Information security analyst jobs in Rockford, IL - 400 jobs

Senior Physical Security Consultant Chicago, IL. WEC Energy Group is one of the nation's largest electric generation and distribution and natural gas delivery holding companies serving 4.7 million customers across the Midwest. We are committed to providing clean, reliable, and affordable energy in an environmentally sustainable manner. Customers are the heart of our business, and we work every day to help grow and support communities where we provide vital energy services. As a Fortune 500 company, we value and develop our employees who are making a difference in a mission that matters. We don't just offer a job; we provide fulfilling careers where safety and well-being are paramount. Join our team and experience first‑hand our commitment to your success. We offer competitive pay and benefits to recognize your hard work and dedication. If you're talented, energetic and ready for a career with a future, we want you on our team. We are powered by a diverse and inclusive workforce fueled by the pride in what we do. If you're driven by the passion to change lives, this is the place for you. WBS, a subsidiary of WEC Energy Group, is seeking a Senior Physical Security Consultant in our Chicago, Illinois location. Job Summary The Physical Security Consultant (Senior) is responsible for identifying security gaps, concerns, threats, and/or risks and follow internal procedures and protocol to elevate or resolve issues as appropriate, such as conducting investigations or sharing threat intelligence with appropriate members of the organization. Specific functional areas include, but are not limited to, enterprise protection, operational integration, intelligence, investigations, situational awareness and security projection. This position is the primary interface for the business and operations to share information and coordinate security‑related activities and requirements. Physical Security Consultants are expected to develop and maintain relationships with key internal and external stakeholders such as contract security personnel, local law enforcement, and internal business areas who work closely with security. Job Responsibilities Provides security protection services, consulting services and advisory support to the business and operations to reduce risks, maximize workforce safety, and protect property Leads investigations in close support and coordination with cybersecurity, HR, ethics, and/or external law enforcement as appropriate Follows policy and procedures to elevate security matters, file reports, collect evidence, and maintain relevant databases or information in security systems Executes company policies and procedures for the physical security program aligned with the overarching enterprise security model and best practice standards and ensure compliance with applicable industry standards and regulations (e.g. NERC CIP, TSA) Provides work direction, site training, policy and process training, and maintains relationships with contract security personnel Maintains an understanding of the application of security technology to the company's processes to mitigate risk Develops and maintains relationships and represents the company with local law enforcement, other security‑related external agency stakeholders and the broader intelligence community Responds to crises or urgent situations to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property and operational assets Participates in internal and external emergency response and business continuity planning exercises Analyzes intelligence to identify trends and determine risks Foster a culture that promotes security as an integral part of safety. Maintains key performance and process metrics to evaluate the efficiency and effectiveness of processes, procedures, and systems The Senior Physical Security Consultant performs all duties of a Physical Security Consultant, usually in a lead role Minimum Qualifications Physical Security Consultant - Minimum 2- 4 years of physical security work experience in law enforcement, investigations or intelligence in a civilian or military organization required. Senior Physical Security Consultant - Minimum 4 -7 years of physical security work experience in law enforcement, investigations or intelligence in a civilian or military organization required. Preferred experience with or understanding of nation state threats to critical infrastructure. It requires some out-of-state travel and is subject to 24 hour call out. Preferred Qualifications A Bachelor's degree in Criminal Justice, Police Science, Security Management or Business Administration is preferred. A combination of associate degree, military, law enforcement or professional physical security experience and physical security certification (CPP, PSP) or certificates (enterprise security risk management, security risk assessment, workplace violence prevention, executive protection, etc) will be considered Preferred experience with or understanding of nation state threats to critical infrastructure Project and Contract Management experience (Threat Assessments, CCTV System Installation, etc.) Familiarity with the City of Chicago Neighborhoods and Streets, in addition to the Urban areas #J-18808-Ljbffr

