Information security analyst jobs in Owensboro, KY

In this role, you will work closely with IT teams to secure our applications throughout the development lifecycle. You'll help build a secure-by-design culture, drive security automation, and protect our systems against evolving threats. This position reports to the Manager of Information Security. ESSENTIAL JOB FUNCTIONS: Work with the Information Security Team to improve security for the company by configuring and administering security systems and tools Monitor and respond to security events using SIEM and SOAR tools Investigate security incidents to determine root cause and remediation tactics Help automate security monitoring and remediation processes Prepare and analyze security incident data and metrics for periodic reporting Collaborate on vulnerability management, remediation, and penetration testing efforts Implement and manage SAST, DAST, and Burp Suite across GitHub CI/CD pipelines and development workflows Champion secure coding practices based on OWASP Top 10 and SSDF guidelines Help secure cloud environments (Azure, AWS) and container-based deployments Conduct regular security assessments to ensure alignment with SSDLC standards After-hours configuration changes and on-call support required MINIMUM QUALIFICATIONS: Bachelor's degree in Computer Science, Information Systems (or related degree), or equivalent experience. 3+ years of experience in Application or Information Security Strong understanding of SSDLC, NIST SSDF, and DevSecOps principles. Experience with SAST/DAST tools (e.g., GitHub Advanced Security, BURP). Solid knowledge of OWASP Top 10 and secure coding best practices. Proficiency in GitHub for code review, pipeline security, and automation. Hands-on with scripting (Python, PowerShell, Bash) and API security. Experience in Azure and AWS cloud security, containers, and infrastructure-as-code. Familiarity with SIEM/SOAR platforms and incident response workflows. Experience with Windows, MacOS, and Linux operating systems Proficient in Microsoft Office applications such as Microsoft Outlook, Word, Excel, PowerPoint, and SharePoint ** This is a full-time, W2 position with Hub Group - We are NOT able to provide sponsorship at this time ** Salary: $95,000-150,000/year + bonus eligibility ** This is an estimated range based on the circumstances at the time of posting, however, may change based on a combination of factors, including but not limited to skills, experience, education, market factors, geographical location, budget, and demand** Benefits We offer a comprehensive benefits plan including: Medical Dental Vision Flexible Spending Account (FSA) Employee Assistance Program (EAP) Life & AD&D Insurance Disability Paid Time Off Paid Holidays BEWARE OF FRAUD! Hub Group has become aware of online recruiting related scams in which individuals who are not affiliated with or authorized by Hub Group are using Hub Group's name in fraudulent emails, job postings, or social media messages. In light of these scams, please bear the following in mind Hub Group will never solicit money or credit card information in connection with a Hub Group job application. Hub Group does not communicate with candidates via online chatrooms such as Signal or Discord using email accounts such as Gmail or Hotmail. Hub Group job postings are posted on our career site: ******************************** About Us Hub Group is the premier, customer-centric supply chain company offering comprehensive transportation and logistics management solutions. Keeping our customers' needs in focus, Hub Group designs, continually optimizes and applies industry-leading technology to our customers' supply chains for better service, greater efficiency and total visibility. As an award-winning, publicly traded company (NASDAQ: HUBG) with $4 billion in revenue, our 6,000 employees and drivers across the globe are always in pursuit of "The Way Ahead" - a commitment to service, integrity and innovation. We believe the way you do something is just as important as what you do. For more information, visit ****************

Job Title: Senior Information Security Engineer - AI Primary Location: Rosemont, IL - Hybrid, 3 days onsite Direct Hire TalentFish is casting a line for a Senior Information Security Engineer - AI/Artificial Intelligence. This is a Direct Hire role based in Rosemont, IL with a hybrid schedule (3 days onsite) with our premier client. This is a new, exciting position within an awarded top Chicago employer organization where you'll contribute to the organization's Responsible Artificial Intelligence governance by assessing the security, integrity, and risks associated with the use of AI models and technologies. This role is hands-on and works closely with multi-disciplinary teams to evaluate AI use cases and maintain AI security frameworks and standards. What You Bring to the Role (Ideal Experience) • Bachelor's degree in Computer Science, Mathematics, or related field • 5+ years of total professional experience, including security, data security, or control validation experience • 2-3 years of practical, hands-on experience working with Artificial Intelligence technologies; working directly with AI models or ML systems • Ability to evaluate AI model risks, including bias, data exposure, data leakage, and model poisoning • Data processing or analytics skills are a plus What You'll Do (Skills Used in This Position) • Lead security assessments for AI models, including Large Language Models (LLMs), Natural Language Models (NLMs), and Small Language Models (SLMs) • Participate in review committees to assess AI use cases for value, complexity, feasibility, risk, compliance, and strategic alignment • Review AI architecture and usage within internal and third-party solutions to ensure adherence to AI security frameworks and regulatory requirements • Support development and maintenance of AI security standards, frameworks, and governance models • Provide education on AI security best practices, emerging risks, and mitigation strategies • Perform additional related responsibilities as required Compensation Information The expected salary range for this position is $120,000 - $150,000 per year, depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, 401(k), and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations. This role requires authorization to work in the U.S. without current or future visa sponsorship. All offers are contingent upon the completion of a background check, which may include but is not limited to reference checks, education verification, employment verification, drug testing, criminal records checks, and any required certifications or compliance requirements based on the end client's background check policies and applicable laws. TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening, and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible. At TalentFish we are an Equal Opportunity Employer; we embrace and encourage diversity!

