Information security analyst jobs in Merrillville, IN - 161 jobs

The Principal Cloud Security Architect evaluates cloud architectures, identity models, permissions, and security controls across large-scale environments. This role focuses on identifying architectural risks, misconfigurations, and long‑term security design gaps. What You'll Do Assess cloud architectures (AWS, Azure, GCP) for security gaps Review IAM configurations, network segmentation, and resource policies Identify misconfigurations, privilege risks, and insecure patterns Summarize architectural flaws and provide structured mitigation guidance Validate alignment with security frameworks and best practices Support recurring assessments of cloud environments and deployment patterns What You Bring Must-Have: Deep experience in cloud security architecture Strong understanding of IAM, network design, and cloud service models Ability to document complex architectures in clear, structured form Nice-to-Have: Experience with multi-cloud, zero‑trust, or high‑compliance environments $40 - $80 an hour #J-18808-Ljbffr

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation. AtAHEAD, we prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD. We are an equal opportunity employer, and do not discriminate based on an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status, or any other protected characteristic under applicable law, whether actual or perceived. We embraceall candidatesthatwillcontribute to the diversification and enrichment of ideas andperspectives at AHEAD. Senior consultants are experienced experts in information security and/or information security governance or compliance. Successful candidates support the Security Practice in delivery, business development, and practice development. This senior consultant will specifically support the cyber advisory program which seeks to advise clients at various points of maturity and help design and improve their cyber security programs. While each client has a different starting point, most start with common infrastructure hardening and hygiene challenges. This senior consultant will be expected to confidently advise on remediation of discovered vulnerabilities. These vulnerabilities may range from common software vulnerabilities to general architecture concerns. The consultant must leverage previous experience to convey potential impacts and criticality of remediation. The senior consultant is not expected to have knowledge or experience with every vulnerability but must be able to use their knowledge and experience to research potential solutions. Communicating the impact and criticality of vulnerabilities and remediation is a critical part of this role. This requires the consultant to understand the client's environment, concerns, business drivers, and potential impact of remediation efforts. Finally, the consultant must be comfortable in acting as authority on recommendations. The senior consultant is often asked to review and sometimes create common security program documentation such as policies, risk registers, and other assessment documents. The ability to manage small teams is a requirement for success in this role. This program requires frequent evolution as the program must keep pace with changes in technology, techniques, and vulnerabilities. Because of this, this senior security consultant must be flexible, self-motivated, and willing to take on dynamic challenges. Responsibilities Client Delivery Facilitate sessions of strategy, roadmap, design, and planning workshops for service engagements Effectively communicate risk to stakeholders and work to drive security program success Ensure that customer expectations are appropriately set and managed Lead project engagement teams through the delivery of consulting service offerings Understand vulnerabilities and create remediation plans Break down risks or issues into manageable segments, identify the factors that contribute to risk and determine how best to approach the risk Creation and finalization of project deliverables, may perform peer review for collateral developed by others on a delivery team Presentation of deliverables to client executive management Act as the Engagement Lead on customer facing projects, when assigned Business Development Support business development pursuits through client discovery meetings Support sales opportunities throughout the sales cycle, including project scoping, proposal development, and presenting proposals to clients. Familiarity with AHEAD's enterprise service portfolio to identify opportunities for cross-practice collaboration Practice Development & Thought Leadership Maintain subject matter expertise in security domains and security solutions Participate in the development, enhancement, and standardization of AHEAD in-practice service offerings Own and/or enable more than one service capability Maintain a broad knowledge and understanding of current and future state IT trends, technologies, and standards Lend support and mentorship to others Requirements Undergraduate degree in Computer Sciences or Business Management is preferred, but not required Minimum of 2 years of information security leadership experience 7+ years technical work experience 2 professional and/or technical certifications, including industry-recognized certifications which align to AHEAD's Security service portfolio, or commensurate work experience (CISSP, CISM, SANS certs, etc.) Cybersecurity background (vulnerability management, various security controls such as EDR, firewalls, content filtering, etc.) Active directory experience (group policy and Intune experience) Securing windows servers and desktops (system hardening such as Microsoft Baseline/STIGS/CIS) Office 365 experience Common written policy understanding Excellent verbal and written communication skills Comfort in addressing groups of people in virtual or in-person settings Ability to solve complex, abstract problems Excellent interpersonal skills, good listener, ability to connect with different personalities Exhibit Executive presence with leadership characteristics Demonstrated experience as a technology change agent $165,000 - $195,000 a year Why AHEAD Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between. We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning. USA Employment Benefits include Medical, Dental, and Vision Insurance 401(k) Paid company holidays Paid time off Paid parental and caregiver leave Plus more! See benefits for additional details. The compensation range indicated in this posting reflects the On-Target Earnings (“OTE”) for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidate's relevant experience, qualifications, and geographic location. #J-18808-Ljbffr

Our client, a top-tier IT services and consulting company, is seeking a Principal Infrastructure & Security Architect to provide deep technical leadership across cloud infrastructure, cybersecurity, and Informatica security modernization. This role will strengthen the client's IDMC security posture, redesign secure connectivity, and guide the end-to-end transformation of their secure agent and IAM environments. Requirements & Qualifications Deep technical and administrative expertise in Information Security / Cybersecurity across cloud and hybrid environments. Proven experience designing secure private network paths and enforcing controlled routing for platform traffic. Ability to create private connectivity patterns and align network security with Informatica and internal cloud teams. Strong background restoring centralized IAM functions, preferably through Entra ID (Azure AD), including automated provisioning, access controls, and audit-ready workflows. Hands‑on experience modernizing secure agent infrastructure, removing legacy components, and standardizing deployment patterns. Expertise overseeing security monitoring, logging integrations, and compliance activities across Informatica environments. Ability to collaborate with architecture, cloud, and security teams to ensure end-to-end alignment with enterprise standards. #J-18808-Ljbffr

