, labs, or open-source count), preferably in regulated industries. Strong knowledge of web/API security issues (auth, session management, injections, SSRF, CSRF, access control) and common cloud/web misconfigurations. Experience with SDLC security tools (SAST/DAST/SCA/secret detection/container scanning), CI/CD workflows, and Git. Scripting or coding skills (Python or JavaScript/TypeScript) and ability to read backend code. Familiarity with AWS security basics (IAM least privilege, KMS, logging/monitoring, security groups) and Docker/ECS runtime considerations. Clear communication skills with the ability to translate risk into actionable remediation. Experience using AI/LLM-assisted tools for triage, documentation, or code review preferred. Exposure to WAF/CDN tuning, API protection, and risk-based remediation SLAs/metrics preferred. Familiarity with frameworks like OWASP ASVS/SAMM, NIST SSDF, ISO 27001, SOC 2, PCI DSS preferred. Relevant security certifications preferred. Our Employee Benefits At Supernova Technology, we provide a robust benefits package to support the health and well-being of our employees. Our offerings include: Medical, Dental, and Vision Insurance: Multiple plans with coverage for employees and dependents. HSA and FSA Accounts: Tax-advantaged accounts for health and dependent care expenses. Life and Disability Insurance: Employer-paid basic coverage with options for additional voluntary coverage. Compensation: $95,000 - $130,000 Retirement Savings: 401(k) plan with employer contributions. Employee Assistance Program (EAP): Confidential support services, including free therapy sessions. Paid Time Off: Flexible PTO policies. Additional Perks: Commuter benefits, pet insurance, continuing education assistance, and more. Note: Actual salary at the time of hire may vary and may be above or below the range based on various factors, including but not limited to, the candidate's relevant qualifications, skills and experience, and the location where this position may be filled. Our Core Values Our core values drive everything we do. At Supernova, we... Form, execute, and communicate new ideas that add value to our employees and customers Strive through obstacles and failures Follow-through on promises or commitments to others, accept responsibility, and answer for actions & decisions Listen to, understand, and support our employees and customers Act with speed, positive attitude, and flexibility Exceed expectations and surpass ourselves every day; we embrace a sense of pride and never stop growing Join us and make an impact while growing your career at Supernova.

Salary: Open + Bonus Hybrid: 3 days onsite, 2 days remote *This role is open to H1B transfer* Qualifications Bachelors' degree including 6+ years of related experience Experience in one or more of the following disciplines: security operations, development, engineering, or architecture Experience supporting privileged access management and access controls programs. Professional or personal experience using AI coding agents such as OpenAI Codex, Claude Code, or Gemini CLI. Expertise in providing operational and engineering support for one or more of the following: CyberArk, HashiCorp Vault, Active Directory Certificate Services (ADCS), HSMs, and Public Key Infrastructure (PKI). Expertise in scripting languages and developing in one or more of the following languages Golang, Bash, Python, PowerShell, Ansible, and/or Terraform. Knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation. Knowledge of application authentication and authorization systems (i.e., Active Directory, OAuth 2.0, OIDC, AWS IAM, App Role, k8s, LDAPS, Kerberos, Certificate) Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. Working knowledge of security architecture design and principles including confidentiality, integrity and availability. Responsibilities Manage privileged access systems that protect most critical assets, implement AI-based security capabilities, and help shape security architecture. Provide 24x7 operational support for the suite of privileged management solutions (e.g., CyberArk, Hashi, PKI), including implementing hot fixes, resolving bugs, troubleshooting issues, performing break-fixes, managing secrets lifecycle, and delivering end-user support. Maintain robust operational integrity of privileged access management infrastructure throughout its lifecycle (e.g., patching, version control, system upgrades, etc.). Provide organizational subject matter experts on secrets management and privileged access management architecture, establishing and enforcing security as code principles throughout the environment. Develop and implement system enhancements to improve platform user experience and automated integrations, while designing long-term solutions to address operational issues through innovative technologies including artificial intelligence for faster detection and remediation of functional and technical problems.

