Cyber security analyst jobs in Owatonna, MN

The Information Security Compliance Analyst plays a pivotal role in safeguarding the organization's information assets by leading compliance initiatives, managing vendor and client security assessments, and supporting incident response efforts. This position ensures alignment with industry standards such as ISO27001, SOC 2, PCI DSS, and GDPR, while maintaining robust governance frameworks and security policies. The analyst collaborates cross-functionally to enhance security operations, drive continuous improvement, and uphold regulatory compliance across ITA Group's systems and third-party relationships. ACCOUNTABILITIES & PERFORMANCE EXPECTATIONS Security Operations & Compliance Lead client and vendor security assessments, including third-party reviews, risk assessments, and questionnaire responses. Build and manage workflows for vendor assessments and due diligence. Oversee compliance audits (SOC2, PCI, ISO27001, TruSight), including evidence collection and process optimization. Support the Information Systems Incident Response Team (ISIRT) during security events. Assist in developing requirements for security tools and operational procedures. Evaluate and recommend emerging security technologies and products. Provide off-hours support on a rotating and as-needed basis. Coordinate with external suppliers to resolve security incidents. Systems & Tools Management Administer and monitor various security tools to ensure optimal performance and coverage. Audit & Incident Management Conduct quarterly audits of systems in scope for compliance. Maintain incident logs and ensure readiness for ISO27001 certification. Investigate and remediate Microsoft Security alerts. Compliance Certifications Collaborate with Legal to support privacy regulations and ensure compliance with GDPR and other frameworks. Governance Management Develop and implement Data Loss Prevention (DLP) rules for sensitive document handling. Enhance Insider Threat Protection capabilities. Maintain and update InfoSec policies and procedures. Provide organization-wide coaching and mentorship on security policies. Ensure regulatory and compliance requirements are consistently met. Establish and maintain a security framework and auditing process. Manage security questionnaires and third-party data security risk assessments. Analyze and investigate security anomalies using platform reports, logs, and alerts. POSITION REQUIREMENTS Bachelor's degree in computer science, information technology, or equivalent experience. Five-to-eight years experience in information technology support with at least five years of experience in system administration and system design. Security certification such as CISSP, CISA, or CISM are required. Technical certifications in Cisco and Microsoft products is preferred. Excellent communication and documentation skills. Strong experience with ISO27001, SOC 2, PCI DSS 4.x, GDPR, and other regulatory frameworks and privacy regulations. Ability to demonstrate ownership of systems and drive the technology forward to the goals of the company. Direct involvement in the annual planning and budgeting process for Information Technology. Strong communication skills and the ability to interact with other systems personnel in a team environment. Ability to maintain confidentiality pertaining to nonpublic business, financial, personnel, salary, and technological information, plans or data. Ability to think analytically to solve technical problems individually and in a team environment. Ability to effectively plan, schedule and coordinate projects and meet deadlines, managing multiple project concurrently. Ability to analyze and communicate technology performance results. Specific experience working with our current primary technology and software preferred. Ability to listen, understand and respond to external and internal customers' needs in a timely manner; customer service experience in a service-related industry preferred. Ability to work the time necessary to complete projects and/or meet deadlines. ABOUT ITA GROUP ITA Group is an employee-owned engagement and loyalty company that provides data-driven solutions designed to uniquely motivate and inspire our clients' employees, channel partners and customers. Creating engaging employee experiences is at the heart of what we do and who we are, and we continuously evaluate our team member benefits to ensure our team members are cared for. We offer an array of competitive benefits, including healthy retirement contributions, health, dental and vision insurance, paid parental leave, flexible work arrangements, Volunteer Time Off, paid sabbaticals, anniversary awards and more! Come join our team, recently recognized by several top organizations as a Great Place to Work.

Candidates Only no 3rd Party Candidates! Company is seeking a Senior Security Engineer or Security Solutions Architect with deep experience in Zscaler Internet Access (ZIA) and Secure Web Gateway (SWG) solutions. The resource will review and assess the current Zscaler deployment, identify best practices, implement configuration and policy improvements, and optimize workflows to improve security posture and user experience. Key Responsibilities Assess Company's current Zscaler ZIA (SWG) deployment and provide best practice recommendations. Perform configuration updates, policy tuning, and remediations based on assessment findings. Review and optimize the website approval workflow, reducing turnaround time for URL requests (currently 2-3 days). Implement granular Zscaler policies allowing differentiated access based on user identity (e.g., allow downloads but restrict uploads). Assist with Zscaler DLP policy design and management. Develop and document end-user and administrator processes, ensuring consistency and clarity. Identify opportunities to automate policy or workflow management via scripting or ServiceNow integrations. Collaborate with internal teams (SOC, Engineering, GRC) to align configurations with security requirements. Required Qualifications 7+ years of experience in IT security engineering or architecture. Proven expertise with Zscaler Internet Access (ZIA) and Secure Web Gateway (SWG) design, deployment, and optimization. Working knowledge of Zscaler Private Access (ZPA) and Zscaler DLP. Strong understanding of enterprise networking, including firewalls, proxies, and DNS. Experience designing and implementing identity-based policies within Zscaler. Familiarity with Zero Trust architecture, encryption, and access control principles. Proficiency in Python scripting or API integration for automation and workflow improvements. Experience integrating with ServiceNow or similar platforms. Excellent communication skills and ability to operate independently in a fast-paced environment. Strong process orientation with proven experience analyzing, optimizing, and documenting workflows.

Senior Cyber Security Analyst - 180001PV) This role will be part of the Cyber Security Operations team within CWT's Global Security and Risk department at our Minnetonka office.You will support the global operations by participating in the security incident response program and identifying vulnerabilities via standard penetration testing assessments and identifying threats posing a genuine risk to CWT. This information will enable CWT to proactively adjust its defensive posture. We are seeking an individual to be part of the team, to help as it grows with maturity. The team will carry out or coordinate (third parties) penetration testing across a number of environments including infrastructure, web app, and mobile platforms. In addition, you will collect and distribute Cyber Threat Intelligence as it relates to CWT. The role offers some exciting opportunities including the potential to develop your talents and skills, and investigating in more detail vulnerabilities and techniques that could be used against CWT. - Ability to create investigation results into a report- Ability to influence others where there is no direct authority- Data analysis, Network, OS systems (Windows, Unix, Linux)- Strong technical background and great understanding on emerging security trends- Deep technical knowledge IT Network, Infrastructure, Software, Cloud, Mobile- Red Team experience or experience of using Open Source and COTS for penetration testing which could include Nmap, Nessus, Metasploit, Kali Linux, Burp Suite Pro and similar - Experience in common scripting languages such as Python, Ruby, LUA, Powershell or BASH - Experience in at least one development language e.g. Java, C, C# or similar - A good understanding of Cloud based architectures primarily AWS Qualifications - Bachelor's Degree in Computer Science or related field or equivalent experience - Certified Information Systems Security Professional (CISSP) and/or Certified Cloud Security Certification (CCSP) and/or equivalent - AWS certifications (or ability to obtain within 6 months- Entry to junior level, 1-2 years of hands on Penetration Testing of web applications and infrastructure experience - 2-4 years of hands on cyber security operations, threat analysis, and/or incident response- Good appreciation of other security roles such as intelligence, vulnerability and patch management, Risk, auditing, Awareness and Security Architecture - A good understanding of the OSI stack and the various protocols from layer 1 - 7 including SNMP, HTTP, VPN, 802.11. - Social engineering engagement experience (i.e. phishing) - Excellent communication skills with the ability to communicate at a technical and business user level Primary Location: MinnetonkaEmployment type: StandardJob Family: Information TechnologyScope: GlobalTravel: Yes, 5 % of the TimeShift: Day JobOrganization: P&T_Security & RiskExperience Level: 3 to 5 years Job Posting: Apr 25, 2018 As an Equal Opportunity Employer/Affirmative Action employer, the organization will not discriminate in its employment practices due to an applicant's race, color, religion, sex, national origin, veteran status, disability status, sexual orientation, gender identity or any other federal, state or local protected class