Senior (5 years+ exp) Information Security Engineer (AI) Salary: $120-150K +benefits This position has the opportunity to interface with and have a positive impact on multiple areas of the client's business Must Have Skills 2-3+ yrs of practical hands-on experience with Artificial Intelligence (AI) Total of 5 yrs' experience including security/data security/control validation Data processing skills a plus Bachelor's degree in computer science or mathematics Position Overview The SR Information Security Engineer (AI) reports to the Information Security Director (Security Architecture and Analytics) to support the client's Responsible Artificial Intelligence Alliance (RAIA). The SR Information Security Engineer (AI) position is a hands-on engineering role for someone who likes working in multi-disciplined teams. What You'll Do Lead security assessments within the RAIA for Large Language Models (LLMs), Natural Language Models (NLMs), Small Language Models (SLMs), or other projects under the scope of Artificial Intelligence Participate in the RAIA to review use cases based on value, complexity, feasibility, risks, compliance, and alignment with strategic goals Review AI architectural designs and usage within third-party products for compliance with security best practices, AI security frameworks, and regulatory requirements Participate in the RAIA to build an maintain standards and frameworks for the client to use in order to review use cases and help the business develop use cases Analyze AI models for security risks specific to models such as bias, data exposure, data leakage, and model poisoning Education and awareness of AI security landscape, emerging threats and mitigating controls Peoplelink LLC, a leader in the staffing industry for the past 33 years, continues our vision of ‘linking' communities through employment. TeamSoft's dedication to the safety, health & well-being of our associates, clients and communities remains our #1 priority. TeamSoft is proud to be an EEOE, M/F/D/V, and we are committed to diversity both in practice and spirit at all levels of the organization.

Local candidates only. Resource will work as an Information Security Analyst responsible for auditing and monitoring systems containing confidential information. This position is also responsible for helping the organization manage its risks by monitoring the organization's IT systems for inefficiencies, inaccuracies, mismanagement, etc. Tasks will include assisting with the configuration of data, application, network, and IAAM logs; assisting with log reporting tools; and monitoring systems for security problems. The position participates in all aspects of the technology audit and monitoring including the planning, control analysis, testing, issue development, and reporting phases. This position will also participate in all federal and state audits against DCS technology systems. Employee works in an Information Technology Division of a State Agency, the Department of Child Services (DCS-IT) under the guidance of the Security Manager. The essential functions of this role are as follows: • Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement; • Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment. • Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits. • Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800-53). • Develops Standard Operating Procedures (SOP) for implementing security polices; • Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems; • Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data; • Develops and implements procedures for use of information security management software; • Proposes information security software enhancements; • Performs periodic audits to assure security policies and standards are being followed and are effective. • Develops recommendations for enhancements and generates reports where necessary; • Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security; • Mentors and provides guidance to new or other staff as needed; • Performs related duties as assigned. • Assist on other task as assigned. Thorough knowledge of information security management tools, policies, and standards of information security procedures; • Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy; • Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation; • Familiarity with domain structures, user authentication, and digital signatures; • Ability to develop and maintain information security standards; • Ability to understand and apply complex computer logic to work; • Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management; • Experience in assessing security needs of teams and assist in their security training. • Ability to communicate effectively both orally and in writing; • Ability to be a team member as well as a team leader depending on the situation; • Degree in information security or technology preferred; • Security certification preferred (e.g. CISSP). • Network Admin experience preferred. Supervisory Responsibilities/Direct Reports: This role does not provide direct supervision to direct reports.

Threat and Incident Response Analyst/Security Analyst Duration: 6 month contract highly likely to extend (I would treat this as a multi-year contract) Job Description: Key Responsibilities: Monitor and analyze security events, incidents, and vulnerabilities to identify potential threats and risks to the organization's IT infrastructure. Respond to security incidents in a timely and effective manner, following the incident response process and procedures. Collect, analyze, and preserve digital evidence related to security incidents. Develop and maintain incident procedures, and playbooks. Develop SIEM searches, alerts, dashboards, and alerts as needed for incident response and security monitoring. Work with the Bank's Managed Security Services Provider as well as Security and IT partners to investigate suspicious and malicious activity. Participate in tabletop exercises, drills, and simulations to test the organization's incident response plans and procedures. Stay up-to-date with the latest security technologies, trends, and threats to recommend best practices and solutions to enhance the organization's security posture. Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. At least three to five years of experience in IT security, with a focus on security operations. Knowledge of security technologies, such as firewalls, intrusion detection and prevention systems, antivirus software, and vulnerability assessment tools. Experience in conducting incident response and investigations particularly in cloud environments such as AWS and Azure. Familiarity with security frameworks, such as NIST, ISO, and CIS. Strong analytical and problem-solving skills. Experience in creating alerts and other content in Splunk or other security tools is a plus. Excellent communication and interpersonal skills. Ability to work independently and as part of a team in a fast-paced, dynamic environment. Relevant certifications, such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH), are preferred. Thanks and Regards, Jeet Kumar Thapa Technical Recruiter Oreva Technologies Inc. P: ************ Ext: 323 E: ******************** L: ******************************************************* A: 1320 Greenway Drive, Suite 460, Irving, TX 75038 W: **********************