About the Company: A Leading Financial Service Client is looking to hire a strong Security Engineer who can lead Red team exercises against a hybrid environment using threat intelligence and the MITRE Telecommunication&CK Framework. Responsibilities: Approx 8 years' experience with industry standard Red Team testing tools (Cobalt Strike, Mythic C2, Rubeus, Bloodhound, Covenant, etc.) or the ability to demonstrate equivalent knowledge. Expert understanding of how an Advanced Persistent Threat could compromise a financial institution without using phishing. Expert understanding of Red Team concepts, tools, and automation strategies. Expert understanding of MITRE Telecommunication&CK framework tactics, techniques, and procedures. Expert understanding of measuring and rating vulnerabilities based on principal characteristics of a vulnerability. Expert understanding of Windows and Linux system hardening concepts and techniques.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Ann & Robert H. Lurie Children's Hospital of Chicago provides superior pediatric care in a setting that offers the latest benefits and innovations in medical technology, research and family-friendly design. As the largest pediatric provider in the region with a 140-year legacy of excellence, kids and their families are at the center of all we do. Ann & Robert H. Lurie Children's Hospital of Chicago is ranked in all 10 specialties by the U.S. News & World Report. Location 680 Lake Shore Drive Job Description The Incident Response Analyst helps guide resources to prepare for, coordinate, and respond to incidents, including, but not limited to, computer security vulnerabilities, malware, phishing, and social engineering, as well as associated forensic investigations. This position utilizes industry-leading security incident response procedures, performing frequent monitoring of incident detection control effectiveness and helping to inform preparedness exercises. This position effectively collaborates with managed detection and response, incident assistance, and security forensics partners. This position coordinates with internal emergency preparedness teams and contributes to a resilient business continuity posture. Essential Job Functions: Area Specific Job Accountabilities: Receive and triage incoming security alerts to determine their severity, priority, and relevance. Conduct initial triage and investigation of security incidents, including gathering and analyzing relevant data and logs. Analyze logs and security event data to identify indicators of compromise (IOCs) and potential security incidents. Conduct analysis of suspicious files, malware samples, or artifacts to understand their behavior and potential impact. Assist in the collection and preservation of digital evidence during incident investigation. Prepare detailed incident reports, documenting the timeline, actions taken, and lessons learned from each incident. Performs other duties as assigned. Knowledge, Skills, & Abilities: Bachelor's degree, preferably in Computer Science or related information security expertise. 2+ years of experience in information security incident response required. SANS GCIH (GIAC Certified Incident Handler), CISSP (Certified Information Systems Security Professional), CISA (Certified Information Security Auditor) or equivalent certification highly desired. Strong knowledge of information security forensics, security operations, security monitoring, technology implementation, risk analysis strategy, and NIST incident response life cycle. Experience and knowledge with information security frameworks, regulatory compliance, and regulatory bodies (e.g., HITRUST, NIST, HIPAA, DHHS). Goal oriented with the ability to lead team achievements toward desired results utilizing both internal and external resources. Professional communication, disciplined documentation, and commitment to following and improving processes and procedures. Familiarity and experience with crisis management, disaster recovery, and business availability programs and procedures Education High School Diploma/GED (Required) Pay Range $93,600.00-$154,440.00 Salary At Lurie Children's, we are committed to competitive and fair compensation aligned with market rates and internal equity, reflecting individual contributions, experience, and expertise. The pay range for this job indicates minimum and maximum targets for the position. Ranges are regularly reviewed to stay aligned with market conditions. In addition to base salary, Lurie Children's offer a comprehensive rewards package that may include differentials for some hourly employees, leadership incentives for select roles, health and retirement benefits, and wellbeing programs. For more details on other compensation, consult your recruiter or click the following link to learn more about our benefits. Benefit Statement For full time and part time employees who work 20 or more hours per week we offer a generous benefits package that includes: Medical, dental and vision insurance Employer paid group term life and disability Employer contribution toward Health Savings Account Flexible Spending Accounts Paid Time Off (PTO), Paid Holidays and Paid Parental Leave 403(b) with a 5% employer match Various voluntary benefits: Supplemental Life, AD&D and Disability Critical Illness, Accident and Hospital Indemnity coverage Tuition assistance Student loan servicing and support Adoption benefits Backup Childcare and Eldercare Employee Assistance Program, and other specialized behavioral health services and resources for employees and family members Discount on services at Lurie Children's facilities Discount purchasing program There's a Place for You with Us At Lurie Children's, we embrace and celebrate building a team with a variety of backgrounds, skills, and viewpoints - recognizing that different life experiences strengthen our workplace and the care we provide to the Chicago community and beyond. We treat everyone fairly, appreciate differences, and make meaningful connections that foster belonging. This is a place where you can be your best, so we can give our best to the patients and families who trust us with their care. Lurie Children's and its affiliates are equal employment opportunity employers. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin, ancestry, age, disability, marital status, pregnancy, protected veteran status, order of protection status, protected genetic information, or any other characteristic protected by law. Support email: ***********************************

Join the Global Information Security (GIS) department at CME Group as a Sr. Cyber Security Engineer - Threat Simulation. You will be an integral part of our Offensive Security organization, directly contributing to improving CME Group's security posture. This high-impact role is responsible for the execution of Red Team adversary emulations against our complex hybrid environment, proactively testing and strengthening our internal and internet-facing systems. You'll also be a key participant in Purple Team activities to continuously improve the organization's cyber detection and response capabilities. This is a perfect opportunity for a sharp, action-oriented engineer to become a key part of a team of highly skilled cybersecurity professionals who execute a pivotal role in protecting and defending national critical infrastructure. What You'll Get * Elevate your expertise in a supportive environment fostering continuous learning, rapid career progression, and an inclusive, global team culture. * Gain broad exposure to CME Group's diverse products, asset classes, and cross-functional teams, expanding your impact across critical financial infrastructure. * Receive a competitive salary and comprehensive benefits package. What You'll Do As a key member of our offensive security team, you will: * Execute high-impact Red Team exercises against our complex hybrid cloud environments, driven by real-world threat intelligence and the MITRE ATT&CK Framework. * Engineer and maintain robust Red and Purple Team infrastructure, continuously automating processes for efficiency and scale. * Co-design and lead joint Purple Team exercises, directly partnering with cyber defense to improve detection and response capabilities. * Innovate through continuous research into new offensive security TTPs (Tactics, Techniques, and