The Lead Security Engineer position is part of the Information Technology team, reporting directly to the Manager, Information Security. The focus of this role is to design, implement, and maintain advanced security solutions that protect the confidentiality, integrity, and availability of Cirrus digital assets. This role requires deep technical expertise in Microsoft technologies, cybersecurity engineering, and enterprise security architecture, as well as the ability to mentor Security analysts and partner with IT teams on secure system design and operations. Duties and Responsibilities/Essential Functions * Design, implement, and maintain enterprise security controls across Microsoft environments, including Azure, Entra ID (Azure AD), Microsoft 365, Microsoft Defender, and Windows Server platforms. * Lead incident response activities, including investigation, containment, eradication, and recovery, as well as post-incident lessons learned. * Analyze security events and alerts from IDS/IPS, SIEM, EDR/XDR, vulnerability scanners, and Microsoft security tools to identify and mitigate threats. * Develop and implement security hardening baselines, patch management processes, and secure configuration standards for Microsoft platforms and hybrid environments. * Collaborate with IT and business stakeholders to design secure solutions, ensuring security requirements are integrated into Windows, Active Directory/Entra ID, Azure, and Microsoft 365 systems. * Conduct threat modeling and risk assessments, making recommendations for risk treatment and mitigation strategies. * Oversee vulnerability management program, including regular assessments, prioritization, and remediation validation. * Create strategies to mitigate risks and ensure compliance with relevant laws and regulations * Focus on continuous improvement to stay updated on cybersecurity trends and emerging threats to enhance security measures. * Provide mentorship and technical guidance to Information Security Analysts and IT staff. * Assist in the development and enforcement of security policies, standards, and procedures, with specific emphasis on Microsoft platforms. * Stay current with emerging threats, vulnerabilities, and security technologies; recommend improvements to strengthen the security posture * Regular, reliable, and predictable attendance Qualifications: To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. * Bachelor's degree in Information Security, Computer Science, Information Systems, or equivalent combination of education and experience. * 7+ years of progressive experience in information security, engineering, or related IT disciplines. * Advanced knowledge of Microsoft technologies, including Azure, Entra ID (Azure AD), Office 365, Microsoft Defender suite, and Windows Server. * Experience with SIEM, SOAR, EDR/XDR, vulnerability management, and forensic analysis tools, preferably integrated with Microsoft Sentinel and Defender. * Strong understanding of cloud platforms (Azure, AWS, Google Cloud) and securing hybrid infrastructures. * Relevant security certifications preferred: CISSP, CISM, OSCP, GIAC (GCIA, GCIH, GPEN), Microsoft Certified: Azure Security Engineer Associate, Microsoft 365 Security Administrator Associate, or equivalent. * Demonstrated expertise in incident response, malware analysis, and intrusion detection. * Proficiency with scripting/automation languages (PowerShell, Python, etc.) to enhance security operations. * In-depth knowledge of common frameworks and standards (NIST CSF, ISO 27001, CIS Controls, MITRE ATT&CK). * Proven ability to design and implement Zero Trust and defense-in-depth strategies. * Applies advanced knowledge of Microsoft security technologies and enterprise platforms to solve complex challenges. * Mentors and guides team members, builds trust, and fosters a culture of continuous improvement Competencies To perform the job successfully, an individual should demonstrate the following competencies: * Manages Complexity - Asks the right questions to accurately analyze situations, acquires data from multiple and diverse sources when solving problems, uncovers root causes to difficult problems, evaluates pros and cons, risks and benefits of different solution options. * Situational Adaptability - Picks up on situation cues and adjusts in the moment. Readily adapts personal, interpersonal, and leadership behavior. Understands that different situations may call for different approaches. Can act differently depending on the circumstance. * Optimizes Work Processes - Identifies and creates the processes necessary to get work done, Separates and combines activities into efficient workflow, Designs processes and procedures that allow managing from a distance, Seeks ways to improve processes, * Collaborates: Builds partnerships and works collaboratively with others to meet shared objectives. * Organizational Savvy: Maneuvers comfortably through complex policy, process, and people-related organizational dynamics. * Directs Work: Provides direction, delegates, and removes obstacles to get work done. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice. Work beyond 40 hours per week may be required. Cirrus is dedicated to a drug free work environment promoting equal employment opportunity. Qualified applicants will receive consideration for employment without regard to race, sex, national origin, color, age, disability, religion, pregnancy, veteran status, marital and family status, sexual orientation, receipt of public assistance, genetic information or any other characteristic protected by applicable law. Our Benefits: Cirrus provides a range of exciting benefits, including: * 401(k) Plan: Dollar-for-dollar match up to 5% after 90 days, with 100% vesting. * Employer-Paid Coverages: Group term life, short- and long-term disability insurance. * Comprehensive Health Coverage: Medical, vision, dental, with additional dependent coverage options. * Free Health Tracking: With rewards for meeting health goals. * Generous PTO: 120+ hours accrued within the first year. * Employee Referral Bonus: For referring talented candidates. * Career Development: Tuition reimbursement and professional growth opportunities. * Exclusive Discounts: Access to partner and marketplace discounts. * Community & Engagement: Company and employee clubs at various locations. These benefits are designed to support your well-being, growth, and enjoyment at Cirrus!

The mission of TikTok's Global Security Organization is to build and earn trust by reducing risk and securing our businesses and products. Also known as "GSO", this team is the foundation of our efforts to keep TikTok safe, secure, and operating at scale for over 1 billion people around the world. We work to ensure that the TikTok platform is safe and secure, that our users' experience and their data remains safe from external or internal threats, and that we comply with global regulations wherever TikTok operates. Trust is one of TikTok's biggest initiatives, and security is integral to our success. In whatever ways users interact with us - whether they're watching videos on their For You page, interacting with a Live video, or buying products on TikTok Shop - GSO protects their data and privacy, so they can have a secure and trustworthy experience. The Security Strategy, Risk, and Resilience (SRR) team is responsible for TikTok's Governance, Risk and Compliance function working closely with cross-functional partners to manage security risks, mature security operations, and build organizational resilience. We support our partners in meeting industry cybersecurity compliance standards and government regulations by developing and driving the organization's cybersecurity strategy, establishing and maintaining a comprehensive business continuity management program, creating and maintaining governing security policies, implementing our security control framework, conducting regular security risk and control assessments, and staying up-to-date on global compliance initiatives and evolving regulatory requirements. The Cybersecurity Strategy Senior Analyst plays a critical role in supporting the development and execution of strategic initiatives and metrics programs across TikTok's Global Security Organization. You will help define what "best-in-class" looks like for a rapidly growing global cybersecurity team by driving data-informed decision-making, maturity modeling, and performance measurement. This role involves working closely with cross-functional stakeholders to align cybersecurity efforts with broader organizational goals while contributing to the department's strategic direction and operational excellence. You would be a great fit for this role if you are enthusiastic about: 1. Using data and metrics to tell compelling stories and influence decisions at the highest levels of leadership 2. Thriving in a fast-paced, ambiguous environment with a passion for building frameworks and programs from the ground up 3. Collaborating with technical and non-technical stakeholders to build visibility and alignment around cybersecurity goals and performance Responsibilities As a Cybersecurity Strategy and Metrics Senior Analyst, you will be responsible for: * Supporting the development and execution of the department-wide cybersecurity strategy and multi-year maturity roadmap * Designing and maintaining cybersecurity performance measurement frameworks, including department KPIs, KRIs, OKRs, and executive dashboards * Developing maturity models and measurement tools to assess and monitor cybersecurity capabilities across teams and functions * Providing regular reporting and briefings to leadership, summarizing progress against strategic goals, identifying areas for improvement, and recommending adjustments * Conducting benchmarking and trend analysis to assess the organization's performance relative to industry standards and peers * Partnering with leadership to identify strategic gaps and support initiative development, prioritization, and tracking * Supporting strategic planning cycles, initiative management, and documentation efforts that align with both security and business priorities Minimum Qualifications: * Strong understanding of cybersecurity domains and frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and how to translate them into measurable objectives * Experience designing and operationalizing metrics or performance programs in a cross-functional environment * Strong analytical and project management skills with the ability to lead initiatives and drive results with multiple stakeholders * Excellent communication skills, with the ability to translate complex data and strategy into business-relevant narratives * Ability to work at the Washington DC or New York office for 5 days per week and willingness to travel to other offices, including international locations, as required to support business needs Preferred Qualifications: * Strong experience in cybersecurity, GRC, metrics development, strategic operations, or a related field * Strong experience in security strategy, cybersecurity operations, metrics programs, consulting, or related areas * Experience working with data visualization tools such as Tableau, Power BI, or internal dashboards * Relevant certifications (e.g., CISSP, CRISC, CISM, PMP, or other strategy or security-related certifications)