Innova Solutions is immediately hiring a Solution Architect - Cloud Permanent Duration: Fulltime As a Solution Architect - Cloud, you will: Solution Architect to lead the modernization of a legacy healthcare platform used for eligibility screening patients for disability benefits/coordinating for submission applications in SSA, appeals processing in the US healthcare domain. The role requires defining the target architecture, creating a robust migration strategy, and ensuring security, compliance, and scalability in the solution design. This is an onsite role at the client location in the USA, requiring close coordination with client business teams, operations, and enterprise architects. Proven experience as a Solution Architect on large-scale enterprise modernization projects, preferably in the healthcare domain. Strong understanding of US healthcare processes, especially related to disability eligibility screening and benefit determination. Hands-on experience designing solutions on D365+Powerplatform+Azure. Strong understanding of cloud-native architecture principles, data flows, and integration patterns. Should have strong knowledge on SQL and Microsoft shop like visual studio. Establish the integration strategy between internal modules and external systems via secure APIs and Azure services. · Design data flow, entity modeling, and component architecture, ensuring adherence to industry and organizational security standards. Azure Well-Architected Framework and Microsoft Cloud Adoption Framework (CAF). Should have experience in migration of Legacy projects to cloud platform Familiarity with architecture governance processes and working with enterprise architecture teams. Incorporate security by design principles across the architecture: Ensure the platform meets HIPAA, HITECH, and other relevant US healthcare compliance standards. Developing solution architecture artifacts: HLDs, LLDs, integration diagrams, security models. Document detailed solution blueprints, technical specifications, and integration design documents Candidate must have skills: 10 to 15 years of experience in IT operations or production support, with at least 5 years in a leadership role. Strong understanding of Best benefits process. Familiarity with Azure Well-Architected Framework and Microsoft Cloud Adoption Framework (CAF) Solid knowledge of databases (SQL/Oracle), APIs, and Azure Cloud platform. Experience with DevSecOps and CI/CD pipelines in regulated environments. ITIL certification is a plus. Good to have skills: Experience with Best Benefits Background in Agile/DevOps environments. Strong analytical, communication, and crisis management skills. Qualified candidates should APPLY NOW for immediate consideration! Please hit APPLY to provide the required information, and we will be back in touch as soon as possible. We are currently interviewing to fill this and other similar positions. If this role is not a fit for you, we do offer a referral bonus program for referrals that we successfully place with our clients, subject to program guidelines. ASK ME HOW. Thank you! Kiran Vajrala Manager PAY RANGE AND BENEFITS: Pay Range: $106,000 - 124,500$ Per Year Pay range offered to a successful candidate will be based on several factors, including the candidate's education, work experience, work location, specific job duties, certifications, etc. Benefits: Innova Solutions offers benefits( based on eligibility) that include the following: Medical & pharmacy coverage, Dental/vision insurance, 401(k), Health saving account (HSA) and Flexible spending account (FSA), Life Insurance, Pet Insurance, Short term and Long term Disability, Accident & Critical illness coverage, Pre-paid legal & ID theft protection, Sick time, and other types of paid leaves (as required by law), Employee Assistance Program (EAP). ABOUT INNOVA SOLUTIONS: Founded in 1998 and headquartered in Atlanta, Georgia, Innova Solutions employs approximately 50,000 professionals worldwide and reports an annual revenue approaching $3 Billion. Through our global delivery centers across North America, Asia, and Europe, we deliver strategic technology and business transformation solutions to our clients, enabling them to operate as leaders within their fields. Recent Recognitions: Named One of America's Best Employers for New Grads by Forbes (2024 Named One of the Best Companies to Work For by U.S. News & World Report (Private Companies List, 2024-2025) One of the Largest IT Staffing Firms in the US - Ranked #3 by Staffing Industry Analysts (SIA, 2024) One of the Largest Staffing Firms in the US - Ranked #13 by Staffing Industry Analysts (SIA, 2024; includes Innova Solutions, Volt, & HireGenics) Named One of the Top Ten Private Companies in Atlanta by the Atlanta Business Chronicle (2023) One of the Largest Certified Minority Business Enterprises (MBEs) in the United States (NMSDC, 2024) AWS Advanced Tier Services Partner with 100+ certifications Website: ******************************** Innova Solutions is an Equal Opportunity Employer and prohibits any kind of unlawful discrimination and harassment. Innova Solutions is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment on the basis of race, color, religion or belief, national origin, citizenship, social or ethnic origin, sex, age, physical or mental disability, veteran status, marital status, domestic partner status, sexual orientation, or any other status protected by the statutes, rules, and regulations in the locations where it operates. If you are an individual with a disability and need a reasonable accommodation to assist with your job search or application for employment, please contact us at ********************** or **************. Please indicate the specifics of the assistance needed. Innova Solutions encourages all interested and qualified candidates to apply for employment opportunities. Innova Solutions (HireGenics/Volt) does not discriminate against applicants based on citizenship status, immigration status, or national origin, in accordance with 8 U.S.C. § 1324b.The company will consider for employment qualified applicants with arrest and conviction records in a manner that complies with the San Francisco Fair Chance Ordinance, the Los Angeles Fair Chance Initiative for Hiring Ordinance, and other applicable laws. Thank You! Team Innova Solutions Job ID: 1003555 Scottsdale , Arizona Job Type: Contract Added - 07/30/25 #J-18808-Ljbffr