Empowered to live. Inspired to work. Compeer Financial is a member-owned cooperative located in Illinois, Minnesota and Wisconsin. We bring together team members with a variety of backgrounds and experiences to help provide financial services to support agriculture and rural communities. Join us in a culture that not only promotes meaningful work and professional development, but provides a flexible, hybrid work environment and excellent benefits, which empower you to thrive both personally and professionally. How we support you: Hybrid model - up to 50% work from home Flexible schedules including ample flexibility in the summer months Up to 9% towards 401k (3% fixed Compeer contribution plus up to 6% match) Benefits: medical, dental, vision, HSA/FSA, life & AD&D insurance, short-term and long-term disability, wellness program & EAP Vacation, sick leave, holidays/floating holidays, parental leave, and volunteer paid time off Learning and development programs Mentorship programs Cross-functional committee opportunities (i.e. Inclusion Council, emerging professional groups, etc.) Professional membership/certification reimbursement and more! Casual/seasonal & intern team members are not eligible for benefits except for state-mandated programs. To learn more about Compeer Financial visit************************ Where you will work: This position offers a hybrid work option up to 50% remote and is based out of any of Compeer's office locations. The contributions you will make: This position creates, implements and maintains corporate-wide security programs that assist in improving overall security posture of the organization. Provides guidance, assurance and information protection to maintain the confidentiality, integrity, and availability of Compeer critical resources. Contributes knowledge and expertise to ensure that information assets are protected and secure. In this position, you will guide solutions to promote secure business-to-business initiatives, third-part relationships, outsourced solutions and vendors. Provides mentorship and guidance to less experienced team members. A typical day: Remains current with new security threats and assess systems and solutions to ensure they can defend the business. Researches capabilities of current and new disruptive solutions on the market and makes recommendations to security group on a consistent basis. Develops security team standards, policies, procedures and processes. Support and provide direction for use of technical systems, monitors for unusual and suspicious activity across a wide range of products, data centers, and cloud systems. Partners with Business Technology on security configuration standards for systems and business applications. Participates in technical and non-technical projects requiring information security oversight and to ensure policies and procedures are met. Provides cybersecurity guidance to leadership. Ensures that cybersecurity-enabled products or other compensating security control technologies or processes reduce identified risk to an acceptable level. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Implements security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed. Analyzes and reports system security posture trends. Analyzes cyber defense policies and configurations and evaluates compliance with regulations and organizational directives. Prepares audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions. Leads the Incident Response Team during activations for security or operational events. Coordinates, leads and conducts adversary simulation, hunt teaming, assumed breaches and whitebox penetration tests. Develops and executes attack plans, scripts, tools and methodologies to strengthen the offensive operations. Plans and coordinates the delivery of classroom techniques and formats (e.g., lectures, demonstrations, interactive exercises, and multimedia presentations) for the most effective learning environment. The skills and experience we prefer you have: Bachelor's degree in security management, cybersecurity, computer science, management information systems, or business with technical training in networking, technical support or security or an equivalent combination of education and experience sufficient to perform the essential functions of the job. Expert-level experience in physical asset security, information technology, risk management, security services, or infrastructure technology. CISSP certification preferred. Ability to adapt and stay a step ahead of cyber attackers and stay up to date on the latest attack methods. Expert experience driving measurable improvement in monitoring and response capabilities at scale. Expert ability to identify and resolve problems, utilizing strong analytical skills. Advanced experience in cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private and hybrid environments. Expert knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to endpoint detection and response (EDR), threat intelligence platforms, data loss prevention (DLP), security automation and orchestration, deception technologies, application controls, and other network and system monitoring tools. Experience with purple teaming (red and blue) to train, identify and remediate issues cohesively. Advanced experience with Amazon Web Services (AWS) or Microsoft Azure. Expert experience conducting risk analysis to protect the business and adhere with compliance requirements and privacy laws. Expert experience with vulnerability and penetration testing engagements. Advanced knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Expert knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities. Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain. Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media. Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects. How we will take care of you: Our job titles may span more than one career level (associate, senior, principal, etc.). The actual title and base pay offered is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role is eligible for variable compensation and other benefits. Base Pay$103,100-$156,400 USD Compeer Financial is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Must be authorized to work for any employer in the United States. Compeer is unable to sponsor or take over sponsorship of an employment visa at this time. Click here to view federal employment laws applicable for applicants.

Overview We are seeking a Microsoft Purview & O365 Security Engineer to support the rollout and enablement of Microsoft Purview and related security and compliance controls within the Microsoft 365 E5 environment. This role will act as the subject matter expert for Purview on a team with no existing Purview experience, helping to define guardrails, enable controls, and establish a roadmap for secure adoption. The product team is rolling out the platform, the team owns enablement, and this role will partner closely with multiple groups to assess the current state, identify gaps, and define where the organization needs to go. Key Responsibilities * Lead the assessment, configuration, and enablement of *Microsoft Purview* across the O365 environment * Implement and advise on *DLP classification and labeling*, including *auto-labeling capabilities available with E5 licensing* * *Support and configure Purview data protection and compliance features*, including chat and prompt protections * Guide *O365 security controls*, guardrails, and best practices to ensure secure platform adoption * Partner with the team and other stakeholders to: * Assess what security and compliance controls are currently in place * Identify gaps and risks * Define a clear *security and compliance roadmap* * Serve as a hands-on Purview SME and help *educate and upskill the broader team* on Purview capabilities * Support *Windows Defender / Microsoft Defender* integrations and security posture improvements * Contribute from an *insider risk and digital forensics* perspective, where applicable * Conduct research and analysis to support security design decisions and future-state planning * Provide visibility and insight using tools such as *Splunk* (experience preferred) Required Skills * Microsoft Purview * Windows Defender / Microsoft Defender * Data Loss Prevention (DLP) * Office 365 / Microsoft 365 * E5 licensing and capabilities Preferred / Nice-to-Have Skills * Splunk * Insider Risk Management * Digital Forensics * General security * Compliance frameworks knowledge (e.g., NIST) * Experience working in environments with limited existing Purview maturity Qualifications * Hands-on experience securing O365 environments using Microsoft security and compliance tools * Strong understanding of DLP, sensitivity labeling, and data protection strategies * Ability to work independently, "hit the ground running," and take ownership of a new platform * Comfortable partnering across product, enablement, and security teams * Strong communication skills with the ability to explain technical controls to non-experts *Job Type & Location*This is a Contract position based out of Milwaukee, WI. *Pay and Benefits*The pay range for this position is $40.00 - $55.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) *Workplace Type*This is a hybrid position in Milwaukee,WI. *Application Deadline*This position is anticipated to close on Jan 20, 2026. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