Security Engineer - Application Security (Azure Focus) An established global logistics leader is seeking a Security Engineer to join its growing cybersecurity team. This is the second dedicated security hire, reporting directly to the CISO, and will play a key role in advancing the company's security posture across application environments. Day-to-Day: This engineer will own new initiatives from research through implementation, focusing on application security in Azure environments. The role involves incident response, tool deployment, vendor collaboration, policy creation, and hands-on engineering work. You'll partner closely with both technical and non-technical teams to establish security best practices, communicate effectively across departments, and drive adoption of new solutions. The position requires someone who can operate independently, lead projects, and contribute strategically to ongoing security improvements. While networking knowledge is helpful, this role is security-focused-ideal for someone with experience in an MSSP or enterprise security environment. What You'll Bring: Application Security expertise with hands-on engineering experience Strong Azure Cloud background Advanced GIAC certifications Excellent communication and collaboration skills Self-driven, proactive approach to problem-solving and project ownership This is not a compliance or analyst position-it's a hands-on, technical engineering role for someone ready to take ownership of the application security landscape and shape the future of security initiatives within a global organization.

About the Company: A Leading Financial Service Client is looking to hire a strong Security Engineer who can lead Red team exercises against a hybrid environment using threat intelligence and the MITRE Telecommunication&CK Framework. Responsibilities: Approx 8 years' experience with industry standard Red Team testing tools (Cobalt Strike, Mythic C2, Rubeus, Bloodhound, Covenant, etc.) or the ability to demonstrate equivalent knowledge. Expert understanding of how an Advanced Persistent Threat could compromise a financial institution without using phishing. Expert understanding of Red Team concepts, tools, and automation strategies. Expert understanding of MITRE Telecommunication&CK framework tactics, techniques, and procedures. Expert understanding of measuring and rating vulnerabilities based on principal characteristics of a vulnerability. Expert understanding of Windows and Linux system hardening concepts and techniques.

Qualifications/ What you bring (Must Haves): · Bachelor's degree in mechanical, electrical, industrial engineering or Associate's Degree in Technical field with equivalent work experience [5 years] · Ability to work weekends, holidays, and across multiple shifts to support tooling modification and installation projects · Abilities & willingness to work 25% overtime, including 12-hours shifts, weekend work and shutdown/ holiday support. · Ability to work flexible shifts as needed to support project work · Ability & willingness to travel 50%, domestically and internationally · Ability to travel domestically and internationally · 10 Years Experience with Information Systems - Data Collection [QIS, EDC, MDT] · 10 Years Experience with Andon / Line Control - Production Line control, Indication of status, Collection of Downtime events, Event Communication - Reporting, Visualization, Callout · 10 Years Experience with Production Equipment procurement, installation and/or confirmation · 10 Years Experience with PLC Programming - Toyopuc, Omron, Seimens · Proficiency with MS Office - Excel, PowerPoint, Word, TEAMs. Bonus if you have (Preferred): · 10 Years Experience with Toyopuc PLC programming. · 10 Year Experience with Assembly, Body, or Powertrain Information Systems. · 10 Year Experience with Assembly, Body or Powertrain Quality Information System and Traceability · 10 Years Experience with Oracle / SQL Server database operation. · 10 Years Experience with Field Network usage, such as Ethernet IP [EIP], FLnet, TCP/IP. · 10 Years Experience with Wireless Network usage and Equipment Integration. · 10 Years Experience with serial protocol usage. · Experience with C++, C#, Java, HTML or Python. OSHA 10 certification.