Procedures) and drive knowledge transfer across the security organization. * Conduct specialized, ad-hoc offensive security tests utilizing industry-leading and internally developed tooling to uncover subtle security gaps. * Author comprehensive post-exercise reports, including detailed technical findings, compromise narratives, and strategic, risk-rated recommendations for remediation. * Mentor cyber defense teams during incident investigations, providing critical subject matter expertise on attacker tradecraft and mindset. * Champion security awareness and technical knowledge-sharing by collaborating with information security, technology, and business stakeholders. What You'll Bring We're looking for an engineer with a robust offensive mindset and a proven track record of breaking and building in complex enterprise environments. Technical Mastery * 5+ years' experience wielding industry-standard penetration testing and adversary emulation tools (e.g., Cobalt Strike, Sliver, Mythic, Bloodhound, Burp Suite). * Expert understanding of the MITRE ATT&CK Framework and advanced evasion techniques used to bypass modern security controls. * Strong comprehension of the cyber kill chain and the full lifecycle of an Advanced Persistent Threat (APT) targeting financial institutions. * Proficiency in at least one scripting language (e.g., Python, PowerShell) and experience with a compiled language (e.g., Go, C#) for tool development. * Deep experience attacking and securing complex cloud, on-prem, and hybrid environments, from initial access through actions on objective. * Solid knowledge of Windows and Linux system hardening concepts, Purple Team automation strategies, and vulnerability rating methodologies. * Proven experience with security within at least one major cloud provider (e.g., AWS, Azure, GCP). Nice to Haves: * Previous hands-on experience performing sophisticated adversary emulations/simulations specifically within the financial services sector. * A recognized offensive security industry certification (e.g., OSCP, GPEN, GXPN, OSWE, eCPTX) demonstrating specialized, high-impact skills. * Familiarity with modern enterprise security standards and frameworks (e.g., TIBER-EU, CBEST, NIST CSF). * Experience conducting offensive security exercises against emerging technologies, such as AI/ML systems or mac OS. #LI-DD1 #LI-Hybrid CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future. The pay range for this role is $116,600-$194,300. Actual salary offered will be dependent on a wide array of factors including but not limited to: relevant experience, skills, education and comparison to internal employees (where relevant). Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program. Through our benefits program, we strive to offer flexibility, value and choice. From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active pension plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic benefits package for our team and their dependents. CME Group: Where Futures are Made CME Group is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it - all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more. At CME Group, we embrace our employees' unique experiences and skills to ensure that everyone's perspectives are acknowledged and valued. As an equal-opportunity employer, we consider all potential employees without regard to any protected characteristic. Important Notice: Recruitment fraud is on the rise, with scammers using misleading promises of job offers and interviews to solicit money and personal information from job seekers. CME Group adheres to established procedures designed to maintain trust, confidence and security throughout our recruitment process. Learn more here.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

Washington, District of Columbia;Chicago, Illinois; Denver, Colorado **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (****************************************************************************************************** **Job Description:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities include, but are not limited to: - In-depth analysis of malware, including authoring analysis reports. - Tracking malware campaigns, malicious actors, and related infrastructure. - Creation of tools and scripts to assist in the analysis of malware analysis. - Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications: - Strong direct experience of analyzing malware. - Intermediate to advanced malware analysis skills. - Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e-crime, and cyber espionage actors. - Experience creating tools and scripts to accelerate malware and threat analysis. - Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. - Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. - Experience authoring YARA, Suricata, and EKFiddle detection rules. - Experience with penetration testing and/or adversary emulation is a plus. - Able to work independently on tasks, but also work well within a team environment Desired Qualifications: - Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills: + Cyber Security + Data Privacy and Protection + Problem Solving + Process Management + Threat Analysis + Business Acumen + Data and Trend Analysis + Interpret Relevant Laws, Rules, and Regulations + Risk Analytics + Stakeholder Management + Access and Identity Management + Data Governance + Encryption + Information Systems Management + Technology System Assessment **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service. Title: Principal, Cyber Security Engineer Role description The Principal, Cyber Security Engineer plays a crucial role in ensuring the security, compliance, and resilience of cloud environments, with a focus on supporting Policy as Code (PaC) and Infrastructure as Code (IaC) practices. This role involves implementing security controls, utilizing security tooling for Cloud Security Posture Management (CSPM), and collaborating with application developers' security champions. As a technical leader you will also mentor junior Engineers Responsibilities Design, implement and support security measures for cloud platforms (3rd Party, Open Source, native), with a specific emphasis on Azure and AWS Develop PaC and IaC maintaining security policies and procedures aligned with industry-standard frameworks such as CIS and NIST 800-53 Utilize and Implement CSPM tools such as Wiz and Defender to continuously assess, monitor, and enforce security controls Work closely with security champions in various business units, providing guidance and support for their specific security needs Contribute to cloud security roadmap to further enhance cloud security practices Conduct regular security assessments, audits, and reviews of cloud configurations Investigate and respond to security incidents, conducting root cause analysis and implementing corrective actions Mentor junior team members Skills Minimum of 3 years working in public cloud as an engineer or developer role Minimum of 5 years working as an Engineer, Developer, or Architect in Information Technology preferably Cyber Security Software Developer Experience (Python, GOLang, Java, etc.…) is a plus Strong understanding of cloud security principles and the integration of security into development workflows Experience and familiarity with at least 2-3 Cloud service provider security services of Azure (e.g., Defender for Cloud, Sentinel, Key Vault) and AWS (e.g., Config, CloudTrail, Macie, etc.) Strong hands-on experience codifying PaC (e.g., Rego) and using IaC provision tools (e.g., Terraform, ARM) Familiarity with Git-based version control CICD processes and technologies (e.g., GitHub Actions, GitHub Package Repository) Experience and familiarity with privileged access management and identity systems (e.g., Azure Entra, Okta, Ping) is a plus Hands-on experience with integrated testing tools Effective written and verbal communication skills to collaborate with cross-functional teams Desired certifications such as Azure Security Engineer Associate certification, and AWS-certified security - Specialty, CISSP and CCSP Salary Range: $137,400 - 233,600 USD Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component. Working with Us: As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at *****************. We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.