Please see Special Instructions for more details. Please apply online with required materials prior to review date for best consideration. For information, ************ ******************** Information Job Title: Information Security Manager Classification Title Department: Infrastructure & Network Services Work Location: ALL SITES Duties Under the general guidance of the Director of Infrastructure and Network Services, the Information Security Manager is responsible for developing, implementing, and maintaining the college's cybersecurity program to safeguard its information assets against cyber threats and data breaches. This role involves managing critical resources including executive support, budgetary funding, and managing security personnel to advance the college's information security goals and reduce institutional risk. The manager advises senior leadership on any changes that impact the college's cybersecurity posture and ensures that all security enhancements are properly evaluated, verified, and implemented. The Information Security Manager collaborates with the Information Technology department and other units to detect security violations and coordinate an effective response. They lead efforts to implement protective or corrective measures when cybersecurity incidents or vulnerabilities arise and oversee the development and application of policy standards to ensure alignment with cybersecurity regulations and best practices. Ongoing compliance with internal policies, procedures, laws, and regulations is a key responsibility. Additionally, the manager promotes cybersecurity awareness and ensures that strong security principles are embedded in the college's strategic vision and institutional goals. ESSENTIAL DUTIES AND RESPONSIBILITIES Oversee security operations, including the supervision and management of technical personnel. Utilize intrusion detection methods and techniques to identify threats at both the host and network levels. Ensure compliance with applicable laws, regulations, and legal procedures related to cybersecurity and data protection. Develop and implement security policies and procedures. Document system configurations and troubleshooting guidelines. Perform security assessments using tools and techniques to identify system vulnerabilities. Monitor vulnerability intelligence, including alerts, advisories, bulletins, and errata. Evaluate, test, and implement new system and software releases to ensure secure and stable deployments. Collaborate with vendors and third‑party support teams to address contracts, support, and security‑related needs. Collect, analyze, and maintain data required for cybersecurity reporting and auditing. Promote strong cybersecurity posture and training to stakeholders across all levels of the college. Ensure cybersecurity considerations and requirements are integrated into the organization's business continuity and disaster recovery planning. Assess and approve development activities to verify that baseline security measures are properly implemented. Provide cybersecurity‑related input for statements of work (SOWs), contracts, and other procurement documents to ensure security requirements are addressed. Support the budget planning process and provide informed recommendations. Education & Experience Bachelor's degree required. Bachelor's degree in Cybersecurity or related field. Minimum of five (5) years of experience in IT security operations, threat detection, and incident response. Prior experience supervising/managing an IT security or related team. Demonstrated ability to analyze and approach applications methodically. Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required in addition to the education and experience noted above. Proficient in developing and executing incident response plans for a wide range of cyber threats, including ransomware, business email compromise, malware infections, DDoS attacks, and unauthorized system access. Proficient in threat analysis and conducting vulnerability assessments; cybersecurity frameworks such as CIS (Center for Internet Security) and NIST (National Institute of Standards and Technology); proficient in conducting IT audits to assess security posture and compliance. Knowledgeable in cloud security practices and controls, with a preference for experience in Microsoft cloud environments; firewall solutions, including their configuration, management, and role in network security, Endpoint Detection and Response (EDR) and antivirus solutions; Security Information and Event Management (SIEM). Basic knowledge of Windows‑based operating system, networking concepts, Hyper‑V virtualization, and Storage Area Network (SAN) technologies. Skilled in supervising, mentoring, and developing staff across various roles and responsibilities. Strong written and verbal communication skills, with the ability to effectively convey technical information to diverse audiences. Must be self‑motivated with a strong ability to quickly adapt to new technologies and platforms. Understanding of policy development and management in an IT security context. Position Status Full Time Hours General hours: Monday‑Friday 8:00 a.m. - 5:00 p.m. The role requires 24/7 on‑call availability. Benefits Moraine Valley offers a generous benefits plan which includes paid time off, tuition discounts for employees and dependents, medical, dental, vision, and retirement benefits in a collaborative and friendly environment. These include: Health, Dental, Vision, Life insurance, Optional life: Disability insurance; Tuition reimbursement; Tuition waiver; SURS Retirement plan; Vacation Days; Holidays; Sick Leave; Personal days; Bereavement days; Tax‑sheltered annuity plans. Visit these links to learn more about specific benefits for this position: Benefit Highlights Benefit Guide-Details Supplemental Questions Required fields are indicated with an asterisk (*). * How did you hear about this employment opportunity? Chicago Tribune HigherEdJobs InsideHigherEd Chronicle of Higher Education MVCC Website/Posting Employee of MVCC Other No Response * Are you a State Universities Retirement System (SURS) annuitant and currently receiving a monthly annuity? Yes No * Do you have the minimum of a Bachelor's degree? YES NO * Do you have the minimum of five (5 full) years of experience in IT security operations, threat detection, and incident response? Yes No, I do not meet this requirement #J-18808-Ljbffr

Senior Physical Security Consultant Chicago, IL. WEC Energy Group is one of the nation's largest electric generation and distribution and natural gas delivery holding companies serving 4.7 million customers across the Midwest. We are committed to providing clean, reliable, and affordable energy in an environmentally sustainable manner. Customers are the heart of our business, and we work every day to help grow and support communities where we provide vital energy services. As a Fortune 500 company, we value and develop our employees who are making a difference in a mission that matters. We don't just offer a job; we provide fulfilling careers where safety and well-being are paramount. Join our team and experience first‑hand our commitment to your success. We offer competitive pay and benefits to recognize your hard work and dedication. If you're talented, energetic and ready for a career with a future, we want you on our team. We are powered by a diverse and inclusive workforce fueled by the pride in what we do. If you're driven by the passion to change lives, this is the place for you. WBS, a subsidiary of WEC Energy Group, is seeking a Senior Physical Security Consultant in our Chicago, Illinois location. Job Summary The Physical Security Consultant (Senior) is responsible for identifying security gaps, concerns, threats, and/or risks and follow internal procedures and protocol to elevate or resolve issues as appropriate, such as conducting investigations or sharing threat intelligence with appropriate members of the organization. Specific functional areas include, but are not limited to, enterprise protection, operational integration, intelligence, investigations, situational awareness and security projection. This position is the primary interface for the business and operations to share information and coordinate security‑related activities and requirements. Physical Security Consultants are expected to develop and maintain relationships with key internal and external stakeholders such as contract security personnel, local law enforcement, and internal business areas who work closely with security. Job Responsibilities Provides security protection services, consulting services and advisory support to the business and operations to reduce risks, maximize workforce safety, and protect property Leads investigations in close support and coordination with cybersecurity, HR, ethics, and/or external law enforcement as appropriate Follows policy and procedures to elevate security matters, file reports, collect evidence, and maintain relevant databases or information in security systems Executes company policies and procedures for the physical security program aligned with the overarching enterprise security model and best practice standards and ensure compliance with applicable industry standards and regulations (e.g. NERC CIP, TSA) Provides work direction, site training, policy and process training, and maintains relationships with contract security personnel Maintains an understanding of the application of security technology to the company's processes to mitigate risk Develops and maintains relationships and represents the company with local law enforcement, other security‑related external agency stakeholders and the broader intelligence community Responds to crises or urgent situations to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property and operational assets Participates in internal and external emergency response and business continuity planning exercises Analyzes intelligence to identify trends and determine risks Foster a culture that promotes security as an integral part of safety. Maintains key performance and process metrics to evaluate the efficiency and effectiveness of processes, procedures, and systems The Senior Physical Security Consultant performs all duties of a Physical Security Consultant, usually in a lead role Minimum Qualifications Physical Security Consultant - Minimum 2- 4 years of physical security work experience in law enforcement, investigations or intelligence in a civilian or military organization required. Senior Physical Security Consultant - Minimum 4 -7 years of physical security work experience in law enforcement, investigations or intelligence in a civilian or military organization required. Preferred experience with or understanding of nation state threats to critical infrastructure. It requires some out-of-state travel and is subject to 24 hour call out. Preferred Qualifications A Bachelor's degree in Criminal Justice, Police Science, Security Management or Business Administration is preferred. A combination of associate degree, military, law enforcement or professional physical security experience and physical security certification (CPP, PSP) or certificates (enterprise security risk management, security risk assessment, workplace violence prevention, executive protection, etc) will be considered Preferred experience with or understanding of nation state threats to critical infrastructure Project and Contract Management experience (Threat Assessments, CCTV System Installation, etc.) Familiarity with the City of Chicago Neighborhoods and Streets, in addition to the Urban areas #J-18808-Ljbffr