***Hybrid, 3 days onsite, 2 days remote*** ***We are unable to sponsor as this is a permanent full-time role*** Responsibilities: Provide 24x7 operational support for the suite of privileged management solutions (e.g., CyberArk, Hashi, PKI), including implementing hot fixes, resolving bugs, troubleshooting issues, performing break-fixes, managing secrets lifecycle, and delivering end-user support. Maintain robust operational integrity of privileged access management infrastructure throughout its lifecycle (e.g., patching, version control, system upgrades, alignment with Security standards, etc.). Provide organizational subject matter expert on secrets management and privileged access management architecture, establishing and enforcing security as code principles throughout the environment. Develop and implement system enhancements to improve platform user experience and automated integrations, while designing long-term solutions to address operational issues through innovative technologies including artificial intelligence for faster detection and remediation of functional and technical problems. Qualifications: Experience in one or more of the following disciplines: security operations, development, engineering, or architecture Experience supporting privileged access management and access controls programs. Professional or personal experience using AI coding agents such as OpenAI Codex, Claude Code, or Gemini CLI. Expertise in providing operational and engineering support for one or more of the following: CyberArk, HashiCorp Vault, Active Directory Certificate Services (ADCS), HSMs, and Public Key Infrastructure (PKI). Expertise in scripting languages and developing in one or more of the following languages GoLang, Bash, Python, PowerShell, Ansible, and/or Terraform. Knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation. Knowledge of application authentication and authorization systems (i.e., Active Directory, oAuth 2.0, OIDC, AWS IAM, App Role, k8s, LDAPS, Kerberos, Certificate) Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines.

Systems Engineer IV Scott AFB, IL, USA Full-time FLSA Status: Exempt Clearance Requirement: Secret Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description Overview SOS International LLC is seeking a [TITLE] to join our team in [work location]. A Systems Engineer is responsible for designing, implementing, and maintaining the systems and infrastructure necessary to support the technical operations of an organization. This role involves an in-depth understanding of both hardware and software components, as well as the ability to troubleshoot complex issues and provide innovative solutions. Essential Duties Perform technical engineering evaluations and assessments of high-risk Cross Domain Solutions (CDS) to determine the suitability and compliance of its components with Joint, DOD, and AF policies, and configuration and security guides. Determine the suitability of the CDS components and/or systems in relation to installation, modification, relocation, and/or removal. Conduct CDS technical engineering evaluations and assessments based on the Risk Decision Authority Criteria (RDAC) developed by the National Security Agency (NSA) for CDS hardware, software, firmware, and systems comprised of those components. Derive transfer processing threat, identity threat, policy threat and corresponding policy by-pass threat, and site mitigation risk ratings with sufficient justification to receive approval/authorization from CDS forums including: National Security Agency (NSA), Connection Approval Office (CAO), DoD Information Security Risk Management Committee (DoD ISRMC), Cross Domain Technical Advisory Board (CDTAB), National Cross Domain Strategy and Management Office (NCDSMO) Defense Security / Cybersecurity Accreditation Working Group (DSAWG) community. Accomplish documentation detailing the transfer processing risk introduced by a CDS to include measures taken to protect the confidentiality, availability, and integrity of information before and after it transits the CDS as well as data at rest. Identify and provide mitigation recommendations in the environment in which the CDS will operate Interpret scan and test results and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs). Recommend risk mitigations to ensure CDSs meet an acceptable level of risk for issuance of an Authority to Operate (ATO). Conduct extensive reviews of technical documentation including CDS Appendices, CDS Validation Approval Requests, system topologies, Lab-Based Security Assessments (LBSA) and Site-Based Security Assessments (SBSA) plans and reports. Assess authenticator management, intrusion management, partner identity management, location security, and technology and data risk mitigations. Perform engineering studies in support of complex mission critical CDS systems and deliver draft technical documents, reports, briefings, and other correspondence to the government. Coordinate with Authorizing Officials (AOs), PMOs, user reps, and system owners to maintain Risk Management Framework (RMF) packages, conduct risk and vulnerability assessments, provide support to the CDS approval processes, and perform other IA support duties. Develop and submit recommended policy directives, instructions, manuals, standards, strategies, visions, mission statements, goals and objectives as they apply to CDS. Provide ad hoc reports and briefings with information such as metrics, meeting minutes, inputs for Joint Approval Boards, and updated status of operational CDSs. Travel Requirements: Travel between Scott AFB, IL and other CONUS/OCONUS locations may be required under this task order. Qualifications Essential Requirements Bachelor's degree in Communications or Security is mandatory. Active SECRET security clearance is a non-negotiable prerequisite. Minimum of four years of relevant professional experience is required. Demonstrated proficiency in National, DoD, and AF Information Assurance (IA) policies, procedures, and objectives is essential. DoD 8570.1 IAM Level II certification (CAP, CASP+CE, CISM, CISSP or Associate, GSLC, CCISO) is imperative. Extensive knowledge and experience in Security Engineering, Risk Assessments, and Network Architectures are crucial. Superior analytical and problem-solving capabilities are required, with the ability to diagnose complex technical issues and develop effective solutions. Exceptional verbal and written communication skills are necessary, including the ability to articulate technical concepts to non-technical stakeholders. Proven experience in managing multiple projects simultaneously, demonstrating strong organizational and time management skills. Meticulous attention to detail is critical to ensure the accuracy and reliability of system configurations and documentation. Demonstrated ability to work effectively in a team environment, with strong interpersonal skills and the capacity to establish positive working relationships with colleagues and stakeholders. Adaptability to evolving technologies and organizational needs is essential, along with a commitment to continuous learning and improvement. Comprehensive knowledge of cybersecurity principles and best practices, with the ability to implement and maintain robust security measures. Preferred Qualifications Advanced degrees or certifications in Systems Engineering, Network Engineering, or Cybersecurity will be viewed favorably. Additional Information Work Environment This position requires working in an office environment, with occasional travel to client sites or data centers. May require working outside regular business hours to perform maintenance or respond to emergencies. Ability to lift and move computer hardware and equipment as needed. Working at SOSi All interested individuals will receive consideration and will not be discriminated against for any reason.