At TruStage, we're on a mission to make a brighter financial future accessible to everyone. We put people first, and work hand in hand with employees and customers to create a diverse and inclusive environment. Passionate about building insurance and financial services solutions, we push the boundaries of what's possible. We need you to help us shape what's next. You'll be encouraged to share your experiences, ideas and skills to help others take control of their financial future. Join a team that has received numerous awards for being a top place to work: TruStage awards and recognition Job Summary Under the guidance of Information Security leadership, the Information Security Analyst supports TruStage's cybersecurity program by delivering integrated threat intelligence and digital forensic services. This hands-on role is responsible for reviewing and analyzing incoming threat intelligence to assess risk and potential impact to the organization, applying best practices to inform proactive defense strategies. The analyst plays a critical role in the incident response lifecycle by investigating escalated threats-such as malware infections, phishing attempts, or unauthorized access-through structured processes that include detection, containment, eradication, recovery, and root cause analysis. Responsibilities also include conducting forensic investigations, performing advanced data collections, and executing eDiscovery requests. The analyst may be called upon to support investigations led by Legal, Human Resources, or other internal stakeholders, ensuring evidence integrity and alignment with regulatory and organizational standards. The ideal candidate will have experience using tools such as Magnet Forensics Axiom Cyber, Splunk, Microsoft Defender, and the MITRE ATT&CK framework to detect, investigate, and respond to complex security incidents. This role requires a strong analytical mindset, attention to detail, and the ability to work collaboratively across teams to enhance the organization's security posture. Excellent verbal and written communication skills are essential, as the analyst will be expected to clearly document findings, articulate technical concepts to non-technical stakeholders, and contribute to incident reports, threat briefings, and cross-functional discussions. Job Responsibilities: * Support Information Security Leadership regarding all aspects of the information security program, with minimal supervision. Responsibilities include facilitating the identification of risks throughout the organization, developing, reporting and monitoring formats on risk management issues and developing methodologies for the assessment of risks throughout the organization. * Continuously monitor the internal and external landscape for relevant events, risks, and threats related to malicious code, vulnerabilities, and potential attacks. * Coordinate and ensure cybersecurity related alerts and incidents are prioritized and responded to at all hours of the day. * Remain current with emerging threats and share knowledge with colleagues to improve incident response processes. * Participate in the creation and execution of tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders. * Review reports from tabletop exercises, vulnerability scans and penetration testing to identify weaknesses or gaps in existing security controls and provide recommendations where appropriate. * Lead coordination, consultation, and assessment efforts to track and remediate events and alerts, directs response to related incidents, internal or external audits, and / or control assessments. * Identify, report, and assist in resolving privacy, compliance or security violations and control gaps. * Lead feedback with other IT teams to protect data from compliance, privacy or security compromise. * Contribute to the strategic direction of the Information Security team to develop new capabilities, process efficiencies and goals. * Participate in the development, review, ongoing maintenance and development of security policies, standards, processes, procedures and requirements to facilitate the establishment of common administrative controls for the delivery of security capabilities. * Security Awareness: Develop content for organization wide and targeted security awareness training. Present relevant information security topics through a variety of forums depending on the audience. * The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time. The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time. Job Requirements: * Bachelor's degree in computer science, information systems or related field, or equivalent combination of education and/or related professional work experience. * 5 or more years of demonstrated proficiency with an information security audit, assessment, engineering or architecture focus or comparable, professional experience. * Proven ability to clearly and effectively communicate business and technical information, both verbally and in writing. * Aptitude for speaking or communicating to varied groups of business and technical professionals. * Experience in presenting technical material to a nontechnical audience and to senior management. * Established skills and experience in the development of security policies, standards or other governance practices. * Demonstrated relationship management and consulting skills, including ability to effectively influence and negotiate. * Proven ability to provide high quality customer service. * Financial Services industry experience strongly preferred. * Experience with law enforcement preferred * Experience with forensics preferred #LI-SW If you're ready to help make a difference, apply today. A resume is required to apply. TruStage may process applicant information using an Artificial Intelligence (AI) tool. This tool automatically generates a screening score based on how well applicant information matches the requirements and qualifications for the position. TruStage recruiters use the screening score as a guide to further evaluate candidates; the score is one component of an application review and does not automatically determine whether a candidate moves forward. Candidates may choose to opt out of this process. Compensation may vary based on the job level, your geographic work location, position incentive plan and exemption status. Base Salary Range: $97,800.00 - $146,800.00 At TruStage, we believe a sound, inclusive benefits program is of vital importance, along with a flexible workplace that allows for work-life balance, career growth and retirement assistance. In addition to your base pay, your position may be eligible for an annual incentive (bonus) plan. Additional benefits available to eligible employees include medical, dental, vision, employee assistance program, life insurance, disability plans, parental leave, paid time off, 401k, and tuition reimbursement, just to name a few. Beyond pay and benefits, we also recognize that flexibility, including working in a place you prefer, is essential to caring for our employees. We will continue to strive to offer flexibility and invest in technology and other tools that will make hybrid working normal rather than an exception, so that when "life happens," you can focus on what's most important. Accommodation request TruStage is a place where everyone can bring their best self and thrive. If you need application or interview process accommodations, please contact the accessibility department.

Role -Business Analyst/ Information Security Governance Analyst Project Overview: We are seeking an analyst with experience in governance of security products, authentication, authorization, and access management with business analysis background. These resources will support the SaaS initiatives Contractor's Role: As a member of Governance team you will play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .Net etc. Experience level: Level 3 Qualifications - Bachelor's degree in computer science, audit or a related discipline and experience in information security, or an equivalent combination of education and work experience. - Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. - 5 -6 years of experience in the Information Security or Audit role. - Strong collaboration skills and a analytical ability - Knowledge of SOX methodology implementation for applications & Internal & External Audit executions Requirements Nice to Haves: - Knowledge on Obsidian Remediation Tasks & Responsibilities - Drive governance and risk framework around applications using authentication and authorization - Define and respond to risks surrounding the business functions and the security capabilities - Define and respond to audits from internal and external parties - Knowledge of control execution and design - Collect and maintain evidence of control testing - Collect and maintain evidence of application attestation to standards