Job Description Empowered to live. Inspired to work. Compeer Financial is a member-owned cooperative located in Illinois, Minnesota and Wisconsin. We bring together team members with a variety of backgrounds and experiences to help provide financial services to support agriculture and rural communities. Join us in a culture that not only promotes meaningful work and professional development, but provides a flexible, hybrid work environment and excellent benefits, which empower you to thrive both personally and professionally. How we support you: Hybrid model - up to 50% work from home Flexible schedules including ample flexibility in the summer months Up to 9% towards 401k (3% fixed Compeer contribution plus up to 6% match) Benefits: medical, dental, vision, HSA/FSA, life & AD&D insurance, short-term and long-term disability, wellness program & EAP Vacation, sick leave, holidays/floating holidays, parental leave, and volunteer paid time off Learning and development programs Mentorship programs Cross-functional committee opportunities (i.e. Inclusion Council, emerging professional groups, etc.) Professional membership/certification reimbursement and more! Casual/seasonal & intern team members are not eligible for benefits except for state-mandated programs. To learn more about Compeer Financial visit ************************ Where you will work: This position offers a hybrid work option up to 50% remote and is based out of any of Compeer's office locations. The contributions you will make: This position creates, implements and maintains corporate-wide security programs that assist in improving overall security posture of the organization. Provides guidance, assurance and information protection to maintain the confidentiality, integrity, and availability of Compeer critical resources. Contributes knowledge and expertise to ensure that information assets are protected and secure. In this position, you will guide solutions to promote secure business-to-business initiatives, third-part relationships, outsourced solutions and vendors. Provides mentorship and guidance to less experienced team members. A typical day: Remains current with new security threats and assess systems and solutions to ensure they can defend the business. Researches capabilities of current and new disruptive solutions on the market and makes recommendations to security group on a consistent basis. Develops security team standards, policies, procedures and processes. Support and provide direction for use of technical systems, monitors for unusual and suspicious activity across a wide range of products, data centers, and cloud systems. Partners with Business Technology on security configuration standards for systems and business applications. Participates in technical and non-technical projects requiring information security oversight and to ensure policies and procedures are met. Provides cybersecurity guidance to leadership. Ensures that cybersecurity-enabled products or other compensating security control technologies or processes reduce identified risk to an acceptable level. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Implements security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed. Analyzes and reports system security posture trends. Analyzes cyber defense policies and configurations and evaluates compliance with regulations and organizational directives. Prepares audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions. Leads the Incident Response Team during activations for security or operational events. Coordinates, leads and conducts adversary simulation, hunt teaming, assumed breaches and whitebox penetration tests. Develops and executes attack plans, scripts, tools and methodologies to strengthen the offensive operations. Plans and coordinates the delivery of classroom techniques and formats (e.g., lectures, demonstrations, interactive exercises, and multimedia presentations) for the most effective learning environment. The skills and experience we prefer you have: Bachelor's degree in security management, cybersecurity, computer science, management information systems, or business with technical training in networking, technical support or security or an equivalent combination of education and experience sufficient to perform the essential functions of the job. Expert-level experience in physical asset security, information technology, risk management, security services, or infrastructure technology. CISSP certification preferred. Ability to adapt and stay a step ahead of cyber attackers and stay up to date on the latest attack methods. Expert experience driving measurable improvement in monitoring and response capabilities at scale. Expert ability to identify and resolve problems, utilizing strong analytical skills. Advanced experience in cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private and hybrid environments. Expert knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to endpoint detection and response (EDR), threat intelligence platforms, data loss prevention (DLP), security automation and orchestration, deception technologies, application controls, and other network and system monitoring tools. Experience with purple teaming (red and blue) to train, identify and remediate issues cohesively. Advanced experience with Amazon Web Services (AWS) or Microsoft Azure. Expert experience conducting risk analysis to protect the business and adhere with compliance requirements and privacy laws. Expert experience with vulnerability and penetration testing engagements. Advanced knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Expert knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities. Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain. Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media. Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects. How we will take care of you: Our job titles may span more than one career level (associate, senior, principal, etc.). The actual title and base pay offered is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role is eligible for variable compensation and other benefits. Base Pay$103,100-$156,400 USD Compeer Financial is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Must be authorized to work for any employer in the United States. Compeer is unable to sponsor or take over sponsorship of an employment visa at this time. Click here to view federal employment laws applicable for applicants.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Job Description Position Details: Job Title - Information Security Analyst Duration - 3 Months (with a possibility of an extension) Location - Eagan , MN - 55123 Qualifications Primary Objective Perform in the delivery and development of processes and services which support best practices in information security and risk management for Client enterprise. Knowledge, Skills & Behaviors • 2+ years related information security risk management experience • 3+ years related information technology experience • Preferred industry-related certifications: GSEC, CISSP, CISA, CISM, ITIL • Preferred exposure in SOC2, ISO 27000, risk assessment methodologies, Shared Assessments, ITIL practices, and GRC • Demonstrate results in planning and delivering complex projects on time • Maintain focus and manage multiple efforts concurrently • Perform independently to expectations while being collaborative and maintaining alignment with the team • Work effectively with all levels of the organization including subject matter experts, stakeholders, and leadership • Strong written and verbal communication skills to include executive audiences • Apply tactical and strategic methods appropriately • Effective negotiation and influence • Focused on supporting the customer, the team, and the business • Strong collaboration and problem-solving skills Major Areas of Accountability • Operate as a key contributor to the Vendor Risk Management processes. • Interface with subject matter experts, peers and stakeholders; and business or technology leaders across the Client enterprise. • Demonstrate subject matter expertise on information security best practices and Client security posture focused on performing due diligence for vendor assurance inquiries and attestations. • Assist in initiatives to evaluate and provide input on the effectiveness of processes and solutions, and to determine or support a course of action. Track and report on mitigation progress. • Contribute to the strategic and tactical development of information security, risk management and compliance initiatives, to include policy and standards development, solution development, security awareness and training, and other information security initiatives as assigned. • Track, verify and collect data points for reporting and metrics on identified services to identify gaps and inform leadership. • Serve as a subject matter expert in information technology operations, information security and risk management practices, global legal and regulatory requirements, and other applicable security and privacy trends and practices. • Participate as a member of a team for Vendor Risk Management • Contribute to and achieve business and departmental goals and objectives • Deliver processes and services consistently and accurately • Accept feedback and flex to address tactical needs • Report on status of initiatives to all levels in the organization • Work across the organization to contribute to departmental initiatives and programs Education • Prefer 4 year (Bachelor's) Degree in a technology related field If you are interested please contact NEHA KALIA (Technical Recruiter) at ************ and email an updated copy of your resume (preferably WORD format) to *************************** Additional InformationIf you are interested please contact NEHA KALIA (Technical Recruiter) at ************ and email an updated copy of your resume (preferably WORD format) to ***************************