Job Description Support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

3M has a long-standing reputation as a company committed to innovation. We provide the freedom to explore and encourage curiosity and creativity. We gain new insight from diverse thinking, and take risks on new ideas. Here, you can apply your talent in bold ways that matter. Job Description: About the Role Join the dynamic and innovative team at 3M Global Technology Center LLP as an Analyst - Security Compliance and take your career to new heights. At 3M, innovation is at the core of everything we do. We empower curiosity, creativity, and bold thinking, while fostering an environment where diverse ideas thrive. By joining our team, you will have the opportunity to work with industry experts and cutting-edge technologies, helping shape a world-class security compliance program. What You'll Do As a key member of the Security Compliance team, reporting to the Team Lead - Security Compliance, you will: * Execute day-to-day cybersecurity risk, compliance, and assurance activities. * Support global cybersecurity certifications including ISO 27001 and ISO 27017, evaluating control effectiveness and reviewing evidence of controls. * Assist in achieving ISO 27001 certification by identifying risks and implementing controls. * Maintain and continuously improve 3M's Information Security Management System (ISMS). * Create, update, and manage ISMS documentation, reports, and audit records. * Act as Subject Matter Expert (SME) for PCI DSS, advising stakeholders, conducting internal assessments, and driving PCI DSS v4.0.1 reviews, gap assessments, and control evaluations. * Provide high-level knowledge support on other frameworks and standards including SOC 2, COBIT, NIST, SWIFT, and GDPR. * Deliver timely written reports, metrics, and updates to cybersecurity management. * Collaborate and communicate effectively across teams and with stakeholders. What We're Looking For * Education: Bachelor's degree with a minimum of 3 years of experience in Information Security, GRC, or related roles. * Certifications (preferred): ISO 27001 Lead Auditor/Implementer, PCI ISA, CISA, CISM, CRISC, CISSP, or equivalent. * Skills & Knowledge: * Strong knowledge of information security risk standards, frameworks, and methodologies. * Experience working with GRC tools such as Archer (or similar). * Excellent written and verbal communication skills. * Ability to manage multiple priorities and adapt to evolving business needs. Learn more about 3M's creative solutions to the world's problems at ********** or on Instagram, Facebook, and LinkedIn @3M. Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement. Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly. 3M Global Terms of Use and Privacy Statement Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms. Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.

Title: Security Operations Center (SOC) - Information Security Analyst Company: Award-Winning, $50B Publicly Traded Company Type: Full-Time Location: Hybrid - Chicagoland Area (Onsite 3-4 Days/Week) Travel: None Job Overview Join an award-winning, publicly traded company and be part of a fast-paced, cutting-edge security team! This newly developed SOC Analyst role offers an exciting and dynamic environment where no two days are the same. You'll have the opportunity to work with leading security tools like Splunk, CrowdStrike, Digital Shadows, and Proofpoint, while collaborating with a skilled and supportive security engineering team. You'll be part of a tight-knit, communicative team that values collaboration, knowledge-sharing, and professional growth. If you thrive in fast-paced security operations and enjoy hands-on problem-solving, this is an excellent opportunity to make an impact. Key Responsibilities: Manage the Phish Alert mailbox. Perform QA on tickets for a service provider. Handle tier 2 escalated inquiries. Support security operations through log aggregation and analysis. Leadership & Team Culture The leadership team is known for holistically supporting its team members, ensuring that growth, learning, and well-being remain top priorities. They provide ongoing career development opportunities, mentorship, and hands-on training to help employees expand their expertise and advance their careers. Beyond technical growth, leadership fosters a culture of inclusivity and collaboration, ensuring that every team member is heard, valued, and supported. Open communication, continuous learning, and a strong sense of community define the workplace, empowering individuals to contribute, innovate, and succeed. Requirements 3+ years of experience in cybersecurity or a related field. Proficiency with at least some of the following tools: CrowdStrike, Proofpoint, Digital Shadows, or Splunk Experience working in a Security Operations Center (SOC) environment is a plus, but not required. Compensation & Benefits Base Salary: $70,000 - $90,000 (dependent on qualifications, skills, and experience). Bonus Eligible. Comprehensive Benefits Package Includes: Medical, Dental, Vision, and Life Insurance Traditional and Roth 401(k) with company match Employee Stock Purchase Plan (ESPP) And much more! Apply Today!