CTC is a cutting-edge proprietary trading firm with a long-term vision and a clear focus on helping the world price and manage risk. Our fun and trusting culture inspires us to solve the industry's most challenging problems and take calculated risks in a collaborative environment. We strive to be the most innovative firm in the industry today, tomorrow, and long into the future while upholding ethical excellence. We believe that CTC makes a positive impact on the markets, the lives of our employees, and all the communities to which we belong. Started in 1995 by a team of forward-thinking Traders, we are proud to call ourselves an industry leader that keeps making markets and each other better. THE ROLE Ready to make an immediate impact at the heart of cybersecurity? Join CTC as an Information Security Operations Engineer, where every day puts you front and center in defending our systems. This isn't just monitoring screens. It's live fire, quick thinking, and creative problem solving. You'll be using powerful tools, investigating real threats, and teaming up with passionate pros who will help you develop top-tier security skills. You'll get a backstage pass to how attacks unfold, sharpen your instincts, and design smarter, faster responses. Our Security Operations team is growing quickly, making a real impact, and leading the charge to keep our business safe. This is your chance to launch your cybersecurity career with immediate responsibility, plenty of variety, and a team that is genuinely invested in your growth. In this role, you will get an inside look at how security works at a trading firm, master core tools and playbooks, and collaborate with people who enjoy solving tough problems together. Every day is different, and every win matters. WHAT YOU'LL DO Monitor and triage alerts across security platforms such as SIEM, EDR, email, and identity, cutting through noise to kick off investigations as needed Execute and improve incident response playbooks by gathering evidence, containing low-severity events, escalating thoughtfully, and communicating clearly Perform daily security checks to ensure healthy systems, track issues through to closure, and keep runbooks updated Support phishing investigations and user-reported security events, sharing findings to keep our teams protected Assist with vulnerability and patch reviews alongside engineering, confirming that risks are remediated Create detailed case documentation including timelines, artifacts, observables, and post-incident summaries to support learning and improvement Suggest and build improvements for processes and playbooks, tuning detections and developing smart automations Collaborate with technology partners across the firm, sharing context and building trust through fast, reliable service Help teammates thrive, reduce repetitive work, improve signal over noise, and deliver consistent results WHAT WE'RE LOOKING FOR Genuine interest in cybersecurity operations and a drive to build a career in SOC or incident response. Internships, school projects, or labs are welcome Basic understanding of networking, Windows and Linux systems, and enterprise technology. Able to dig into logs and troubleshoot issues Familiarity with at least one core security tool or domain, such as SIEM, EDR, email security gateways, or identity and MFA, and ready to learn more Strong instincts for structured troubleshooting, evidence gathering, and writing clear documentation for tickets and incident handoffs Basic scripting or automation skills in Python or PowerShell, or a willingness to learn and automate repetitive tasks Curiosity, clear communication, and a collaborative mindset Detail-oriented and service-driven with a disciplined approach to procedures, meeting SLAs, and seeking ways to improve outcomes Willingness to join on-call or after-hours rotations as needed NICE TO HAVES Hands-on experience with security platforms such as SIEM queries, endpoint detections, phishing analysis, or sandboxing Familiarity with ticketing tools, incident tracking, or on-call workflows, and exposure to SOAR or automation tools Coursework, certifications, or labs in security operations, such as Security+, Splunk fundamentals, or networking basics Understanding of vulnerability management and experience working with engineering teams on remediation Compensation The salary range for this role is listed below. This role is also eligible for an annual discretionary bonus. The discretionary bonus will be dependent upon the individual's skills, experience, qualifications, and firm performance. Salary Range$150,000-$175,000 USD Most teams at CTC, with the exception of Trading, follow a hybrid workplace model, subject to change based on business need. Our Benefits We strongly believe in the well-being of our employees and their families so we offer outstanding benefits to support you both professionally and personally. These benefits include generous medical coverage, paid parental leave, free breakfast and lunch (plus healthy snacks, of course), wellness reimbursement, quarterly recharge days, and a variety of other benefits focused on providing the best employee experience. (Disclaimer: interns and contractors are not eligible for benefits at CTC) Our Commitment to Diversity, Equity and Inclusion At CTC, we aim to cultivate a workplace that celebrates diversity and each person feels included, engaged and empowered. Where each of us feels we belong. We are committed to having a diverse workforce and are proud to be an equal opportunity employer. CTC does not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or to apply for a position, please contact us at ***********************. Note that emails sent to this email account for non-disability related issues, such as following up on an application, will not receive a response. Use of Artificial Intelligence (AI) Information submitted by job applicants may be subject to review and analysis by automated systems, including Artificial Intelligence (AI), as part of the recruitment process. Such systems are utilized to enhance the efficiency and effectiveness of our hiring procedures. Applicants are advised that any information provided may be evaluated by AI tools to ensure an equitable and thorough assessment.