The JFG Information Security Engineering & Operations Analyst plays a key role in supporting JFG's Identity & Access Management (IAM), Cyber Threat Management, and Vulnerability Management services. This role helps support IAM services to provision, deprovision, and certify access to JFG systems. It also helps detect, analyze, hunt for, and report on cybersecurity events related to malware, network intrusion, and data loss protection and insider threat incidents. This role is also responsible for finding and reporting on internal and external vulnerabilities on JFG systems. This role will be supported by a Managed Detection & Response (MDR) services and Identity & Access Management Managed services. Occasional off-hour and weekend work will be expected. Very little (less than 5%) business travel is expected in this role. This role will be located in Racine, Wisconsin. Ability to come in-office would be required (working a hybrid schedule.) KEY RESPONSIBILITIES: * Detect, analyze, contain, and remediate threats and vulnerabilities across the JFG environment. * Operate and support vulnerability management, data loss protection, cybersecurity monitoring, cybersecurity incident response, intrusion analysis, root-cause-analysis (digital forensics), cyber-threat intelligence, and malware analysis technologies. * Lead and report on incidents involving malware, network intrusion, insider-threat, internal investigations and litigation support activities. * Incorporate Cyber Threat Intelligence into operational signal intelligence and reporting. * Proactively investigate JFG environment for threats based on Cyber Threat Intelligence and known threat methods and patterns (aka Threat Hunting). * Operate and support Identity Governance and Administration technologies to support timely on/off-boarding of people and regular access governance reviews to ensure appropriate access. * Support weekly/monthly/quarterly/annual operational metrics, reports and dashboards. * Assist with maintaining the Cybersecurity Incident Response Plan. * Collaborate on the continuous improvement of Information Security Operations processes, workflows, and procedures (e.g. RunBooks). * Automate repetitive tasks and drive efficiencies with measurable benchmarks to show progress. JOB REQUIREMENTS: * Associates degree in Information Security, Cybersecurity preferred * 0-2 years' experience * Types of certification preferred: Security+, CEH, SSCP * Experience with Python and PowerShell scripting languages for automation preferred * Good report writing and communication skills * Has a basic understanding of the Information Security platforms at JFG, common Information Security controls and frameworks, networking concepts and technologies, as well as Windows and Linux environments Come as you are. Johnson Financial Group supports and is committed to the principle of equal employment opportunity. We make all employment-related decisions without regard for an individual's race, color, religion, sex, sexual orientation, age, national origin, citizenship, disability, veteran status, or any other protected status as required by law.

Job Description This is a hybrid position requiring 3 days in office at our Middleton, WI office location. #LI-Hybrid At CapSpecialty, we are a specialty underwriting company being driven by well-informed, entrepreneurial and proactive employees. Come join our exciting company where you can really make an impact, and each individual's unique skills and talents are recognized and valued. You will find an accessible leadership team that welcomes opinions and ideas. We owe much of our success to our collaborative environment and set of three guiding principles rooted in customer-centricity, employee excellence and corporate culture. We offer competitive compensation and benefits packages - including an innovative open vacation plan, generous paid sick and parental leave, fully vested matching 401k, company-paid group term life insurance and short- & long-term disability plans, professional and educational growth opportunities, flexible and casual work environment, and recognition for exceptional performance. Please see our full list of Total Rewards here. CapSpecialty is seeking an Information Security Analyst who will support our organization's cybersecurity operations. The analyst will assist in monitoring systems, investigating alerts, managing access controls, and supporting compliance efforts. This role includes exposure to Identity & Access Management (“IAM”) and other key areas of information security. Duties/Responsibilities: Conduct investigations into and properly document security incidents, including evaluating incident impact and recommending corrective actions to management. Collate security metrics and generate reports from the security systems as needed. Support managing accounts and permissions in IAM systems, including recommending improvements to identity governance where appropriate. Perform tasks as assigned to meet any audit requests. Help maintain IAM documentation and workflows. Help maintain and promote security policies, procedures, and training materials. Oversee assigned components of the security awareness programs, and track employee participation including following up on training completion. This may include reporting compliance metrics to leadership. Manage the physical security program, providing recommendations for updates as needed. Keep up to date and current on security trends. Other related duties and initiatives, as assigned. Supervisory Responsibilities: None. Core Competencies: Proven ability to deal well with ambiguity, prioritize tasks, resolve issues and deliver measurable results in an agile, fast-paced environment. Excellent oral and written communication skills. Ability to manage difficult customer situations, elicit customer feedback, analyze and resolve customer issues. Excellent analytical, problem solving, collaboration and time-management skills. A high level of integrity and commitment to confidentiality. Must be highly self-motivated requiring minimal direction. Have a passion for Information Security and a desire to advance personal growth through continuing professional education, self-study, and pursuit of technical certifications. Education and Experience: Associate's degree in computer science or equivalent. 1+ years of relevant experience in IT with exposure to cybersecurity practices, technologies, and methodologies is preferred. Basic understanding of security principles, threats, and controls is desirable. Familiarity with IAM concepts and tools (i.e. Active Directory, Okta, Azure AD) is a plus but not required. Familiarity with security controls and technologies desired (i.e. firewall, SIEM, DLP, WAF, and IPS.). Physical Demands Prolonged periods of sitting at a desk and working on a computer. May be required to lift up to 15 pounds at times. CapSpecialty is a leading provider of specialty insurance and bonds for small- to mid-sized businesses in the U.S., offering casualty, professional liability, surety and fidelity products in all 50 states and the District of Columbia. By working with select partners through a limited distribution model, CapSpecialty's creative, hard-working team provides personalized service and cultivates mutually successful partnerships to deliver positive results. CapSpecialty is an operating subsidiary of Berkshire Hathaway, and its carriers have an A ("Excellent") rating from A.M. Best, writing both admitted and non-admitted policies. For more information, please visit CapSpecialty.com. Apply today! Equal Employment Opportunity Employer Powered by ExactHire:184950