Vedder Price's Chicago office is seeking an Information Security Analyst. The Information Security Analyst is primarily responsible for maintaining technologies to ensure the security of the firm's systems. Thorough understanding on both product based solutions and fundamental security best practices are vital to this role. The Information Security Analyst will collaborate with other Engineers and SMEs, to apply and support best practices for information and cyber security, system building, change management, account management, documentation, and user experience management. As the Information Security Analyst, your job duties will include but not be limited to: Serve as a technical resource at the firm for information security issues. Collaborate with other staff in the Technology Department to ensure that security standards are developed and enforced in the course of implementing or upgrading firm technology, educating others on security best practices. Administration, troubleshooting and resolving issues with security infrastructure on Vedder Price's network, including the following: SASE (Secure Access Service Edge) firewalls Intrusion detection and prevention Vulnerability management Identity Management Microsoft Windows systems, Including Defender, Azure and M365 Review of business processes, recommendation and implementation of supportable security changes including any relevant tools to better secure those processes Evaluation of security practices around identity management, remote solutions, including AVD and privileged remote access Participation in incident response plan for vulnerabilities or other security events Investigation of actual and suspected security breaches Ensure consistent security policies are being applied to any hosted or cloud-based services being utilized by the firm Log review and reporting on security devices and identified Windows systems Generating evidence for compliance/audit Working with vendors as necessary to supplement our security capabilities, and recommend their use when appropriate Backup assistance for other Network Operations team members as necessary Assistance with all projects and tasks related to the firm as directed by the Senior Manager Infrastructure & Security and the Information Security Architect Assists the Information System Architect in developing and documenting security standards as needed Skills & Competencies: Expert-level proficiency with key technologies to be supported, including demonstrated willingness and ability to develop expertise in new technologies as needed Demonstrated competence in detecting and eliminating technical issues in complex systems, utilizing monitoring and other analysis tools to ensure optimal system performance Investment in understanding technologies outside of those directly supported by the Analyst, including demonstrated basic awareness of key functionality of systems that interact with or depend upon the systems directly managed by the Analyst Ability to participate in assessing business purpose of managed systems and to recommend operational or efficiency-related improvements Ability to act independently to meet goals and objectives identified by senior management, including the ability to assist in the creation of project plans and manage time effectively High-level involvement in providing optimal performance and responsive support. Works to ensure optimal performance and reliability of systems while also providing mentoring and knowledge transfer to other Engineers and Technical Support Specialists. Acknowledges key role in responding to alerts and assisting Technical Support in analysis and resolution of issues Accepts responsibility for understanding firm Information Security Standards and applying those standards to ensure security of managed systems Effective communication skills, both written and oral. Strong interpersonal skills required to communicate with all other technology team members, members of the firm (users of systems), and clients. Must have customer service attitude and ability to work well with other groups. Superior understanding of the firm's goals and objectives, with demonstrated ability to apply technology in solving business problems Strong organizational skills, capability to schedule and coordinate multiple activities in results-oriented environment. Initiative and ability to enforce policies and procedures through influence Qualifications & Required Experience: Bachelor's Degree in computer related field or equivalent work experience Minimum five (5) years' experience in Information Technology required Experience in the legal industry a plus Must subscribe to being highly available and responsive to occasional after-hours issues, as the firm operates on a 24x7 basis Position also requires the ability to work under pressure to meet strict deadlines Computer Skills: To perform this job successfully, an individual must be proficient in the following software and/or their equivalent: Experience with Microsoft and Azure security tools, Cato Networks, BeyondTrust, Tenable Nessus and Sumo Logic preferred Compensation Range: $95,000/yr. to $110,000/yr At Vedder Price, we believe in recognizing and rewarding our employees' contributions. Our comprehensive Total Rewards Package includes: Competitive Salary: We offer a competitive base salary commensurate with skills and experience. Bonus Program: Discretionary annual bonus program. Retirement Planning: Discretionary profit sharing and 401(k) matching to help you plan for your future. Health and Wellness: Comprehensive health, dental, and vision plans, along with optional health savings and flexible spending accounts, firm-paid Life and Disability benefits, and wellness programs to support your overall well-being. Paid Time Off: Competitive time off package including vacation days, paid holidays, sick time and personal days. Professional Development: Opportunities for continuous learning and career growth through firm provided training programs. Employee Recognition: Anniversary and Vedder Praise Programs to celebrate your achievements and milestones. Work-Life Balance: Hybrid work model and family-friendly policies. Additional Perks: Employee discount program, pre-tax commuter benefits, back up child & elder care, Employee Assistance Program (EAP), fitness center discounts and more. Join Vedder Price and be part of a team that values hard work and dedication! Equal Employment Opportunity Vedder Price P.C. is an equal opportunity employer. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability (where applicant is qualified to perform the essential functions of the job with or without reasonable accommodations), medical condition, protected veteran status, gender identity, genetic information, or any other characteristic protected by federal, state, or local law. We participate in E-verify. Applicants who are interested in applying for a position and require special assistance or an accommodation during the process due to a disability should contact the Vedder Price Recruiting Team at vprecruiting@vedderprice.com.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