CTC is a cutting-edge proprietary trading firm with a long-term vision and a clear focus on helping the world price and manage risk. Our fun and trusting culture inspires us to solve the industry's most challenging problems and take calculated risks in a collaborative environment. We strive to be the most innovative firm in the industry today, tomorrow, and long into the future while upholding ethical excellence. We believe that CTC makes a positive impact on the markets, the lives of our employees, and all the communities to which we belong. Started in 1995 by a team of forward-thinking Traders, we are proud to call ourselves an industry leader that keeps making markets and each other better. THE ROLE Ready to make an immediate impact at the heart of cybersecurity? Join CTC as an Information Security Operations Engineer, where every day puts you front and center in defending our systems. This isn't just monitoring screens. It's live fire, quick thinking, and creative problem solving. You'll be using powerful tools, investigating real threats, and teaming up with passionate pros who will help you develop top-tier security skills. You'll get a backstage pass to how attacks unfold, sharpen your instincts, and design smarter, faster responses. Our Security Operations team is growing quickly, making a real impact, and leading the charge to keep our business safe. This is your chance to launch your cybersecurity career with immediate responsibility, plenty of variety, and a team that is genuinely invested in your growth. In this role, you will get an inside look at how security works at a trading firm, master core tools and playbooks, and collaborate with people who enjoy solving tough problems together. Every day is different, and every win matters. WHAT YOU'LL DO * Monitor and triage alerts across security platforms such as SIEM, EDR, email, and identity, cutting through noise to kick off investigations as needed * Execute and improve incident response playbooks by gathering evidence, containing low-severity events, escalating thoughtfully, and communicating clearly * Perform daily security checks to ensure healthy systems, track issues through to closure, and keep runbooks updated * Support phishing investigations and user-reported security events, sharing findings to keep our teams protected * Assist with vulnerability and patch reviews alongside engineering, confirming that risks are remediated * Create detailed case documentation including timelines, artifacts, observables, and post-incident summaries to support learning and improvement * Suggest and build improvements for processes and playbooks, tuning detections and developing smart automations * Collaborate with technology partners across the firm, sharing context and building trust through fast, reliable service * Help teammates thrive, reduce repetitive work, improve signal over noise, and deliver consistent results WHAT WE'RE LOOKING FOR * Genuine interest in cybersecurity operations and a drive to build a career in SOC or incident response. Internships, school projects, or labs are welcome * Basic understanding of networking, Windows and Linux systems, and enterprise technology. Able to dig into logs and troubleshoot issues * Familiarity with at least one core security tool or domain, such as SIEM, EDR, email security gateways, or identity and MFA, and ready to learn more * Strong instincts for structured troubleshooting, evidence gathering, and writing clear documentation for tickets and incident handoffs * Basic scripting or automation skills in Python or PowerShell, or a willingness to learn and automate repetitive tasks * Curiosity, clear communication, and a collaborative mindset * Detail-oriented and service-driven with a disciplined approach to procedures, meeting SLAs, and seeking ways to improve outcomes * Willingness to join on-call or after-hours rotations as needed NICE TO HAVES * Hands-on experience with security platforms such as SIEM queries, endpoint detections, phishing analysis, or sandboxing * Familiarity with ticketing tools, incident tracking, or on-call workflows, and exposure to SOAR or automation tools * Coursework, certifications, or labs in security operations, such as Security+, Splunk fundamentals, or networking basics * Understanding of vulnerability management and experience working with engineering teams on remediation Compensation The salary range for this role is listed below. This role is also eligible for an annual discretionary bonus. The discretionary bonus will be dependent upon the individual's skills, experience, qualifications, and firm performance. Salary Range $150,000-$175,000 USD Most teams at CTC, with the exception of Trading, follow a hybrid workplace model, subject to change based on business need. Our Benefits We strongly believe in the well-being of our employees and their families so we offer outstanding benefits to support you both professionally and personally. These benefits include generous medical coverage, paid parental leave, free breakfast and lunch (plus healthy snacks, of course), wellness reimbursement, quarterly recharge days, and a variety of other benefits focused on providing the best employee experience. (Disclaimer: interns and contractors are not eligible for benefits at CTC) Our Commitment to Diversity, Equity and Inclusion At CTC, we aim to cultivate a workplace that celebrates diversity and each person feels included, engaged and empowered. Where each of us feels we belong. We are committed to having a diverse workforce and are proud to be an equal opportunity employer. CTC does not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or to apply for a position, please contact us at ***********************. Note that emails sent to this email account for non-disability related issues, such as following up on an application, will not receive a response. Use of Artificial Intelligence (AI) Information submitted by job applicants may be subject to review and analysis by automated systems, including Artificial Intelligence (AI), as part of the recruitment process. Such systems are utilized to enhance the efficiency and effectiveness of our hiring procedures. Applicants are advised that any information provided may be evaluated by AI tools to ensure an equitable and thorough assessment.