Join American Structurepoint and become part of a team that goes the extra mile for our clients and communities. We live by our values - respect, staff development, results and family. Our team is encouraged to explore new ideas and turn our clients' dreams into reality. With exceptional benefits, training, and mentorship, we pave the way for a rewarding career. Ready for more than just a job? Explore opportunities with us and help improve the quality of life in the communities we serve. Group: Information Technology Position: IT Security Analyst Location: Indianapolis, IN Are you passionate about cybersecurity and ready to protect the digital backbone of an innovative engineering firm? We're looking for a skilled IT Security Analyst to join our team and help secure mission-critical systems, proprietary data, and infrastructure. Join a team where your cybersecurity expertise directly supports groundbreaking engineering projects. Apply now or message us to learn more! Responsibilities • Monitor and analyze network traffic for threats and vulnerabilities • Conduct regular security assessments and penetration testing • Work collaboratively with Infrastructure team to learn and review firewalls, antivirus, and intrusion detection/prevention systems - Maintain Secure by Design Approach • Investigate and respond to security incidents • Continually develop (update) and implement cybersecurity policies and procedures • Collaborate with engineering and IT teams to secure sensitive project data • Stay ahead of emerging threats and technologies • Be passionate about: o Learning new technologies o Working collaboratively in a team atmosphere Qualifications Must-Haves: • Bachelor's degree in Computer Science, Cybersecurity, or related field • 3+ years of experience in IT security roles • Strong knowledge of network protocols, firewalls, and endpoint protection • Experience with SIEM tools - Understand and develop queries and expressions • Basic Understanding of NIST, SOC2, CMMC or similar frameworks • Excellent communication and problem-solving skills • Excellent written and documentation skills Nice-to-Haves: • Certifications: CISSP, CISM, CEH, or Security+ • Experience with cloud security (AWS, Azure) • Scripting knowledge (Python, PowerShell) • Exposure to engineering software platforms (AutoCAD, SolidWorks) • Familiarity with Zero Trust architecture

Resource will work as an Information Security Analyst responsible for auditing and monitoring systems containing confidential information. This position is also responsible for helping the organization manage its risks by monitoring the organization's IT systems for inefficiencies, inaccuracies, mismanagement, etc. Tasks will include assisting with the configuration of data, application, network, and IAAM logs; assisting with log reporting tools; and monitoring systems for security problems. The position participates in all aspects of the technology audit and monitoring including the planning, control analysis, testing, issue development, and reporting phases. This position will also participate in all federal and state audits against DCS technology systems. Employee works in an Information Technology Division of a State Agency, the Department of Child Services (DCS -IT) under the guidance of the Security Manager. The essential functions of this role are as follows: • Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement; • Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment. • Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits. • Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800 -53). • Develops Standard Operating Procedures (SOP) for implementing security polices; • Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems; • Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data; • Develops and implements procedures for use of information security management software; • Proposes information security software enhancements; • Performs periodic audits to assure security policies and standards are being followed and are effective. • Develops recommendations for enhancements and generates reports where necessary; • Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security; • Mentors and provides guidance to new or other staff as needed; • Performs related duties as assigned. • Assist on other task as assigned. Thorough knowledge of information security management tools, policies, and standards of information security procedures; • Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy; • Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation; • Familiarity with domain structures, user authentication, and digital signatures; • Ability to develop and maintain information security standards; • Ability to understand and apply complex computer logic to work; • Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management; • Experience in assessing security needs of teams and assist in their security training. • Ability to communicate effectively both orally and in writing; • Ability to be a team member as well as a team leader depending on the situation; • Degree in information security or technology preferred; • Security certification preferred (e.g. CISSP). • Network Admin experience preferred. Supervisory Responsibilities/Direct Reports: This role does not provide direct supervision to direct reports. Required / Desired Skills Skill Required / Desired Amount of Experience To be effectively with wide range of information technologists, including systems administrators, technical support, application development, end users Required 3 Years Network Admin experience Required 3 Years Security certification (e.g. CISSP, CRISC) Required 3 Years Ability to develop and maintain information security standards; Required 1 Years Ability to understand and apply complex computer logic to work Required 1 Years Degree in information security or technology Required 1 Years Familiar with cybersecurity security framework (e.g. NIST, ISO, SOC 2, CIS, Cobit, etc.) Required Computer security compliance and auditing experience Required IRS, SSA computer security compliance and audit experience Required HIPAA experience Required