Senior Manager, Information Security Office (ISO) Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: The Senior Lead ISO Consultant will provide cyber security architecture advisory support needed to build the Technology & Business capabilities on a novel Modern platform, that will enable customer set-up, use, and management of a Capital One Credit Card, including Data Product. In this role, the responsibilities will include: Act as a central Information Security point of contact for the Global Payment Networks line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Collaborating with enterprise cyber teams and tech architects in defining and driving the cyber architecture strategy and guiding principles for the architecting and designing of the modern platforms. Support security architecture and implementation needs for technology modernization efforts Overseeing all cyber related dependencies across the multiple components being built for the modernization effort. Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad-hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Support the team on collectively mapping technologies to a standardized framework in order to identify and execute on best practices in risk reduction through the configuration of cybersecurity tools and platforms. Support the development, modification, and use of capability, risk, or threat classification frameworks and standardization methodologies to facilitate the conduct of correlative capability, maturity, and effectiveness evaluations. Support data validation and communications on the impact of identified operational, compliance, process, control, and tooling gaps and potential remediation courses of action to multiple audiences, including leadership, to support the enhancement of their cybersecurity postures. About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of cyber security concepts At least 5 years of experience performing cyber security risk assessments or cyber security architecture reviews At least 4 years of experience with cloud security Preferred Qualifications: Bachelor's Degree 7+ years of experience in securing a public cloud environment (AWS, GCP, Azure) 6+ years of cyber security advisory and technology consulting experience 6+ years of experience in Cyber Risk Management 3+ years of experience on cryptography, HSMs and similar systems Knowledge of HPNS, ATM, Mainframe technologies and other payment networks infrastructure technologies Experience in security integration for Mergers and Acquisitions Experience with PCI and Payment Network Compliance. Professional certifications AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. Chicago, IL: $209,000 - $238,500 for Sr Manager, Cyber Technical McLean, VA: $229,900 - $262,400 for Sr Manager, Cyber Technical New York, NY: $250,800 - $286,200 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Role -Business Analyst/ Information Security Governance Analyst Project Overview: We are seeking an analyst with experience in governance of security products, authentication, authorization, and access management with business analysis background. These resources will support the SaaS initiatives Contractor's Role: As a member of Governance team you will play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .Net etc. Experience level: Level 3 Qualifications - Bachelor's degree in computer science, audit or a related discipline and experience in information security, or an equivalent combination of education and work experience. - Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. - 5 -6 years of experience in the Information Security or Audit role. - Strong collaboration skills and a analytical ability - Knowledge of SOX methodology implementation for applications & Internal & External Audit executions Requirements Nice to Haves: - Knowledge on Obsidian Remediation Tasks & Responsibilities - Drive governance and risk framework around applications using authentication and authorization - Define and respond to risks surrounding the business functions and the security capabilities - Define and respond to audits from internal and external parties - Knowledge of control execution and design - Collect and maintain evidence of control testing - Collect and maintain evidence of application attestation to standards

Job Description Support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Job Title: Cyber Security Analyst Duration: 12 Months Location: Oakbrook Terrace, IL Job Description: Responsible for planning, designing, and implementing a process for cyber security monitoring, incident detection, and incident response. 1-3 yrs of experience and a Bachelor's degree in IT systems or a related discipline. Position Requirements: - Configuration and administration of logging aggregation and security event monitoring tools (like Industrial Defender, Splunk, etc.) - Configuration and maintenance of performance monitoring tools (like Solarwinds, Uptime, CA Spectrum, etc.) o Understands and can configure tools and endpoint systems to use SNMP for monitoring - General IT Support (application patching, client updates, remote access and administration tools) - General Networking knowledge (IP Networking, OSI Stack, etc.) Additional Information Thanks & Regards' ___________________________________________________________________________ Vikram Bhalla | Team Recruitment | Mindlance, Inc. | W: ************ All your information will be kept confidential according to EEO guidelines.