Patterson isn't just a place to work, it's a partner that cares about your success. One of the distinguishing marks of our company is the talented people who embrace the people-first, always advancing, and results-driven culture. Professional growth abounds in this motivating environment. We value the diverse talents and experiences our employees bring to Patterson and believe that they build a stronger and successful organization. Job Description: The Application Senior Security Analyst leads the implementation and maintenance of network and application security systems to protect Patterson's information assets. This role drives technical support, incident response, and ensures alignment with security and project goals. The analyst develops and enhances the application security program using industry best practices and frameworks. Expertise in secure coding, static and dynamic code analysis, and vulnerability remediation is essential. The candidate integrates security controls into CI/CD pipelines using SecDevOps methodologies. Responsibilities include tool integration, policy enforcement, and continuous monitoring. Collaboration across DevOps, compliance, risk, and audit teams ensures enterprise-wide security alignment. A methodical approach to assessing and triaging security findings is critical for success. Essential Functions To perform this job successfully, an employee must be able to perform each essential function satisfactorily, with or without reasonable accommodation. To request a reasonable accommodation, notify Human Resources or the manager who oversees the position. Perform application security triage, oversee issue resolution, and track remediation metrics Oversees the maintenance, support, and delivery of associated security platforms Drives continuous improvements in acting on alerts, service requests, and incidents Integrates best practices to proactively analyze and monitor systems and applications for system and security related issues Considered subject matter expert in assigned platforms and keeps up-to-date knowledge to drive improvements Strong mentor with the ability to work with junior team members and provide leadership and training on new tools or projects Provide support and ongoing input in the evolution of the application security program Ensure the application security tool set is optimized, tuned, and maintained Collaborate with Devs and Ops teams to embed security into CI/CD pipelines and SecDevOps workflows Perform security testing to include SAST, DAST, SCA, Container, APIs, IaC, Secrets Interact with Infrastructure, DevOps, and application owners to ensure alignment with Patterson's roadmaps Prioritize workload depending on business direction, compliance, and / or security requirements Embedded in the SDLC process for all major applications, working with DevOps, SecDevOps, Developers, QA, Principal Architects, Security Champions, Actively participate and / or lead weekly meetings with application team leads and security champions Track and manage identified vulnerabilities through resolution, ensuring timely remediation and documentation. Oversee the planning, execution, and follow-up of penetration tests conducted by internal teams and external security partners. Additional functions In addition to the essential functions listed above, the incumbent may perform the following additional functions. Experience with .Net, C#, Javascript, Angular and related languages Familiarity with AzureDevOPs (ADO), Package Management, SBOM, TFS and / or VSTS Familiarity with major cloud platforms, including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP) General knowledge of Application Security frameworks such as BSIMM, OWASP SAMM / ASVS, NIST, etc Experience with Thick Clients, Web Apps, Cloud Solutions, SPA, Web Services, MVC, APIs, etc Familiar with Azure DevOps Pipelines for automated build, test and deployment workflows Ability to support and manage Azure services including Azure Container Apps (ACA), Azure Kubernetes Service (AKS), and Azure Artifacts Familiarity with software supply chain security processes, including vulnerability scanning, artifact integrity validation, and dependency risk management Experience implementing and maintaining gating workflows in CI/CD pipelines to enforce security and compliance checks prior to deployment Experience communicating security concerns and issues to non-technical audiences Proficient in assessing microservices and APIs for security flaws using automated and manual testing techniques. Familiar with key application security tools such as BurpSuite, HCL AppScan, Veracode, Qualsys WAS, Micro Focus WebInspect, Checkmarx, Mend.io (White Source), DevTools, Fiddler, Owasp Zap, Metasploit, BeeF, SQLMap, Postman, etc Experience with Swagger, SOAPUI, Visual Studio Required Qualifications Bachelor's Degree with an emphasis in security, technology, or engineering or equivalent work experience At least 4 years work experience in information technology, cyber security, or information security Preferred Qualifications Security industry certification desired This person must be located within a commutable distance to Mendota Heights, MN or Loveland, CO. This will be 2 days in the office hybrid model. What's In It For You We provide competitive benefits, unique incentive programs and rewards for our eligible employees: Full Medical, Dental, and Vision benefits and an integrated Wellness Program. 401(k) Match Retirement Savings Plan. Paid Time Off (PTO). Holiday Pay & Floating Holidays. Volunteer Time Off (VTO). Educational Assistance Program. Full Paid Parental and Adoption Leave. LifeWorks (Employee Assistance Program). Patterson Perks Program. The potential compensation range for this role is below. The final offer amount could exceed this range, based on various factors such as candidate location (geographical labor market), experience, and skills. $94,100.00 - $117,700.00EEO Statement Patterson provides equal employment opportunities to applicants and employees without regard to race; color; sex; gender identity; sexual orientation; religious practices and observances; national origin; pregnancy, childbirth, or other related medical conditions; status as a protected veteran or spouse/family member of a protected veteran; or disability.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Mindlance is a national recruiting company which partners with many of the leading employers in IT, financial services, engineering, semiconductor, clinical and pharmaceutical domains. You can learn more about us at ***************** . Job Description · 3-7 years of experience in Information Security focusing on security solution design, engineering, implementation and assurance. · 3-5 years of experience defining and managing the implementation of controls to address access security and IT control requirements. · 3-5 years of experience working with Information Security and IT general controls, including experience defining and documenting controls using COBIT 4.1 or 5.0, the NIST Cybersecurity Framework, the ISO 27k framework, the SANS 20 critical controls or similar experience. · Deep understanding of Information Security technologies including firewalls, IDS/IPS, Password Vaults, CASBs, SIEM, IT GRC, DLP, etc. · Understanding of the regulatory environment and experience with regulators. · Comfort delivering tasks and assignments in an evolving and a maturing environment. · Application security experience and corresponding technologies (e.g. Jenkins). · Experience with the FFIEC Cyber Security Assessment Tool. · Applicable certifications (e.g. CISSP, CISA, CISM, CGEIT, CRISC). Additional Information All your information will be kept confidential according to EEO guidelines.

PURPOSE The Security Analyst - IT is responsible for designing, implementing and maintaining the security systems that safeguard the organization's data. This role plays a critical role in protecting the company from cyber threats by monitoring security environments, identifying vulnerabilities, responding to incidents and ensuring compliance with established security standards and best practices. Performs related work as required. ESSENTIAL FUNCTIONS AND RESPONSIBILITIES The following duties are typical for this job. These are not to be constructed as exclusive or all inclusive. Other duties may be required and assigned. Defend Baker Group systems against unauthorized access, modification and/or destruction Perform vulnerability/networking scanning assessments and monitor network traffic for unusual activity Configure/support security tools (firewalls, anti-malware software, patch management systems, etc.) Implement and maintain network security policies, application security, access control and corporate data safeguards Analyze, establish and maintain security requirements for Baker Group networks Train team members on security awareness and procedures Conduct both internal and external security audits and make policy recommendations Provide technical security advice Analyzing security breaches to identify the root cause Continuously update Baker Group's incident response and disaster recovery plans Verify third-party vendor security and collaborate with them to meet security requirements Assist with tier 2 and 3 level support tickets as needed MINIMUM EDUCATION & EXPERIENCE REQUIRED TO PERFORM ESSENTIAL FUNCTIONS Bachelor's degree in computer science or related field, or equivalent relevant experience required Minimum of two years' experience in information security or related field Experience with computer network penetration testing and techniques Strong knowledge of firewalls, proxies, SIEM, antivirus, and IDPS concepts CERTIFICATES, LICENSES, REGISTRATIONS CompTIA Security+, preferred CISSP-Certified Information Systems Security Professional, preferred MENTAL AND PHYSICAL COMPETENCIES REQUIRED TO PERFORM ESSENTIAL FUNCTIONS Demonstrated ability to identify and mitigate network vulnerabilities, along with the capacity to clearly explain prevention strategies Skilled in timely patch deployment with a clear understanding of associated business impacts Excellent verbal and written communication skills Ability to multi-task while remaining thorough and detail-oriented Strong problem-solving skills Passion for technology and strong desire to work with new technologies ENVIRONMENTAL ADAPTABILITY Prolonged periods of sitting at a desk and working on a computer Must be able to lift 10 pounds occasionally May have occasional visits to a job site which would require periods of standing, walking and/or climbing stairs EQUIPMENT/TOOLS Laptop computer Baker Group is an Equal Opportunity Employer. In compliance with the Americans with Disabilities Act, Baker Group will consider reasonable accommodations for qualified individuals with disabilities and encourage prospective employees and incumbents to discuss potential accommodations with the Employer.