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Job Description Location: 100 Abbott Park Road, Lake County, Abbott Park, IL 60064 Duration: 6+ months (could go beyond) Roles: • Network Directory and Infrastructure Services Administration. • Knowledge of domain administration and troubleshooting, Active Directory, MS FIM, Exchange, MS Office365 and supporting technologies, MS Azure, NPS, Federation and SQL Server administration required. Responsibilities: • Provide technical Level III problem isolation and resolution for a Global Active Directory Network. • Configures and performs advanced diagnostics on infrastructure components and cloud based applications. • Understands and repairs Domain infrastructure including DNS, DHCP, ADLDS, ADFS and FIM Sync. • Understands and can configure/install Win Server 2008r2/2012r2 technologies for domain controllers and Radius Authentication servers. • Repair and recover from hardware or software failures. • Rotate on-call and must be available to work a varied shift schedule in a 7x24 hour operations center environment. • Initiate major outage communication technical bridges as requested. • Apply fix procedures as instructed for repetitive events as instructed and coordinate with impacted constituencies. Competencies: • Superior knowledge of Active Directory overall and its administrative components. • Perform domain administration for 61,000+ workstations including domain controllers, NPS, Win 2003/2008R2/2012 server hardware, dynamic host configuration protocol (DHCP), domain name servers (DNS) configuration integrated with active directory, desktop configuration and end user support. • Candidate will have worked in an AD environment that has done acquisition and divestiture work, Candidate will have worked with products such as ADMT, and ADLDS and the roles they play in M&A activities such as management of active directory structure in creation, administration of organizational units (OU), containers and sub containers throughout the domain from geographic to organizational standards, while setting policies and permissions. • Candidate should have expert knowledge of Federation protocols including OAuth, SAML, WSFed, and a deep understanding of the IDP and SP roles associated with Federation environments. • Candidate will have worked with Office 365 from an Identity standpoint and have an understanding of Azure Active Directory Sync and Identity Federation for Cloud services. • Expertise should include attribute mapping and troubleshooting as well as rule sets associated with AADSync. • Candidate must be able to correctly configure servers and clients for all services. • Can isolate and repair most DNS and IP service problems. • Understands and uses the appropriate tools in all instances during problem isolation and repair. • Possesses an in depth understanding of communications technologies and can isolate and resolve most infrastructure issues. Qualifications • Associates Degree Minimum, prefer Computer Science or technology area or telecommunications science business minor • Three (3) to six (6) months of specialized technical courses in Win and Active Directory technology's typically provided by vendors, technical societies, or equivalent experience. Additional Information To know more about this position, please contact: Himanshu Prajapat ************ **********************************

Provide support to the lead security Analyst in the planning and protection of employee computers and data networks. Monitor and track all security training and education. Assist with the scanning for and identification of security configuration management on computers and servers. Assist in the scanning for security breaches and the reporting of anomalies. Required Qualifications: Experience in administrative support & MS Office proficiency Bachelor's degree or 5 years of experience U.S. citizen and MUST possess a current active DoD Secret clearance Possess an understanding of cyber security principles and be able to obtain a security+ certification within 6 months Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. #clearancejobs

Liberty FCU, a full-service credit union, is currently seeking an IT Security Analyst . This is an in-office position and will be stationed at our Main Office located in Evansville, IN. Please note this is a non-remote position. The successful candidate must possess a strong blend of technical and analytical skills centered on protecting an organization's computer networks and data for cyber threats. Bachelor's Degree is preferred. An Associate's degree or certification with comparable experience will also be considered. If interested, please complete an employment application by clicking Apply. Duties and responsibilities include but are not limited to the following: Monitoring and detection: Continuously monitor networks for security breaches, suspicious activity, and potential threats using tools like firewalls and security information and event management (SIEM) systems. Incident response: Investigate security breaches, document findings, assess the damage, and take corrective measures to contain and resolve the incident. Vulnerability management: Assess system vulnerabilities, perform risk assessments and penetration testing, and implement risk mitigation strategies. Security implementation: Install and maintain security software, including firewalls, data encryption programs, and virus protection software. Policy and planning: Develop and enforce security standards, best practices, and disaster recovery plans to safeguard data and ensure business continuity. Research and reporting: Stay current on the latest information technology (IT) security trends and cyber threats, prepare reports on security metrics and breaches, and recommend security enhancements to management. User education: Help train and support other employees in security procedures, software, and best practices to reduce human error. Essential skills and experience: 3+ years of experience in cybersecurity preferred but not required. Preference given to those with security related certifications like Security+, CISSP, CySA+, etc. Experience working with the following cybersecurity tools (Next Generation AV & EDR, Firewalls, VPNs, SIEM platforms, Vulnerability Management systems, Data Classification systems, and Data Loss Prevention systems). Experience working within cybersecurity frameworks (NIST & CIS Controls) and risk analysis preferred. Strong analytical and problem-solving skills to identify and respond to threats. Excellent communication skills to document incidents and educate others. Benefits Paid Holidays Paid Time Off (Vacation, Sick and Personal Days) Medical, Dental and Vision Insurance 401(k) retirement program with matching funds Employer paid Group Term Life Insurance, Short Term and Long Term Disability Insurance Tuition Reimbursement Program Liberty FCU is an Equal Opportunity Employer, Minority/Female/Disability/Protected Veteran.