The Information Assurance Principal Analyst/Program Lead will provide leadership, oversight, and operational management for the Joint Operation Planning and Execution System (JOPES) and the Transportation Visualizer (TransViz) Functional Management Support contract. This individual will act as the primary liaison between TeAM, government officials, and all contract stakeholders, ensuring the coordination, integration, and execution of all program activities in accordance with DoD and USTRANSCOM expectations. The Information Assurance Principal Analyst/Program Lead will be responsible for meeting all performance, schedule, and quality objectives as outlined in the contract's scope. Mission Objectives - The primary objective of this project is to support the operational effectiveness and mission readiness of the JOPES and TransViz platforms at Scott Air Force Base. As a critical contract team member, the Information Assurance Principal Analyst/Program Lead ensures seamless functional management, stakeholder coordination, and compliance with all contractual and security requirements while facilitating process improvements and the timely delivery of program services. This position supports USTRANSCOM and associated DoD agencies by optimizing system capabilities and user experience in support of national defense objectives. Position Responsibility Summary Serve as the principal point of contact (POC) for all programmatic, technical, and contractual matters, representing TeAM in communications with government officials and stakeholders. Serve as a Liaison for all meetings & events, coordinating & scheduling all course training for teams, and attending reviews of the program. Lead, supervise, and coordinate activities of the project team-overseeing System Administrators and the Database Administrator-to fulfill contract objectives. Ensure timely and accurate reporting of program performance, deliverables, metrics, and compliance with DoD security, safety, and operational requirements. Manage risks, mitigate issues, and implement corrective actions to maintain project schedule and instill quality control. Oversee and ensure workforce compliance with all mandatory security, safety, and DoD-mandated annual training, including but not limited to OPSEC, Antiterrorism Level I, CUI, and Emergency Operations. Develop and implement process improvements, leveraging industry best practices (e.g., ITIL) to enhance JOPES/TransViz functionality and user satisfaction. Foster a culture of open communication and collaboration across stakeholders, promoting continuous improvement in program delivery. Ensure all support activities are conducted on-site in compliance with established guidelines and within the designated geographic radius.

Job Description This is a hybrid position requiring 3 days in office at our Middleton, WI office location. #LI-Hybrid At CapSpecialty, we are a specialty underwriting company being driven by well-informed, entrepreneurial and proactive employees. Come join our exciting company where you can really make an impact, and each individual's unique skills and talents are recognized and valued. You will find an accessible leadership team that welcomes opinions and ideas. We owe much of our success to our collaborative environment and set of three guiding principles rooted in customer-centricity, employee excellence and corporate culture. We offer competitive compensation and benefits packages - including an innovative open vacation plan, generous paid sick and parental leave, fully vested matching 401k, company-paid group term life insurance and short- & long-term disability plans, professional and educational growth opportunities, flexible and casual work environment, and recognition for exceptional performance. Please see our full list of Total Rewards here. CapSpecialty is seeking an Information Security Analyst who will support our organization's cybersecurity operations. The analyst will assist in monitoring systems, investigating alerts, managing access controls, and supporting compliance efforts. This role includes exposure to Identity & Access Management (“IAM”) and other key areas of information security. Duties/Responsibilities: Conduct investigations into and properly document security incidents, including evaluating incident impact and recommending corrective actions to management. Collate security metrics and generate reports from the security systems as needed. Support managing accounts and permissions in IAM systems, including recommending improvements to identity governance where appropriate. Perform tasks as assigned to meet any audit requests. Help maintain IAM documentation and workflows. Help maintain and promote security policies, procedures, and training materials. Oversee assigned components of the security awareness programs, and track employee participation including following up on training completion. This may include reporting compliance metrics to leadership. Manage the physical security program, providing recommendations for updates as needed. Keep up to date and current on security trends. Other related duties and initiatives, as assigned. Supervisory Responsibilities: None. Core Competencies: Proven ability to deal well with ambiguity, prioritize tasks, resolve issues and deliver measurable results in an agile, fast-paced environment. Excellent oral and written communication skills. Ability to manage difficult customer situations, elicit customer feedback, analyze and resolve customer issues. Excellent analytical, problem solving, collaboration and time-management skills. A high level of integrity and commitment to confidentiality. Must be highly self-motivated requiring minimal direction. Have a passion for Information Security and a desire to advance personal growth through continuing professional education, self-study, and pursuit of technical certifications. Education and Experience: Associate's degree in computer science or equivalent. 1+ years of relevant experience in IT with exposure to cybersecurity practices, technologies, and methodologies is preferred. Basic understanding of security principles, threats, and controls is desirable. Familiarity with IAM concepts and tools (i.e. Active Directory, Okta, Azure AD) is a plus but not required. Familiarity with security controls and technologies desired (i.e. firewall, SIEM, DLP, WAF, and IPS.). Physical Demands Prolonged periods of sitting at a desk and working on a computer. May be required to lift up to 15 pounds at times. CapSpecialty is a leading provider of specialty insurance and bonds for small- to mid-sized businesses in the U.S., offering casualty, professional liability, surety and fidelity products in all 50 states and the District of Columbia. By working with select partners through a limited distribution model, CapSpecialty's creative, hard-working team provides personalized service and cultivates mutually successful partnerships to deliver positive results. CapSpecialty is an operating subsidiary of Berkshire Hathaway, and its carriers have an A ("Excellent") rating from A.M. Best, writing both admitted and non-admitted policies. For more information, please visit CapSpecialty.com. Apply today! Equal Employment Opportunity Employer Powered by ExactHire:184950