Note: This job does not offer any Visa sponsorship. We are looking for applicants already living in the USA. Our client is seeking a highly skilled and motivated Cyber Security Engineer to their dynamic team. As a Cyber Security Engineer, you will be responsible for protecting our organization's computer systems, networks, and data from cyber threats. You will play a critical role in designing, implementing, and maintaining security measures to ensure the integrity, confidentiality, and availability of our systems. Key Responsibilities: Design, implement, and maintain robust security architectures for IT systems and networks. Conduct thorough analyses of potential cyber threats and vulnerabilities to our systems. Develop and implement response plans for security breaches, including immediate actions to contain and mitigate damage. Continuously monitor systems for security breaches, analyze security alerts, and provide timely responses. Perform regular risk and vulnerability assessments to identify and address security weaknesses. Provide training and guidance to staff on security policies, procedures, and best practices. Maintain detailed documentation of security measures, incidents, and remediation activities. Work closely with IT professionals, departments, and external partners to strengthen overall security posture. Qualifications: Bachelors degree in Cyber Security, Computer Science, Information Technology, or a related field. Proven experience in cyber security roles, with a strong understanding of security protocols, cryptography, authentication, and authorization. Proficiency in security technologies such as firewalls, IDS/IPS, antivirus software, and SIEM systems. Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Strong analytical and problem-solving skills to identify and address security issues. Excellent verbal and written communication skills to effectively convey security concepts to non-technical stakeholders. Meticulous attention to detail to identify and mitigate potential security threats. Preferred Qualifications: Masters degree in Cyber Security or a related field. Experience in industries such as finance, healthcare, or government. Familiarity with programming languages like Python, Java, or C++ for automation and scripting. Knowledge of cloud security practices and experience with platforms like AWS, Azure, or Google Cloud.

The Role We are seeking a hands-on, outcome-driven Information Security Engineer who thrives at the intersection of technical execution and security operations mentorship. You will design, deploy, and maintain security technologies, lead incident response alongside our analysts, and serve as a force multiplier for the security program. This role requires a builder mindset-you won't just keep the lights on, you'll create repeatable processes, automation, and measurable improvements. You'll also be expected to mentor our analysts, helping them grow while raising the overall maturity of our SOC. This role will be reporting to the Information Security Operations Manager. This role is based in Chicago. The role is primarily remote but you must live within the Chicagoland area to come into the office as needed. Responsibilities Operational Excellence Lead incident response cases, ensuring timely containment, eradication, and recovery. Oversee daily system operations, tuning, and health of security tools (SIEM, EDR, email security, vulnerability management, DLP, DNS protection). Own the vulnerability management cycle: identification, prioritization, and remediation tracking against defined SLAs. Provide Tier 3 escalation support and guidance for SOC and analyst team. Engineering & Architecture Design and implement security controls across network, endpoint, application, and cloud environments. Drive automation and SOAR integrations to reduce analyst fatigue and increase response speed. Build and maintain playbooks, standard operating procedures, and evidence packs for compliance frameworks (NIST 2.0, SOC 2, HIPAA). Conduct penetration testing and application security assessments, validating remediation. Mentorship & Enablement Act as point of contact for incident escalations, providing calm, clear direction. Mentor security analysts and guide them in investigative techniques, root cause analysis, and threat hunting. Represent InfoSec in change advisory board (CAB) and project management meetings, ensuring security-by-design. Translate technical risks into business impact for stakeholders across retail, cultivation, and HQ operations. Qualifications Bachelor's degree or higher in Information Security, or at least 6 years' experience in Information Technology, or 4 years in Information Security. ISC(2) CISSP, ISC(2) CCSP, CCNA-S, or similar certifications can help you stand out, but not required. Experience in executing security solutions from concept through deployment. Experience in Incident Response. Strong understanding of Information Security technologies, design, and architecture. Proven track record of training or mentoring fellow colleagues. Demonstrated ability to self-direct tasks with minimal supervision to achieve goals. Strong written and oral communication skills. Deep knowledge of network, endpoint, application, and cloud security. Foundational knowledge of CIS, COBIT, NIST, MITRE, OWASP, or other common security frameworks or control schemes. Foundational knowledge of risk management and disaster recovery planning / management. Foundational knowledge of compliance standards like SOX, SOC2 and ISO 27001 or regulations like GDPR, PCI, CCPA, HIPAA. Strong problem-solving skills with well-organized and structured work habits. Ability to keep calm in high-stress or emergency situations. Ability to think abstractly and critically to consider potential concerns and determine their validity. Ability to discuss highly technical situations in terms that non-technical stakeholders can effectively understand. An insatiable intellectual curiosity and the ability to learn quickly in a complex space. Additional Requirements Must pass any and all required background checks Must be and remain compliant with all legal or company regulations for working in the industry Must be a minimum of 21 years of age #LI-HYBRID The pay range is competitive and based on experience, qualifications, and/or location of the role. Positions may be eligible for a discretionary annual incentive program driven by organization and individual performance. Green Thumb Pay Range$110,000-$140,000 USD