WHO WE ARE Apex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to financial markets for all. Our robust suite of fintech solutions enables us to support clients such as Stash, Betterment, SoFi, and Webull, and more than 20 million of our clients' customers. Collectively, AFS creates an environment in which companies with the biggest ideas in fintech are empowered to change the world. As a global organization, we have offices in Austin, Dallas, Chicago, New York, Portland, Belfast, and Manila. If you are seeking a fast-paced and entrepreneurial environment where you'll have the opportunity to make an immediate impact, and you have the guts to change everything, this is the place for you. AFS has received a number of prestigious industry awards, including: * 2021, 2020, 2019, and 2018 Best Wealth Management Company - presented by Fintech Breakthrough Awards * 2021 Most Innovative Companies - presented by Fast Company * 2021 Best API & Best Trading Technology - presented by Global Fintech Awards ABOUT THIS ROLE The Manager, Information Security Engineering will be responsible for our Information Security Engineering Team personnel and functions including, but not limited to application security, cloud security, data security, DevSecOps, secure SDLC, security automation, security planning & strategy, and implementing security controls. This position requires an adaptable person, comfortable and apt at development of strategy, vision and personnel management as well as tactical problem-solving, and hands-on troubleshooting as needed. The Manager will execute and recommend strategic development and integration of security controls in application & product development and various cloud technology instances (IaaS, SaaS, PaaS, etc.) managed by Apex Fintech Solutions. You'll balance hands-on technical guidance with people management responsibilities, driving the maturation of our security capabilities to meet evolving threats in the financial services landscape. This role is also expected to be able to solve complex problems with little oversight, take ownership and work independently as needed. Duties/Responsibilities * Build and develop a team of security engineers, providing technical guidance, mentorship, and performance management * Provide day-to-day oversight of direct report(s), offer guidance and direction where necessary, assist in issue resolution, balance competing interests, and escalate significant concerns as appropriate * Embedding security controls and technologies seamlessly into the development lifecycle of systems, applications, platforms, and products. * Develop security engineering processes, procedures and standards across the organization to promote standardized security requirements, aligning with internal policies and compliance requirements. * Partner with cross-functional teams (Security Operations, GRC, IT, Engineering, Technology, Platform) to implement security controls that protect Apex systems and data. * Participate in the software design life cycle, total cost of ownership of security technology, application security, and platform infrastructure. * Influence & instill secure by design standards, guidelines, and technologies. * Manage security engineering projects within allocated budgets and timelines while measuring success through meaningful KPIs and SLAs * Foster innovation within an agile framework while maintaining operational excellence in our security tooling and infrastructure * Create scalable security automation solutions to increase efficiency and consistency of protection capabilities. * Support security incident response activities for technical and product incidents. * Communicate security requirements and status to both technical and non-technical stakeholders Education & Experience * Bachelor's degree in Computer Science, Information Security, Engineering, or related field (or equivalent work experience) required * 7+ years of security engineering or cybersecurity experience * 3+ years of team leadership or management experience * Demonstrated success implementing security solutions at enterprise scale * Experience working in agile development environments and DevSecOps practices Required Skills/Abilities * Strong understanding of security frameworks, threat modeling, and secure coding practices * Proficiency with security tools such as SIEM, vulnerability scanners, firewalls, and endpoint protection * Deep knowledge of cloud security, container security, and infrastructure security * Experience with security automation, scripting languages (Python, PowerShell), and Infrastructure-as-Code * Strong analytical skills with experience using security analytics platforms and incident response tools * Exceptional verbal and written communication skills with ability to collaborate across technical and non-technical teams * Proven ability to prioritize and manage multiple security initiatives in fast-paced environments * Strong analytical and problem-solving skills with attention to security detail * Strategic mindset with capability to navigate security challenges while delivering business value * Experience influencing stakeholders without direct authority on security matters * Strong decision-making skills with ability to balance security requirements with business needs Other Preferred Qualifications * Performing or acting as team lead or manager with direct reports. * Experience with data security, secure coding practices and security technologies * Experience in using industry standards & regulations, such as ISO, NIST CSF, CIS Controls, SOC 2, SEC, FINRA * Skilled in managing DevSecOps, CI/CD, source control management and infrastructure-as-code such as GitHub, Bitbucket, Terraform, etc. * Experience with Microservices, Containers and Kubernetes security. * Expertise in the design, development, implementation, and maintenance of on-premises Data Center technologies and Cloud environments such as Azure, GCP, and/or AWS. * Experience with scripting and programming languages, including integration with APIs, such as Python, Perl, PowerShell, Bash, Java, JavaScript, and Go. * Familiarity with multiple security, vulnerability and threat frameworks such as OWASP, EPSS, MITRE, CVSS, Threat Modeling, etc. Work Environment * This job operates in a hybrid, office environment 3 days per week. #IT #mid-senior #full-time #LI-LN1 #APEX Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Our Rewards We offer a robust package of employee perks and benefits, including healthcare benefits (medical, dental and vision, EAP), competitive PTO, 401k match, parental leave, and HSA contribution match. We also provide our employees with a paid subscription to the Calm app and offer generous external learning and tuition reimbursement benefits. At AFS , we offer a hybrid work schedule for most roles that allows employees to have the flexibility of working from home and one of our primary offices. Salary Range $127,200-$159,000 The annual base salary range for this position is noted above. Exact compensation offered may vary depending on job-related knowledge, skills, experience, and office location. EEO Statement Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics. Disability Statement Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process, please submit your request via the Candidate Accommodation Requests Form. We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.