The Role We're looking for an Information Security Governance, Risk & Compliance Analyst to join our growing Information Security team. This role will be reporting to the Manager of Information Security Governance, Risk & Compliance. Our security team works to create a strong Information Security function within GTI that enables the business to continue its tremendous growth. The Information Security Governance, Risk & Compliance Analyst is responsible for maintaining continuous compliance with security policies, industry laws, and regulations (HIPAA, SOX, NIST, etc.). The candidate must communicate effectively with business partners and team members to help raise the level of security awareness, security compliance, and security risk. The candidate will perform environment-specific risk assessments factoring in both qualitative and quantitative risks and assist with the deployment of various controls based on those assessments. This role will also involve ongoing monitoring and improvement of security governance, ensuring a proactive approach to risk management. The role is based out of our Chicago, office. While the role is primarily remote, you need to live in the Chicagoland area and commute to the office on an as needed basis. Responsibilities Own the relationship working with IT and business stakeholders to perform ongoing internal and vendor risk assessments, providing reporting to stakeholders, and ensuring appropriate action is taken. Update and track KPIs from the Information Security risk register and work with stakeholders on developing Corrective Action Plans to address risks. Provide guidance to newer staff working with internal IT stakeholders for vulnerability management, ensuring vulnerabilities are remediated in accordance with policy and SLAs. Own the process for working with IT and business stakeholders to perform ongoing compliance reviews in line with security policies, information security regulations (HIPAA, SOX/ITGC), and security frameworks (NIST, MITRE, etc.). Assist with ongoing internal operations and tasks, including ITGC security reviews. Spearhead the ongoing internal and external SOX and HIPAA audits and other security audits that are relevant to GTI's business. Provide updates and insight during the development and maintenance of Information Security policies, standards and procedures, aligning with NIST. Lead the identification of security training and awareness initiatives for the organization. Participate in incident response tabletops, business continuity tests, and other compliance activities and exercises. Maintain KPIs and KRIs for Information Security risk & compliance activities. Execute tasks as a member of the Information Security team as assigned by management. Provide mentorship and guidance to Associate Information Security GRC Analysts. Stay up to date on relevant laws and regulations to ensure continuous compliance and audit readiness. Collaborate with the IT and security teams in response to security incidents, ensuring proper documentation and reporting. Qualifications 3+ years of experience with responsibilities relating to security and compliance. Bachelor's degree or higher in Information Security or Information Technology may help you stand out but is not required. Demonstrated work experience can be substituted. Strong written and oral communication skills. Strong conceptual understanding of Information Security theories. Knowledge of network, application, and cloud security controls. Knowledge of regulatory frameworks and compliance standards such as NIST, MITRE, OWASP, HIPAA, PCI-DSS and SOX. Strong analytical and problem-solving skills with well-organized and structured work habits, and the ability to identify and mitigate risks. Security certifications, such as CRISC, CISA are preferred, but not required. We're doing some big things, and we'll find some roadblocks along the way, big and small. A big part of this role is keeping an even keel and finding the route through or around the obstacles. This role requires lots of communication with customers and everyone at GTI. Your colleagues will rely on your ability to translate security requirements into digestible bits of information for them. Customers will expect you to quickly articulate components of the GTI security program to help them assess risk, including as part of the business development process. An insatiable intellectual curiosity and the ability to learn quickly in a complex space. Additional Requirements Must pass any and all required background checks Must be and remain compliant with all legal or company regulations for working in the industry Must be a minimum of 21 years of age #LI-HYBRID The pay range is competitive and based on experience, qualifications, and/or location of the role. Positions may be eligible for a discretionary annual incentive program driven by organization and individual performance. Green Thumb Pay Range$80,000-$100,000 USD

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Job Description Location: 100 Abbott Park Road, Lake County, Abbott Park, IL 60064 Duration: 6+ months (could go beyond) Roles: • Network Directory and Infrastructure Services Administration. • Knowledge of domain administration and troubleshooting, Active Directory, MS FIM, Exchange, MS Office365 and supporting technologies, MS Azure, NPS, Federation and SQL Server administration required. Responsibilities: • Provide technical Level III problem isolation and resolution for a Global Active Directory Network. • Configures and performs advanced diagnostics on infrastructure components and cloud based applications. • Understands and repairs Domain infrastructure including DNS, DHCP, ADLDS, ADFS and FIM Sync. • Understands and can configure/install Win Server 2008r2/2012r2 technologies for domain controllers and Radius Authentication servers. • Repair and recover from hardware or software failures. • Rotate on-call and must be available to work a varied shift schedule in a 7x24 hour operations center environment. • Initiate major outage communication technical bridges as requested. • Apply fix procedures as instructed for repetitive events as instructed and coordinate with impacted constituencies. Competencies: • Superior knowledge of Active Directory overall and its administrative components. • Perform domain administration for 61,000+ workstations including domain controllers, NPS, Win 2003/2008R2/2012 server hardware, dynamic host configuration protocol (DHCP), domain name servers (DNS) configuration integrated with active directory, desktop configuration and end user support. • Candidate will have worked in an AD environment that has done acquisition and divestiture work, Candidate will have worked with products such as ADMT, and ADLDS and the roles they play in M&A activities such as management of active directory structure in creation, administration of organizational units (OU), containers and sub containers throughout the domain from geographic to organizational standards, while setting policies and permissions. • Candidate should have expert knowledge of Federation protocols including OAuth, SAML, WSFed, and a deep understanding of the IDP and SP roles associated with Federation environments. • Candidate will have worked with Office 365 from an Identity standpoint and have an understanding of Azure Active Directory Sync and Identity Federation for Cloud services. • Expertise should include attribute mapping and troubleshooting as well as rule sets associated with AADSync. • Candidate must be able to correctly configure servers and clients for all services. • Can isolate and repair most DNS and IP service problems. • Understands and uses the appropriate tools in all instances during problem isolation and repair. • Possesses an in depth understanding of communications technologies and can isolate and resolve most infrastructure issues. Qualifications • Associates Degree Minimum, prefer Computer Science or technology area or telecommunications science business minor • Three (3) to six (6) months of specialized technical courses in Win and Active Directory technology's typically provided by vendors, technical societies, or equivalent experience. Additional Information To know more about this position, please contact: Himanshu Prajapat ************ **********************************