Information Security Analyst STATUS: Full time DEPARTMENT: Information Security Office DIVISION: Information Technology CLASSIFICATION: Exempt UNION: Non-Union REPORTS TO: Senior Director Information Security PLACEMENT: Professional staff, S11 HIRING RANGE: $70,689 - 79,526 Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The student population at the college is diverse in ethnicity, gender, language, age and background. Joliet Junior College is an AA/EO employer and strongly encourages applications from candidates who would enhance the diversity of its staff. POSITION SUMMARY The Information Security Analyst is responsible for protecting the college's information systems and data by monitoring, analyzing, and responding to security incidents and threats. This role supports compliance with regulatory requirements (e.g., CIRCIA, HIPAA, GLBA), enhances operational efficiency, and contributes to the continual improvement of security processes and documentation. The analyst will also detect opportunities to develop and maintain security documentation, including knowledgebase articles, and manage security-related tickets from stakeholders. ESSENTIAL JOB DUTIES AND KEY RESPONSIBILITIES 1. Incident Management: Monitor, triage, and respond to cybersecurity threats and incidents across network, application, identity, and cloud layers. 2. Vulnerability Management: Participate in vulnerability assessments and penetration testing to identify and remediate security weaknesses. 3. Security Operations: Manage and maintain security tools (e.g., SIEM, IDS/IPS, vulnerability scanners), ensuring daily monitoring and compliance. 4. Facilitate the integration of SOC/Managed Security Services activities with the broader Information Security team, ensuring consistent application of ITIL processes such as Incident Management, Problem Management, and Event Management. 5. Identity Management: Support Office 365 email account management tasks, including user permissions, credential hand-offs, mailbox access provisioning, and coordination with identity and access management processes." 6. Compliance & Risk Management: Assist in legal and regulatory compliance efforts; conduct risk assessments and support audit activities. 7. Service Request Management: Handle, triage, and manage tier 2 level and up security-related tickets and requests from stakeholders, ensuring timely resolution and escalation as needed. 8. Knowledge Management: Detect opportunities to develop, improve, and maintain security documentation, including knowledgebase articles and process guides. 9. Process Improvement: Assist with the development and continual improvement of security-related processes, automation initiatives, and reporting tools. 10. Cloud Support: Support secure cloud infrastructure through systems auditing and account lifecycle management. 11. Collaboration & Training: Collaborate with IT and academic departments to ensure secure deployment of new technologies; provide security awareness training to staff and students. 12. Reporting: Prepare and present reports on security incidents, vulnerabilities, compliance status, and process improvements to leadership. 13. Professional Development: Stay current with emerging security threats, trends, best practices, and ITIL service management principles. 14. Perform related duties as assigned. MINIMUM QUALIFICATIONS 1. Bachelor's degree in Computer Science or a closely related field, OR an Associate's degree combined with 2-4 years of experience in information security or IT operations. 2. Ability to establish and maintain cooperative and effective working relationships with other members of the college and community, displaying cultural competence as well as emotional intelligence. 3. Demonstrated commitment to the college's core values of respect and inclusion, sustainability, integrity, collaboration, humor and well-being, innovation and quality. Bachelor's degree in information technology, Cybersecurity, Computer Science, or related field.. 4. Understanding of cybersecurity principles, tools, and compliance frameworks. 5. Experience with Microsoft Azure, Active Directory, and security monitoring tools. 6. Experience in information security and/or IT risk management with a focus on security performance and reliability 7. Familiarity multiple risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT) 8. Excellent analytical, communication, documentation, and collaboration skills. 9. Possesses relevant industry certifications such as CEH, CISA, CCET, Network+, Security+, CySa+, or Microsoft SC-900, demonstrating foundational and specialized knowledge in cybersecurity. 10. Demonstrated understanding of the NIST Cybersecurity framework and auditing security controls identified in NIST800-171 and NIST SP800-53A. 11. Knowledgeable on ITIL process management. PREFERRED QUALIFICATIONS 1. Experience in higher education or public sector environments. 2. English and Spanish verbal and written communication proficiency. 3. Demonstrated multicultural competence. PHYSICAL DEMANDS 1. Normal office physical demands. 2. Ability to travel between campus locations and to and from community events. 3. Ability to travel in state and nationally. WORKING CONDITIONS 1. Duties are performed indoors in the usual office and/or outdoor environment. BENEFITS Click on the link for information about JJC's Benefits: Non-Union Support Staff, Professional, Administrative Full Time/Part Time: Full time Union (If Applicable): Scheduled Hours: 40

Job Description Support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