blue Stone Executive Search has been retained by our client, a multi billion dollar global organization, a world leader in their vertical, with a dedication to cutting-edge technology and work/family balance, to search for a motivated and energetic IT Leader to direct and manage their Information Security objectives on a company-wide basis. Job Description As the Manager of Information Security, you will be responsible for the development and execution of a comprehensive company wide information security strategy. The Information Security Manager will build and work with appropriate internal staff to deploy an information security awareness program to support compliance with information security policy, standards, procedures, and best practices. The Information Security Manager will develop needed security policies while working with appropriate HR and Legal teams on final version approval and distribution. You will also be expected to participate in information security response and provide audit/compliance and forensic activities for the company, as needed. As the Information Security Manager, you will implement proactive processes and technologies to monitor the company internal and external network environment for potential threats with appropriate response processes. You will also evaluate new technology that the company would use in execution of the information security strategy using both quantitative and qualitative methods. The Information Security Manager will also help to create a policy for the company and design and implement necessary tools to protect company data on employee owned devices. Qualifications Experience and familiarity with control and security frameworks such as COSO, COBiT, and ISO Candidate has one or more current CISSP, CISM, CISA certifications Two to five years security leadership experience required Bachelor's degree in related field preferred Solid understanding of information technology and information security including; firewalls, VPN's, penetration testing and other security devices with an emphasis on network security Experience with management and administration with firewall technologies from Cisco and other firewall manufacturers Knowledge in developing and socializing security policies and processes Demonstrated ability to create information security strategy and execution plans Knowledge of intrusion detection and prevention solutions and experience implementing them in a corporate environment Excellent interpersonal skills with the ability to communicate with technical and non-technical contacts Must be highly organized and detail oriented Exceptional analytical and problem solving skills Excellent written and verbal communication skills Ability to manage multiple priorities to deliver results Additional Information blue Stone Executive Search successfully finds and secures the top talent within targeted industries. As executive search professionals, the advice we impart and the solutions we provide can have a significant impact on the businesses, careers and lives of others. We recognize these responsibilities and take them seriously. We value long-term relationships above short-term gain. We are continually seeking exceptional talent with the highest standards of professionalism. E-mail resumes to [email protected] and phone ************.

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

About Rethink First Rethink First is a leading behavioral health technology company working to make mental wellness, education, and support accessible and scalable. Through our suite of cloud-based platforms-including RethinkEd, RethinkCare, and RethinkBH-we serve educators, employers, and providers with tools that deliver measurable, inclusive outcomes. We're on a mission to make behavioral health more effective, equitable, and human-and we're looking for a creative visionary to help lead that charge. About the Role We are building a modern, cloud-forward security program grounded in Cyber Resilience, Application Security, and Security Assurance. As our Manager, Information Security, you will be the operational and execution leader for our Security Assurance function while helping shape key processes across SecOps and AppSec. This role is ideal for someone who thrives in a high-growth SaaS environment, collaborates well cross-functionally, and wants to help mature a security program that must support HIPAA, SOC 2 Type II, HITRUST, and a broad healthcare customer base. You will own the day-to-day execution of GRC, Audit Readiness, Evidence Collection, Policy Management, TPRM, and Client Trust-and must have hands-on experience implementing or operating Vanta as a centralized compliance automation platform. You will serve as a multiplier for the Sr Director, creating repeatable processes, driving deadlines, maturing documentation, and ensuring audit-ready control operation across Azure, M365, and our SaaS product ecosystem. Key Responsibilities Security Assurance Leadership (Primary Responsibility - 60%) Lead the end-to-end Security Assurance function across SOC 2, HIPAA, HITRUST, and regulatory frameworks. Act as the program manager for all audits, coordinating with Legal, HR, Engineering, Product, and Infrastructure to maintain year-round audit readiness. Own the implementation, configuration, optimization, and continuous operation of Vanta, including: Control mapping and ownership assignments Evidence collection workflows Vendor risk management modules Client Trust functionality (best answers, trust portal, knowledge base) Build and maintain an audit calendar, evidence repository, and standardized evidence collection playbooks. Drive development and continuous maintenance of security policies, standards, and procedures. Operate the Third-Party Risk Management process, including vendor classification (Tier 1/BAA), questionnaire review, residual risk scoring, and contract security review. Respond to customer security questionnaires, RFPs, and client audit requests with clarity, accuracy, and speed. Cyber Resilience & SecOps Leadership (25%) While not a hands-on SecOps role, you will: Partner with the SecOps Engineers to build daily operational cadence across alerts, incidents, vulnerability management, and hygiene controls. Ensure controls monitored by Tenable, Microsoft Defender, Sentinel, and other platforms produce audit-ready evidence. Help design operational dashboards and KPIs for incident response, vulnerability SLAs, and hygiene metrics. Validate operational controls for compliance frameworks (MFA, SSO, logging, monitoring, access reviews, backups, endpoint security, network protections, etc.). Application Security Collaboration (15%) Work with Engineering, Architecture, and DevOps teams to ensure Product and AppSec controls align with SOC 2 and HITRUST expectations. Contribute to secure SDLC processes, risk assessments for new features, and remediation tracking for vulnerabilities and findings. Validate that security requirements are integrated into CI/CD workflows where appropriate. Required Qualifications 7+ years of progressive experience in Information Security, with at least 3+ years in a governance, compliance, or Security Assurance leadership role. Direct experience implementing or operating Vanta (must be hands-on). Strong experience supporting and maturing SOC 2 Type II, HIPAA Security Rule, and HITRUST programs in a SaaS environment. Deep understanding of Microsoft Azure security architecture, including Entra ID, RBAC, Conditional Access, Defender for Cloud, Sentinel, and workload identities. Clear understanding of audit control design, evidence, and auditor expectations. Experience building vendor risk programs, reviewing DPAs and BAAs, and performing vendor due diligence. Excellent writing skills for policies, procedures, client responses, and audit documentation. Demonstrated ability to lead complex projects with multiple stakeholders and tight deadlines. Strong communication and relationship-building skills across technical and non-technical teams. Preferred Qualifications Experience in healthcare SaaS or other regulated industries. Hands-on experience with: Vanta Vendor Risk + Trust Center Microsoft Purview (DLP, Information Protection) Azure DevOps or GitHub governance Tenable, Defender, or other vulnerability platforms Jira/Confluence Certifications such as CISA, CISSP, HCISPP, HITRUST CCSFP, or similar. Experience working with offshore teams. Benefits: Generous health, dental, & vision benefits package Flexible paid time off 11 paid company holidays 401k + matching Parental leave Access to our award-winning RethinkCare platform supporting neurodiversity in the workplace through parental success, professional resilience, and personal wellbeing. Location: Remote opportunities are available to candidates who reside in the following states: AL, AZ, CT, FL, GA, HI, IA, IL, IN, KY, LA, MD, MA, MI, MN, MO, MT, NC, NE, NH, NJ, NV, OH, OR, PA, RI, TN, TX, VA, WA, WI, WY Our commitment to an inclusive workplace RethinkFirst is an equal opportunity employer and is committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws. Accommodations are available for applicants with disabilities. JazzHR Privacy Policy JazzHR Terms of Use California Privacy Notice #remote