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Job Title: Cyber Security Analyst Duration: 12 Months Location: Oakbrook Terrace, IL Job Description: Responsible for planning, designing, and implementing a process for cyber security monitoring, incident detection, and incident response. 1-3 yrs of experience and a Bachelor's degree in IT systems or a related discipline. Position Requirements: - Configuration and administration of logging aggregation and security event monitoring tools (like Industrial Defender, Splunk, etc.) - Configuration and maintenance of performance monitoring tools (like Solarwinds, Uptime, CA Spectrum, etc.) o Understands and can configure tools and endpoint systems to use SNMP for monitoring - General IT Support (application patching, client updates, remote access and administration tools) - General Networking knowledge (IP Networking, OSI Stack, etc.) Additional Information Thanks & Regards' ___________________________________________________________________________ Vikram Bhalla | Team Recruitment | Mindlance, Inc. | W: ************ All your information will be kept confidential according to EEO guidelines.

Are you ready to apply cutting-edge technologies to solve real world problems? Do you thrive in an environment where people leverage technology and processes to build innovative and sustainable solutions? You might just be a perfect fit for the CDO team. Since 1995, CDO Technologies has delivered the best solutions for unique business problems in the commercial and federal sectors ranging from Asset Management to IT Services. CDO employees demonstrate integrity, embrace teamwork, and embody a Can Do attitude in the delivery of superior customer service. Position Summary Demonstrated knowledge of system security. Possesses familiarity with cyber threats, malicious cyber threat actor motivations, and working knowledge of threat analysis and enterprise level cyber threat mitigation strategies. Must have networking experience in addition to cyber security. Work is delivered on-site at Scott AFB, IL. Minimum Requirements 8+ Years of experience is required. Experience should include: Network experience with controlled interfaces, routers, switches, firewalls, and access or transfer cross domain solutions Experience with Risk Management and preparing approval documentation for authorization/approval Cybersecurity and Information Assurance documentation and analysis Experience with different domains, security, integration, and interoperability Experience with reviewing engineering data for Joint, DoD, and AF Networks Must possess a DoD 8570.01 Level II Certification (Such as Security+, CAP, or GSLC) Must possess a BA or BS in Computer Science, Electronics Engineering, or other Engineering or Technical Discipline Secret Security Clearance is required. What can a CDO employee expect? At CDO Technologies, we believe in taking care of our employees with a comprehensive benefits package. Our health and welfare benefits include two medical plan options along with a LiveHealth program to see a doctor online anytime day or night. CDO offers dental, vision, and a Flexible Spending Account for medical or childcare. Employees may also enroll in a 401(k) plan with their first paycheck. Full-time employees also receive company paid short and long-term disability and life insurance. We also provide tuition reimbursement, professional development, and certification reimbursements. Finally, CDO also offers employees a generous leave program including paid holidays, vacation, and sick leave. CDO is an equal opportunities employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, or veteran status.

Responsibilities: • Provide leadership to define and implement a risk based strategy and program to manage our digital and information assets and then continuously review and set/update policies to support the program. • Lead the organization in identifying, developing, implementing and maintaining business and technology processes and systems across the organization to reduce information and information technology risks. • Establish appropriate standards and policies, indirectly manage security technologies and direct the establishment and implementation of policies and procedures for recurring and urgent investigations, breaches, and assessments. • Participate in key Operations and Systems operating routines to implement and drive information security risk strategy and business processes. • Work with Client's Infrastructure team to ensure our applications are developed, enhanced and maintained according to the security-based best practices and associated security guidelines. • Collaborate with Infrastructure, Internal IT, and marketing colleagues to help define and ensure Client -wide consistency of security protocols and risk management. • Work with business colleagues to review RFPs, RFIs etc., and provide security and risk-related input into proposals. • Monitor information security trends internal and keep leadership informed about information security-related issues and activities potentially affecting the organization. Qualifications Requirements: • More than 10 years of experience in IT with at least 3 years in a security leadership role in a global organization. • Application Life Cycle management and application development experience in the context of a security framework. • Strong subject matter experience in infrastructure & application security, vulnerability testing and development of a risk appetite. • Risk management experience with proven ability to effectively apply risk principles to challenging business situations. • Superior business acumen, strategic planning skills and experience with an emphasis on visionary innovation and automation. • Demonstrated organizational skills with the ability to identify priorities, drive performance, and execute plans on schedule. • Excellent written and verbal communication skills, as well as effective presentation and persuasion capabilities, and management presence that elicits confidence and credibility. • Resourceful, flexible, and open to new ways of thinking, with the ability to drive change. • BS Degree in related field or equivalent experience • Security certifications strongly desired • Ability to work nonstandard hours including nights, weekends and holidays • Domestic as well as International travel will be required Additional Information TItle:Security Manager / Director keyworkds: Security