The Information Security Analyst Identifies security risks and exposures, determine the causes of security violations, and configuring systems to optimize notification of future incidents. The Security Analyst Integrates appropriate systems and logs into the enterprise security incident and event management system to effectively monitor and detect various people and enterprise asset activity. The Information Security Analyst works under the direction of the Information Security Director on the IT Security Operations Team. This is a hybrid job, must be located in Saint Paul MN Responsibilities * Investigates and analyzes security events to evaluate risk, prioritizing findings based on internal and external information. • Configures and maintains SIEM platform, including areas such as source feeds, alerts, alarms, and API integrations.• Configures and maintains EDR/antivirus.• Configures and maintains vulnerability management platform, including areas such as vulnerability scanning, remediation, and mitigation as well as impact and risk analysis.• Communicates security concerns to the business stakeholders to collectively develop and execute an appropriate remediation/mitigation plan.• Interacts with security risk and compliance group, adjacent IT departments, and business units as needed to ensure compliance with IT Security goals and policies.• When needed, assists in administration of other security tools (Data Loss Prevention, Email Security/Spam Filter, End User Training, Mobile Device Management).• Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and evolving attacks and threat vectors. General Job Responsibilities:• Ability to work in a team environment and independently as required • Contributes to project planning and scheduling.• Normally receives minimal instructions on routine work and detailed instructions on new assignments. • Participate in Architecture design reviews and other technical governance forums across the organization representing the security team across multiple projects.• Be on call and available after business hours, would require working Holidays and weekends if major security incident occurs.• Establish and maintain pertinent policies, standards, and procedures • Perform duties in compliance with applicable regulations and standards such as Sarbanes Oxley Act, FDA Quality System, and ISO (International Organization for Standardization) Works on routine assignments per written procedures, where ability to recognize deviation from accepted practice is required. • Contributes to the overall operations and to the achievement of departmental goals • Perform job specific tasks in compliance with applicable Regulations, International Standards, and WuXi AppTec Policies and Standard Operating Procedures. • Understanding of Good Laboratory Practices and Good Manufacturing Practices • Other duties as assigned Qualifications * Degree in Cyber Security, Management Information Systems, Information Security or equivalent work experienceo Minimum 2 years prior experience in a Cyber Security• In depth knowledge of LogRhythm SIEM platform or other SIEM platforms, which includes configuring and maintaining API integrations and source feeds, alerts and alarms• In depth knowledge in Qualys Vulnerability Management System, which includes configuring and maintaining• In depth knowledge in Cisco AMP Anti-Virus software, which includes configuring and maintaining• Knowledge of ISO/IEC 27001 standards.• Strong technical acumen with a solid understanding of security technologies and network architecture• Strong verbal and written communication skills• Independent driver of self-development and continuous learning• Knowledge of information security technology, design, research techniques, administration, operating standards, and quality control methods.• Basic understanding of LAN/WAN technologies and protocols, FTP, Active Directory, VPN technologies (MPLS, IPSEC, etc.), IIS and other network services.• Experience in a large, formal vulnerability program.• General knowledge of cloud, wireless network and mobile security.• Team-oriented and skilled in working within a collaborative environment. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability This job description does not state or imply that the above are the only duties and responsibilities assigned to this position. Employees holding this position will be required to perform any other job-related duties as requested by Management.

At Children's Wisconsin, we believe kids deserve the best. Children's Wisconsin is a nationally recognized health system dedicated solely to the health and well-being of children. We provide primary care, specialty care, urgent care, emergency care, community health services, foster and adoption services, child and family counseling, child advocacy services and family resource centers. Our reputation draws patients and families from around the country. We offer a wide variety of rewarding career opportunities and are seeking individuals dedicated to helping us achieve our vision of the healthiest kids in the country. If you want to work for an organization that makes a difference for children and families, and encourages you to be at your best every day, please apply today. Please follow this link for a closer look at what it's like to work at Children's Wisconsin: *********************************** Children's Wisconsin is seeking a Senior Information Epic Security Analyst- to join our team! Location: Remote but must be local to Milwaukee What you will do: The IS Security Analyst-Epic will perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Ensures that user community understands and adheres to necessary procedures to maintain security. Must be able to weigh business needs against security concerns and articulate issues to management. Primary EPIC security lead on Enterprise Information Security team responsible for management of Epic user records (EMP users, including background users) which includes the life cycle management of the records (creation, modification, inactivation) and auditing as appropriate. Collaborates with app analysts teams who manage the templates and sub templates. Participates in the development of workflows, system configuration, change documentation, optimization and support related to Epic security, while working with application teams to deploy functionality changes, new modules or departments, update security classes, modify provider records, conduct user analysis, and implement security enhancements. Leads and assists in the development of department and organization wide policies and procedures, while effectively communicating policies and procedures impacting Identity and Access management to end users, leadership, and peers to ensure compliant practices. Provides guidance on optimizing security build based on appropriate minimum necessary standards. Responsible for the on-going maintenance, testing, support and optimization of Epic user security and provider management, with focus on role based access. Epic certification is a requirement. Excellent organizational skills and ability to manage work load while assigned to multiple simultaneous projects with minimal supervision. Thorough understanding of user account administration in a network environment. Thorough understanding of security auditing principles. Familiarity with current common paradigms for violating system integrity. Top-tier security performance tuning skills and trouble-shooting required. Works closely with all levels of the organization to ensure that security is consistent with organizational security standards, information access requirements and business strategies. Coordinates with IS entities regarding technical considerations (user rights/privileges, system access) to ensure proper implementation and provides on-going support for all security operations. Works collaboratively with Internal Audit, Corporate Compliance, Human Resources and other departments on security related issues and projects. Works with cross-functional teams to perform reviews and tests of IS internal controls to ensure existing systems are operating as designed and contain adequate controls. Monitors and analyzes technology security and recommends appropriate IS policies, procedures and practices to strengthen security operations. Provides consultation regarding audit, regulatory and security management activities across IS functional areas. Coordinates the IS component of both internal and external audits, federal and state examinations. ESSENTIAL FUNCTIONS: Demonstrates behaviors outlined in the Core Competencies the Blue Kids Way to provide service excellence as a committed partner to children, families and co-workers. Recommends and maintains policies and procedures related to information security. Monitors the organization's overall security fabric. Assesses security needs and capabilities of the organization. Makes regular reports to management concerning security measures. Makes recommendations for improvement as required. Identifies and provides information security awareness training as appropriate. Identifies appropriate courses to enhance security capabilities and competencies of the organization. Works with management to perform and maintain risk assessments. Ensures organization compliance with the security sections of Federal and State statutes, including HIPAA, as well as regulatory requirements. Coordinates investigations into potential security infractions. Determines and designs appropriate tests for all aspects of information security. Activities may include attempted “cracking” of system security, review of audit trails and attempted theft of devices. Evaluates system effectiveness and makes change recommendations as necessary. Coordinates periodic reviews of system security by outside consultants, including vulnerability assessments, penetration tests, HIPAA reviews and PCI compliance. Works with IS teams to implement recommendations as appropriate. Monitors, evaluates and makes recommendations regarding perimeter security including prevention against attack, viruses, and other forms of malicious software. Monitors, evaluates and makes recommendations regarding email and Internet content filtering. Evaluates and makes recommendations regarding requested changes to perimeter security. Recommends policies and procedures for controlling remote access by employees, non-employees and vendors. Reviews and makes recommendations regarding security oriented software applications and workstation security, including patch management, user rights management, and operating system configuration. Keeps current on security issues through seminars, publications and self-education on an on-going basis. MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED: Requires bachelor's degree in computer science or related technology field. Master's degree preferred. Requires 7 years of relevant computer systems experience, preferably in a hospital or healthcare setting. Significant experience in IS security administration including compliance, audit, and information security management. Epic Security certification is a requirement. Professional certification (e.g. CISA, CISM or CISSP) preferred. Thorough understanding of risk analysis, disaster recovery and audit tracking. Familiarity with current common paradigms for violating system integrity. Must have excellent interpersonal skills to effectively communicate with all levels of hospital personnel, vendors and IS personnel. Must possess the ability to deliver clear, concise communications and presentations. Must be able to train others on key IS security concepts. Children's Wisconsin is an equal opportunity / affirmative action employer. We are committed to creating a diverse and inclusive environment for all employees. We treat everyone with dignity, respect, and fairness. We do not discriminate against any person on the basis of race, color, religion, sex, gender, gender identity and/or expression, sexual orientation, national origin, age, disability, veteran status, or any other status or condition protected by the law. Certifications/Licenses:

As a Systems Engineer, you will perform discovery and analysis of business and contractual requirements to define systems and sub-systems architecture and technical design packages. This position works in conjunction with Systems Designers/Engineers and the Project Management team to determine technical requirements for project work and to ensure fit and suitability of our product offering within the client environment. Responsibilities: Prepare high level system designs in a thorough and professional manner during the pre-sales cycle. Design work may include conducting site surveys and device mark-ups, network architecture design, server loading, writing technical narratives and proposals, and preparing bills of materials Produce detailed design drawings and technical descriptions of physical security, other building technologies and the supporting networking, server and storage architectures in collaboration with owners and their representatives. Develop design documents that will guide the technical installation and configuration of systems Develop financial and logistics estimates, both independently and in collaboration with Paladin Technologies sales, marketing, and project management professionals Multi-task and manage time effectively to prioritize projects, tasks, and meetings as necessary Identify, establish, and document processes to support design efficiency and scalability Develop productive relationships with clients and key stakeholders which will build respect and confidence in the organization's capabilities. Understand and maintain an awareness of the productivity and profitability of work carried out by the organization Pursue and maintain education and professional development of technology systems related to the technical disciplines you will lead. Required Qualifications: A minimum of one year of design experience in the Security, AV, networking or instrumentation and controls. A strong understanding of the physical security, including an awareness of complimentary products, technologies, trends, and the general application of physical security technology Experience with the following technologies is required: Bluebeam Revu, IP networks, low voltage electronics, power and communications, Windows desktop operating system, Microsoft Office An understanding of and experience with fundamental concepts pertaining to IP networks, low voltage electronics, power, and communications A strong command of the English language supported by excellent written and verbal communication skills The ability to simultaneously handle multiple tasks and projects and be responsive to changing priorities in a fast-paced environment Preferred Qualification: Post-secondary education from an accredited college, university, or technical institution in Business, Construction Management, Electronics, Engineering, Information Technology, or a related field P.Eng, EIT, CET, or equivalent professional technical designation is preferred Highly developed analytical and problem solving skills Motivated self-starter with ambition to independently research new technologies as well as engineering and business methodologies/concept Field experience in a construction environment is an asset Physical Demands: In general, the following physical demands are representative of those that must be met by an employee to successfully perform the essential functions of the job. Must be able to effectively communicate, (i.e., see, hear, speak, and write clearly) in order to communicate with colleagues and/or customers; manual dexterity required for occasional reaching, lifting of light office objects, and operating office equipment Position is a desk job requiring the use of computer, keyboard, and phone Working Conditions: In general, the following conditions of the work environment are representative of those that an employee encounters while performing the essential functions of this job. The office is clean, orderly, properly lighted, and ventilated. Noise levels are considered low to moderate This is an office-based position COMPENSATION : $70,000 - $83,000k (DOE) Company Info: Paladin Technologies is a premier North American complex systems integrator for building technology solutions, including IP security, alarms & monitoring, audio visual, low-voltage infrastructure, and networking. As a leader in the design, deployment, optimization, management, and maintenance of communication and digital networks, Paladin can meet the needs of clients on a national scale, while providing local support. Our team is the best in the industry, with manufacturer trained technicians, PMP-certified project managers, CTS- and RCDD-certified design engineers, coordinators, and administrative resources. Paladin has offices coast to coast across the United States and Canada, and nearly 1,700 talented and committed professionals dedicated to custom-crafting and installing technology solutions for clients requiring Integrated Security, Network Infrastructure, Audio Visual, Fiber Optics/OSP, Structured Cabling, and more. We are always at the forefront of the changing technology landscape, and through continued training, complex client projects, and company support, we provide our colleagues with exciting challenges and a rewarding career as Paladin continues to grow. This company considers candidates regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Equal Opportunity Employer, including disability & veterans, or any other characteristic protected by law. If you need accommodation for any part of the application process, please send an email or call ************** to speak with Human Resources and let us know the nature of your request. We thank you for your application, however only those selected for an interview will be contacted.