It's fun to work at a company where people truly BELIEVE in what they're doing! We're committed to bringing passion and customer focus to the business. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration. Job Summary: The IT Risk Analyst is responsible for the identification, evaluation, and assessment of cybersecurity risks affecting United Fidelity Bank, from threats to vulnerabilities and including ongoing reviews and audits of controls. The incumbent will work closely with other functional area subject matter experts (Enterprise Risk Management, Compliance, Audit, and Information Technology) to understand, develop, and maintain United Fidelity Bank's natural, technical, and adversarial risks, their relationships, controls, and mitigation plans. Essential Job Functions include, but are not limited to: Works closely with the IT GRC Manager, IT department stakeholders, and leadership for all duties. Produces articles, case studies, blogs, white papers and presentations on the latest technology and cybersecurity incidents, threats, trends, and techniques for employee consumption. Leverages Threat & Vulnerability Intelligence Sources to identify and evaluate potential Cybersecurity Risks to the Bank. Conducts formal Risk Assessments using CIA / IL and other risk frameworks. Develops Cybersecurity Risk Controls and Mitigation Plans for IT Risks and evaluates their implementation and mapping objectives. Taps industry accepted vulnerability databases cross-referenced with the Bank's systems and assets to create priority plans for the most severe threats. Performs IT Asset Surveys and details Assets within Risk Management Platform. Assists in reviewing, editing, and maintaining existing IT Risk documentation, controls, and mitigations, which can become outdated or factually inaccurate as new technologies emerge. Contribute to internal system and asset Business Impact Analysis (BIA). Drafts Corrective Action Plans and Plans of Action & Milestone for Risk Correction. Communicates and works with Enterprise Risk Management (ERM) for alignment of PSPs (Policies, Standards, and Procedures). Measure risks against the Bank's risk tolerance and review control expirations and compensations. Reviews and audits historical Risk Registers to ascertain the use of Controls. Maintain KRI/KCI dashboards in support of Risk and Steering. Track SLA adherence standards for IT Risk Assessment criticality. Work with auditors and regulators for annual and/or bi-annual risk reviews. Oversee joiner/mover/leaver control health. Participate in Change Advisory as needed. Preform all duties in relation to the Bank Secrecy Act under the guidance of the BSA Officer. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. In accordance with the Americans with Disabilities Act, Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. Skills and Abilities Required to Perform Essential Job Functions: Demonstrable knowledge analyzing threats and vulnerabilities for inherent and residual risk. Working knowledge of regulatory compliance frameworks, e.g., GLBA, FFIEC, or similar. Thorough understanding of technology frameworks, e.g., NIST CSF 2.0, CIS, COBIT or similar. Understanding of the contemporary information security threat landscape and how to protect it via industry best practice policies, standards, and written guidance. Knowledge of cybersecurity EDR tools, risk remediation, and governance processes. General knowledge of security systems, e.g., firewalls, IDS, WAF, NAC, and net communications. Understanding data loss prevention, threat protection, group policy, and anti-malware tools. Knowledge of cloud infrastructure, virtual platforms, encryption technologies, endpoint protection, network systems such as routers, load balancers, mail transport systems and cybersecurity. Clear and concise written and verbal communication skills. Strong presentation skills, especially for business and control narratives and executive reporting. Analytical, multi-tasking, hypothetical modeling, and critical thinking skills. Experience working with cross-functional leaders and stakeholders to devise risk mitigation plans and implement cybersecurity risk controls before evaluating their effectiveness. Proficiency with Microsoft Office Suite (Excel, Outlook, PowerPoint, Teams, SharePoint, and Word). Education, Experience and Qualifications: 4+ years' work experience in cybersecurity, GRC, or IT Risk. Bachelor's degree in a technical or security field, preferred. Experience in using risk management platforms such as Audit Board, preferred. Security (Sec+, CySA+, CISSP, CEH) or GRC (CISA, CRISC, CGRC) certification(s) preferred. Banking industry experience, preferred. Physical Requirements of Essential Job Functions: The associate is frequently required to sit and/or stand, communicate, reach, and manipulate objects, tools or controls that are typical of an office/bank environment. Lifting items weighting up to 10 pounds on a consistent basis. Manual dexterity and coordination are required over 80% of the work period while operating equipment such as computers, phones, calculators, etc. Working Conditions: Typical office environment. Extended viewing of computer screens. Periodic travel between locations may be required. Regular office hours are Monday through Friday from 8 am - 5 pm. At times, working outside of stated regular hours may be required. The above statements are intended to describe the general nature and level of work performed by associates assigned to this position. They are not intended to be an exhaustive list of all responsibilities, duties and skills required of the associate classified as such. Duties and responsibilities may be added or changed as deemed appropriate by management at any time therefore, they could differ from those outlined above. United Fidelity Bank is proud to be an Equal Opportunity/Affirmative Action employer All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, status as a qualified individual with disability, sexual orientation, gender identity or any other characteristic protected by law .