Jobs for Humanity is partnering with Capital One to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Capital One Job Description 201 Third Street (61049), United States of America, San Francisco, California Senior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. What You'll Do: Act as a central Information Security point of contact for the Enterprise Platform team Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Product security consulting in Authentication/Access Management /Identity application and experienced in Authentication and industry-standard protocol for authorization/authorization Basic Qualifications: High School Diploma, GED or equivalent certification At least 8 years of experience working in cybersecurity or information technology At least 7 years of experience providing guidance and oversight of Security concepts At least 7 years of experience performing security risk assessments and security architecture reviews At least 7 years of experience with architecture, software design, networking, and cloud infrastructure At least 5 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 3+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 4+ years of experience in IAM or related areas Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling Experience with Penetration Testing or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and Defensive Security techniques Experience in a regulated environment Strong conceptual thinking, influence and communication skills At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $230,100 - $262,700 for Sr Manager, Cyber Technical San Francisco, California (Hybrid On-Site): $243,800 - $278,200 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days. No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at [email protected] . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to [email protected] Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Full-time Description WHO WE ARE: At ZBeta we endeavor to be the most sought-after Security Partner in the world. This drives every decision we make, and the most effective way to realize this goal is through garnering a reputation for excellence and innovation in everything we do. The ZBeta Innovation Lab (LabZ) initiative is a specialized team and program with the mission of inventing, developing, testing, and analyzing better ways, both big and small, to do physical security - for us, for our clients, and for the industry. LabZ seeks to optimize the value of physical security to the client's business mission, to optimize the value of the solutions we recommend, design, deliver, and manage, and to continuously identify opportunities to perform at a higher level. The LabZ program helps ensure that ZBeta and its approach are always data-driven, technology-led, and human-centered. Find out more about us here. WHO YOU ARE: You are a forward-thinking strategic partner with a passion for the physical security mission and for building programs, optimizing operations, and delivering integrated solutions. You excel in fast-paced settings where your leadership abilities can catalyze meaningful action and tangible progress towards objectives. You thrive in a workplace culture that is: Innovative Excellence Focused Reliable Detail Oriented Adaptable Highly Organized Client Obsessed Curious Resilient Does this sound like you? If so, join us in our mission to redefine security standards and make a lasting difference in our community. WHAT YOU'LL DO: The Physical Security Research Engineer (PSRE) is a critical resource of the ZBeta LabZ team and will conduct research and proof of concept (PoC) testing at the LabZ facility for clients and internal teams. The PSRE assists in requirements gathering, testing, and report production in the ZBeta LabZ program and leads, develops, manages, and completes key LabZ efforts for the testing and analysis of stand-alone and integrated physical security technology solutions. The PSRE is familiar with security software applications, integrations, and network-connected devices and engages both internally and externally, working collaboratively with other LabZ engineering resources and with project and production team members. The PSRE will help grow, mature, and optimize the LabZ program by contributing to the tools and processes LabZ uses to effectively evaluate physical security products against real-world design requirements and generate research reports. This is an in-office position at the ZBeta LabZ location in Schiller Park, IL. Relocation assistance provided. Core Competencies Growth Minded: High self-awareness of strengths and areas for development with a curiosity and appetite for change and innovation Data-Driven: Strong analytical skills, with the ability to work effectively with data and think critically Collaborative: Ability to solicit and understand multiple perspectives and maximize the application of team talent and experience Evaluative: Ability to evaluate outputs rigorously to ensure consistent excellence in delivery Tactical: Ability to recognize current priorities, manage changes and risks, and efficiently clear roadblocks and resolve issues Position Responsibilities The essential duties and responsibilities include, but are not limited to the following: ZBeta Lab Environment In partnership with ZBeta LabZ team, maintain a ZBeta test/dev environment of technology solutions that represent both client and industry standards. Work with ZBeta IT to build appropriate server environments and remote access abilities for LabZ platforms. Load, configure, and update Lab environment software applications, and wire, connect, and configure test hardware, devices, and technologies. Design and build (or manage the production of) custom testing apparatus, devices, and mechanisms. Maintain current knowledge of and training in key applications and products. Solution Testing Work with ZBeta LabZ team and client resources to plan, implement, and conduct hands-on testing of physical security products, applications and functions, and integrated solutions. Lead the development of testing concepts to address client and industry needs, challenges, & opportunities. Manage and execute testing scope related to server, application, and IoT elements. Create test plans and testing requirement documentation, record and analyze testing results, and document outcomes and conclusions in testing reports. Research & Requirements Gathering Conduct studies and analysis of technology categories, trends, solution proposals, and industry approaches. Research, collect, and analyze relevant documentation and data to reach meaningful conclusions, form opinions of value propositions, generate ideas for solutions and approach improvement, and categorize study topics in terms of potential application and impact to client and industry needs and expectations. Work with consultants to gather requirements for client proof of concept tests and internal teams for quarterly research projects. Research Program Development Assist in the development and ongoing management of process, approach, and standards for the research performed in the ZBeta LabZ program. Identify opportunities and initiatives for improvements in the efficiency and thoroughness of ZBeta LabZ research deliverables. Hold regular research update meetings to review, improve, and manage the status of ongoing projects and deliverables. Requirements WHAT YOU'LL NEED: Experience: 5+ years of physical security industry and technology experience. 3+ years of experience in a software or hardware engineering role. Education: Bachelor's degree in engineering, computer science, or related technical field, or equivalent work experience Knowledge: Knowledge of and working familiarity with server and network storage solutions, operating systems architecture and key considerations, and network architecture models and principles. Professional knowledge of and training in the principles of electrical systems, components, and circuits. Skills: Highly proficient in the use of Microsoft Office applications including Word, Excel, PowerPoint, Teams, OneNote and Visio Proficiency in project management tools, such as MS Project, SharePoint and QuickBase Training and manufacturer certification in multiple industry-leading platforms and equipment components, with particular emphasis on software applications and network-connected security devices. Genetec and LenelS2 experience a plus. Abilities: Demonstrated excellence in communication and interpersonal skills, with proven ability to communicate and present complex information to technical and non-technical stakeholders, both verbally and in written form Strong technical documentation, technical writing, and data analysis and interpretation skills Exceptional attention to detail and highly organized, with the ability to prioritize and balance workloads Team player with the ability to establish collaborative working relationships across all levels of the organization Self-directed problem solver who takes the initiative to start projects, work unsupervised, complete tasks independently, solve roadblocks, and address issues before they become problems Physical Demands: Lifting and Carrying: Ability to lift and carry equipment weighing up to 50 lbs or more, including cameras, control panels, and tools. Climbing and Crawling: Must be able to climb ladders, scaffolding, and operate a high lift to install and maintain equipment Manual Dexterity: Requires good hand-eye coordination and fine motor skills for handling tools, wiring components, and making precise adjustments to security systems Kneeling, Squatting, and Crawling: Must be comfortable kneeling, squatting, or crawling to install or troubleshoot security equipment. WHAT WE OFFER: Competitive salary based on job-related skills, experience, and qualifications Our excellent benefits package includes 100% paid premiums on health, dental, vision, and life insurance, a 401(k) retirement plan, and significant work schedule and workplace flexibility. Diverse and supportive culture WHAT'S IMPORTANT TO KNOW: Full-time, in-office role at our Schiller Park, IL LabZ facility (relocation assistance provided). While ZBeta is a remote-first company, this role requires hands-on, on-site lab work. This position is not eligible for visa sponsorship Candidates must be able to meet client and/or government security screening requirements for the role This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. As a condition of employment, the successful candidate will be required to provide proof of citizenship. The successful completion of a background check is required upon hire and every two years thereafter We look forward to connecting with individuals who are passionate about our mission and can bring diverse contributions to our team - not just those who check all the boxes. We are committed to creating a supportive, encouraging environment where everyone can fully express their diverse perspectives, showcase their talents, and grow their knowledge, skills, and abilities. The base pay offered will depend on factors, including but not limited to job-related knowledge, skills, experience, and internal equity. At ZBeta, new hires are rarely placed at the top of the pay range; compensation is determined by the specific circumstances of each position and candidate. A note to third-party recruiters - we do not accept unsolicited agency resumes, and we are not responsible for any fees related to unsolicited resumes. Salary Description $110,000 - $130,000