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: DoD Clearance: Secret Our nation's security depends on the sacrifice of the men and women who defend our country. For them to do this effectively, they need technology that keeps them a step ahead of their adversaries. This means providing secure yet technologically advanced equipment to our service personnel, fielded as quickly as possible. Our commitment is to do exactly that. This position is for a Systems Engineer II professional who will work onsite in our Cedar Rapids facility. Join the Mission Systems Secure Systems Department and help shape, define, and design communication solutions that connect militaries around the world! As a Systems Engineer, you will design and develop military products ensuring safe and protected communication. You will interface with multi-discipline engineering teams to create total system solutions, addressing both domestic and international customer needs. We are looking for talented individuals that love to problem solve and have a desire to grow and gain exposure to new skills. Our customers come from all different backgrounds, and so do our employees. If you're passionate about what you could accomplish here, we'd love to hear from you. What You Will Do Perform analysis, architecture and design at all levels of the total system product including concept, design, fabrication, modeling, test, installation, operation, maintenance and disposal. Perform functional analysis, trade studies, requirements allocation and interface definition studies to translate customer requirements into hardware and software specifications. Provide analysis for the decomposition of customer specifications and system level requirements into sub-system and piece part requirements, and develop verification criteria and plans for the requirements Perform technical planning, system integration, verification and validation, and supportability and effectiveness analyses for total system solutions. Perform daily tasks in a classified and controlled lab environment Travel up to 10% What You Will Learn You will gain Systems Engineering Requirements, Integration, Validation and Verification skills. You will be provided with mentorship opportunities to gain experience as a Systems Engineer You will obtain invaluable experience working with our radio subject matter experts in addition to security and crypto certification specialists, our customer base, and cross-functional integrated product team. You can take flight to becoming knowledgeable in security hardened products with exposure to the variety of business and products in an ever-evolving field. We are growing, so can you! Qualifications You Must Have Typically requires a degree in Science, Technology, Engineering or Mathematics (STEM) and minimum 2 years prior relevant experience or an Advanced Degree in a related field. The ability to obtain and maintain a U.S. government issued secret security clearance is required. Qualifications We Prefer Familiarity with the Scaled Agile framework Exceptionally strong communication skills, experience presenting technical data to program management and executive leadership Experienced with Cryptographic Hardware architecture/design, Network Encryption specifications and test methodologies Experience with tools such as DOORS, CAMEO or similar, Software Languages such as Rust and Python Experience with Model Based Systems Engineering What We Offer Benefits Some of our competitive benefits package includes: Medical, dental, and vision insurance Three weeks of vacation for newly hired employees Generous 401(k) plan that includes employer matching funds and separate employer retirement contribution, including a Lifetime Income Strategy option Tuition reimbursement program Student Loan Repayment Program Life insurance and disability coverage Optional coverages you can buy pet insurance, home and auto insurance, additional life and accident insurance, critical illness insurance, group legal, ID theft protection Birth, adoption, parental leave benefits Ovia Health, fertility, and family planning Adoption Assistance Autism Benefit Employee Assistance Plan, including up to 10 free counseling sessions Healthy You Incentives, wellness rewards program Doctor on Demand, virtual doctor visits Bright Horizons, child and elder care services Teladoc Medical Experts, second opinion program Eligible for relocation assistance And more! Eligible for relocation. Learn More & Apply Now! Do you want to be a part of something bigger? A team whose impact stretches across the world, and even beyond? At Collins Aerospace, our Mission Systems team helps civilian, military and government customers complete their most complex missions - whatever and wherever they may be. Our customers depend on us for intelligent and secure communications, missionized systems for specialized aircraft and spacecraft and collaborative space solutions. By joining our team, you'll have your own critical part to play in ensuring our customer succeeds today while anticipating their needs for tomorrow. Are you up for the challenge? Join our mission today. Role Type *Please ensure the role type (defined below) is appropriate for your needs before applying to this role. Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products. At Collins, the paths we pave together lead to limitless possibility. And the bonds we form - with our customers and with each other -- propel us all higher, again and again. Apply now and be part of the team that's redefining aerospace, every day. The salary range for this role is 66,000 USD - 130,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

Solutions Through Innovative Technologies, Inc. (STI-TEC) specializes in the delivery of professional business and information management services. STI-TEC offers government and commercial clients a comprehensive portfolio of services that identify, manage, distribute and improve business processes related to entities' most valued resource, information. As a fast-growing solutions provider, established in 2000, total customer satisfaction has remained the cornerstone of our business. Our business model focuses on integrity, loyalty, and trust. Position Overview The CYBER Staff Support Officer (SSO) provides senior-level analysis and subject matter expertise to Army G-8 leadership across requirements, acquisition, and resourcing activities. Designated as key personnel and requiring TS/SCI clearance, this role manages Army CYBER program efforts-including Defensive Cyber Operations technologies and software-while also supporting Position, Navigation, and Timing (PNT) initiatives. Core responsibilities include reviewing and validating JCIDS and acquisition documents, developing investment and resourcing strategies, preparing executive-level briefings, and ensuring all efforts align with Army modernization priorities. The CYBER SSO must bring a foundational level of operational experience in Mission Command Transport Applications/capabilities, along with specialized knowledge of CYBER operations and systems. Leveraging expertise in Mission Command, CYBER, and PNT domains, the SSO delivers actionable recommendations that guide equipping, resourcing, and modernization strategies to strengthen Army force development. Essential Job Function 1. Requirements and Acquisition Analysis * Apply JCIDS (AR 71-9, CJCSI 3170.01) and Defense Acquisition System (DoDI 5000.2) guidance. * Review and analyze Army/Joint requirements and acquisition documents (ICDs, CDDs, ONS, BOIPs, ORDs). * Prepare leadership with recommended positions, analyses, and documentation for requirements decisions. 2. Data Management and Business Intelligence * Extract and analyze data from Army equipping/resource systems (AE2S-M, CAMS, LAQA, ETR, LQA, cQUIP, AESIP, ECOP, FMSWeb, cPROBE). * Build and deploy Business Intelligence tools (SharePoint, Power BI, Power Apps, MS 365) to automate processes and support reporting. 3. Program and Resource Management * Support planning, programming, budgeting, and execution (POM, PPBE, SPAR). * Develop funding and investment options, including RDT&E and procurement prioritization. * Validate AAO/APO requirements and assess impacts of budget or congressional changes. 4. Force Development and Modernization * Analyze, validate, and recommend positions on modernization and equipping strategies. * Participate in Total Army Analysis (TAA), Force Feasibility Reviews (FFR), and strategy development (ReARMM, MDO, AimPoint, NDS). * Resolve equipment shortfalls and support distribution/redistribution planning with ASC (LMI). 5. Stakeholder Coordination and Decision Support * Coordinate with ASA(ALT), PMs, Army Staff, ACOMs, and Joint organizations. * Support leadership participation in boards, councils, and conferences (AROC, JROC, AMEC, ASRCs). * Provide rapid assessments (within four hours when required) and support government task leads in decision-making. 6. Communication and Reporting * Develop and deliver briefings, EXSUMs, information papers, and smart books for senior leaders. * Maintain situational awareness of assigned programs and provide updates on funding, equipment availability, fielding, risks, and industry status. * Assist with strategic communication plans and budget justification documents. Minimum Qualifications * Bachelor's Degree or Higher * A minimum of four (4) years of experience and expertise in Force Development duties * TS/SCI Clearance required * Must have operational experience in Army tactical/strategic units that employ Mission Command and Transport Capabilities/Applications including Satellite Network Operations, Mission Command Network/Transport Systems/Applications, CYBER and Position Navigation and Timing capabilities * Must understand tactics, techniques and procedures associated with Army command, control, and communications systems and expertise in CYBER, and/or Position Navigation and timing capabilities to be supported * Must possess the knowledge, skills, and abilities to manage Army Acquisition Category (ACAT) II and III Programs * Must have the ability to analyze, prioritize and validate Mission Command, CYBER and/or Position Navigation and Timing requirements to provide the current and future Army with timely and decisive warfighting capabilities supporting successful accomplishment of the National Military Strategy * Interdisciplinary skill set of PPBE, DOD acquisition processes and procedures (DoDI 5000.2) as well as expertise with materiel and /or force structure requirements development and validation (JCIDS). Desired Qualifications Understanding and/or completion of the following * HTAR; * RQM 1010/ CLR 101; * RQM 1100 series / RQM 110; * RQM 3100/310; CLR 151; * RQM 2500/CLR 250; * RQM 2520/CLR 252; * Certified in related field. STI-TEC offers a competitive benefits package including: * Medical, dental, and vision coverage * Life insurance * Short term/long term disability coverage * Retirement savings - 401(k) * Paid time off (PTO) * Holiday leave * Alternate work schedules (depending on work site) * Flexible spending account options Whether you're an experienced professional, a veteran, a former military or civilian federal employee, or a recent graduate, STI-TEC has a career opportunity for you. Applicants selected may be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. STI-TEC is an equal opportunity employer and values diversity. Employment is decided on the basis of qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, gender identity and sexual orientation. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation and training. If you need assistance or an accommodation due to a disability, you may contact us at [email protected] or you may call us at 1+************. * This job posting is to identify potential candidates for positions in order to respond to a request for proposal. This job posting, including but not limited to, qualifications, duties, compensation and benefits, is subject to change based on the terms and conditions of the awarded contract and is contingent on STI-TEC being awarded the contract.