SourcePro Search has a fantastic, direct hire opportunity for an experienced Information Security Engineer with our large and top ranked global law firm client. This role offers a high base and bonus as well as excellent benefits and professional growth potential. The successful candidate will have a degree in Information Security or a related field and at least 3 years of experience in a professional services environment. Responsibilities: Design, implement, administer, troubleshoot, and support security infrastructure on the network, including the following: Multicontext firewalls and clustering Intrusion detection and prevention Vulnerability management Centralized log management Data Loss Prevention Content Filtering VMWare and Microsoft Windows systems Non-Windows authentication controls, i.e., cloud-based identity management, Cisco, and Palo Alto Networks Demonstrate awareness of security best practices across common technologies, advocating for additional controls as necessary to ensure optimal security. Examples of technologies to be addressed include the following: Active Directory Group Policy Windows desktop systems and “locked down” desktop management VMWare and Microsoft Windows Server systems Non-Windows authentication controls, i.e., cloud-based identity management, Cisco, and Palo Alto Networks Two-factor authentication Network access control Participate in all efforts to develop security policies and meet client or other compliance requirements: Lead efforts to document security standards and procedures, demonstrating best practices to auditors or reviewers. Review business processes, recommend and implement supportable security changes, including any relevant tools to better secure those processes. Evaluate, implement, and enforce security practices around mobile and remote solutions, including Citrix, VPN, and MDM. Maintain and coordinate incident response planning, assisting in execution of the incident response plan as needed. Investigate actual and suspected security breaches. Ensure consistent policies are applied to any hosted or cloud-based services being utilized by the firm. Conduct log review and reporting on security devices and identified Windows systems. Generate evidence for compliance/audit. Work with vendors as necessary to supplement our security capabilities and recommend their use when appropriate. ****************************

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Build your best future with the Johnson Controls team As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of buildings to serve people, places and the planet. Join a winning team that enables you to build your best future! Our teams are uniquely positioned to support a multitude of industries across the globe. You will have the opportunity to develop yourself through meaningful work projects and learning opportunities. We strive to provide our employees with an experience, focused on supporting their physical, financial, and emotional wellbeing. Become a member of the Johnson Controls family and thrive in an empowering company culture where your voice and ideas will be heard - your next great opportunity is just a few clicks away! What we offer Paid vacation/holidays/sick time - 15 days of vacation first year Comprehensive benefits package including 401K, medical, dental, and vision care - Available day one Extensive product and on the job/cross training opportunities with outstanding resources Encouraging and collaborative team environment Dedication to safety through our Zero Harm policy Check us Out: A Day in a Life at Johnson Controls: What you will do Under specific direction, assists in the design, configuration, and operation of building systems including security, fire, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Assists in the development of software programs, commissioning and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How you will do it Design and configure technically complex Security & Fire systems as defined by the contract documents. Create flow diagrams, sequence of operations and bill of material, network layouts and electrical schematics as required. Develop and test software programs necessary to operate the system per the intent of the project requirements. Use your ability to integrate different Security subsystems with each other. Coordinate and create the necessary drawings and equipment schedules for submittals and installation. Select, order, and track the delivery of materials for assigned projects. Coordinate factory-mounting processes to meet factory and project schedule. Assist in the loading and commissioning of all system and network-level controllers as required. Assist in validation of complete system functionality and troubleshoot problems with subcontractors and other trades to ensure proper operation. Provide field change information to the project team for the creation of as-built drawings and software. Keep management and JCI contractor or customer informed of job progress and issues. Assist in performing site-specific training for owner / operator on the total building control system. Participate in release meeting with project field team. Perform value engineering to provide cost effective results while maintaining customer satisfaction. Adhere to safety standards. Operate with a high degree of regard to employee and subcontractor safety. What we look for: Required Experience in setting up application deployment (Installation, Configuration, Integration with other components) on Cloud environment based on underlying Application Architecture Experience in Disaster Recovery setup Administration, Maintenance and support of the Application instances on Reference, Validation and Customer environments Identify any known incident resolutions using a knowledge management system Apply identified resolutions to the incident and interact with the customer to ensure the incident has been properly resolved Antivirus - Symantec (Installation, updates and remediation's of antivirus client for servers and computers Off-shift support for machine moves quarterly maintenance Deployment of physical and virtual server deployment, troubleshooting and maintenance Ability to learn security software programs (I.E. C-cure9000, Milestone, Genetec) Strong technical skills in the domain of Windows Server 2008/2012, Microsoft Hyper-V and SCCM/SCOM/SCVMM is essential Basic MS SQL database and scripting skills is an asset Basic MS SQL database and scripting skills is an asset HIRING SALARY RANGE: $85,000 - $106,000 Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** #LI - AD2 #LI - DS1 Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.