Build your best future with the Johnson Controls team As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of buildings to serve people, places and the planet. Join a winning team that enables you to build your best future! Our teams are uniquely positioned to support a multitude of industries across the globe. You will have the opportunity to develop yourself through meaningful work projects and learning opportunities. We strive to provide our employees with an experience, focused on supporting their physical, financial, and emotional wellbeing. Become a member of the Johnson Controls family and thrive in an empowering company culture where your voice and ideas will be heard - your next great opportunity is just a few clicks away! What we offer Paid vacation/holidays/sick time - 15 days of vacation first year Comprehensive benefits package including 401K, medical, dental, and vision care - Available day one Extensive product and on the job/cross training opportunities with outstanding resources Encouraging and collaborative team environment Dedication to safety through our Zero Harm policy Check us Out: A Day in a Life at Johnson Controls: What you will do Under specific direction, assists in the design, configuration, and operation of building systems including security, fire, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Assists in the development of software programs, commissioning and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How you will do it Design and configure technically complex Security & Fire systems as defined by the contract documents. Create flow diagrams, sequence of operations and bill of material, network layouts and electrical schematics as required. Develop and test software programs necessary to operate the system per the intent of the project requirements. Use your ability to integrate different Security subsystems with each other. Coordinate and create the necessary drawings and equipment schedules for submittals and installation. Select, order, and track the delivery of materials for assigned projects. Coordinate factory-mounting processes to meet factory and project schedule. Assist in the loading and commissioning of all system and network-level controllers as required. Assist in validation of complete system functionality and troubleshoot problems with subcontractors and other trades to ensure proper operation. Provide field change information to the project team for the creation of as-built drawings and software. Keep management and JCI contractor or customer informed of job progress and issues. Assist in performing site-specific training for owner / operator on the total building control system. Participate in release meeting with project field team. Perform value engineering to provide cost effective results while maintaining customer satisfaction. Adhere to safety standards. Operate with a high degree of regard to employee and subcontractor safety. What we look for: Required Experience in setting up application deployment (Installation, Configuration, Integration with other components) on Cloud environment based on underlying Application Architecture Experience in Disaster Recovery setup Administration, Maintenance and support of the Application instances on Reference, Validation and Customer environments Identify any known incident resolutions using a knowledge management system Apply identified resolutions to the incident and interact with the customer to ensure the incident has been properly resolved Antivirus - Symantec (Installation, updates and remediation's of antivirus client for servers and computers Off-shift support for machine moves quarterly maintenance Deployment of physical and virtual server deployment, troubleshooting and maintenance Ability to learn security software programs (I.E. C-cure9000, Milestone, Genetec) Strong technical skills in the domain of Windows Server 2008/2012, Microsoft Hyper-V and SCCM/SCOM/SCVMM is essential Basic MS SQL database and scripting skills is an asset Basic MS SQL database and scripting skills is an asset HIRING SALARY RANGE: $85,000 - $106,000 Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** #LI - AD2 #LI - DS1 Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.

A leading educational institution in Chicago is looking for an experienced Information Security Manager to develop and maintain its cybersecurity program. This role involves overseeing security operations, ensuring compliance with regulations, and promoting cybersecurity awareness. The ideal candidate should have a Bachelor's degree in Cybersecurity and at least five years of experience in IT security operations. This full-time position offers a comprehensive benefits package and requires 24/7 on-call availability. #J-18808-Ljbffr