blue Stone Executive Search has been retained by our client, a multi billion dollar global organization, a world leader in their vertical, with a dedication to cutting-edge technology and work/family balance, to search for a motivated and energetic IT Leader to direct and manage their Information Security objectives on a company-wide basis. Job Description As the Manager of Information Security, you will be responsible for the development and execution of a comprehensive company wide information security strategy. The Information Security Manager will build and work with appropriate internal staff to deploy an information security awareness program to support compliance with information security policy, standards, procedures, and best practices. The Information Security Manager will develop needed security policies while working with appropriate HR and Legal teams on final version approval and distribution. You will also be expected to participate in information security response and provide audit/compliance and forensic activities for the company, as needed. As the Information Security Manager, you will implement proactive processes and technologies to monitor the company internal and external network environment for potential threats with appropriate response processes. You will also evaluate new technology that the company would use in execution of the information security strategy using both quantitative and qualitative methods. The Information Security Manager will also help to create a policy for the company and design and implement necessary tools to protect company data on employee owned devices. Qualifications Experience and familiarity with control and security frameworks such as COSO, COBiT, and ISO Candidate has one or more current CISSP, CISM, CISA certifications Two to five years security leadership experience required Bachelor's degree in related field preferred Solid understanding of information technology and information security including; firewalls, VPN's, penetration testing and other security devices with an emphasis on network security Experience with management and administration with firewall technologies from Cisco and other firewall manufacturers Knowledge in developing and socializing security policies and processes Demonstrated ability to create information security strategy and execution plans Knowledge of intrusion detection and prevention solutions and experience implementing them in a corporate environment Excellent interpersonal skills with the ability to communicate with technical and non-technical contacts Must be highly organized and detail oriented Exceptional analytical and problem solving skills Excellent written and verbal communication skills Ability to manage multiple priorities to deliver results Additional InformationblueStone Executive Search successfully finds and secures the top talent within targeted industries. As executive search professionals, the advice we impart and the solutions we provide can have a significant impact on the businesses, careers and lives of others. We recognize these responsibilities and take them seriously. We value long-term relationships above short-term gain. We are continually seeking exceptional talent with the highest standards of professionalism. E-mail resumes to [email protected] and phone ************.

We are seeking an experienced Quality Assurance Analyst to test updates to our client's website and other interactive deliverables. Primary responsibilities include executing test plans, updating test reports, writing bug defects, verifying fixes, and testing pages and emails on supported environments. Job Description Interview mode: Phone and Skype (On site interview may be required) We can submit C2C consultants JD: OBJECTIVES: • Reports to the Head of Security Strategy & Architecture • Provides leadership and guidance to the regional IT organization on cyber and information security and risk management activities, education, and solutions • Contributes to defining global security strategy and architecture processes • Defines and establishes regional security processes based on global security strategy and architecture, with a focus on practices for Vulnerability Management, Systems Development Lifecycle, Information Security Processes including risk based Architecture design. • Directs a regional approach for the implementation of global IT security standards and methodologies • Provides input to global security operations such as incident response, monitoring, trend identification, and security posture and remediation ACCOUNTABILITIES: • Reports to the Head of Security Strategy & Architecture on plans and status of relevant projects, including the regional security strategy and implementation initiatives • Contributes to the design, development, and deployment of global security strategy and architecture concepts • Cooperates with regional teams in understanding global security strategy and architecture requirements • Conducts periodic review of security-related SDLC processes and stage gates • Incorporates cyber security and IT risk management into regional activities • Be the subject matter expert in security and assessments, including vulnerability management processes, vendor security reviews, penetration testing, and application security • Conducts follow-ups on any identified corrective actions • Functions as an advisor to system owners, security program managers and others in all matter (technical and otherwise) involving IT security and continuity • Directs or delegates level 3 support services for the region • Manages the relationship between IT security and regional business executives and business managers • Provides recommendations in planning of programs and projects in the area of cyber security • Reviews and manages budget and reports financial and event status to Head of Security Strategy & Architecture EDUCATION, BEHAVIOURAL COMPETENCIES AND SKILLS: Required: • Bachelor's Degree (business administration, risk management, information security, Management Information Systems (MIS), Computer Science or related IT field) or high school degree • 7+ years IT experience • 5+ years of work experience in developing, implementing and managing security solutions • 3+ years of work experience in designing and architecture security strategy and solutions • Demonstrated leadership role in working with C-Suite executives and the Board • Experience with implementing and operating security programs in a global environment, with a focus in Germany and European countries • Hands-on experience with the development of security strategy and frameworks, architectural methodologies, and service delivery • Project management experience including full lifecycle implementation • Proven ability to analyze a wide variety of data and make calculated, risk-based decisions • Ability to communicate ideas and data both verbally and written in a persuasive and appropriate manner • Ability to assess strengths and weaknesses of staff members and provide suggestions for improvement • Ability to write and speak in the English language Desired: • In-depth pharmaceutical industry and drug development experience • Experience with validated systems LICENSES/CERTIFICATIONS: • Information security certification (CISSP, CISM, CISA, GIAC, CEH, CCSK) TRAVEL REQUIREMENTS: • Access to transportation to attend meetings • Ability to fly to meetings regionally and globally • Willingness to travel up to 25-50%. Location: Deerfield, IL. Duration: 1 Year+ Additional Information All your information will be kept confidential according to EEO guidelines. Please call @ ************ Ext 183

About Rethink First Rethink First is a leading behavioral health technology company working to make mental wellness, education, and support accessible and scalable. Through our suite of cloud-based platforms-including RethinkEd, RethinkCare, and RethinkBH-we serve educators, employers, and providers with tools that deliver measurable, inclusive outcomes. We're on a mission to make behavioral health more effective, equitable, and human-and we're looking for a creative visionary to help lead that charge. About the Role We are building a modern, cloud-forward security program grounded in Cyber Resilience, Application Security, and Security Assurance. As our Manager, Information Security, you will be the operational and execution leader for our Security Assurance function while helping shape key processes across SecOps and AppSec. This role is ideal for someone who thrives in a high-growth SaaS environment, collaborates well cross-functionally, and wants to help mature a security program that must support HIPAA, SOC 2 Type II, HITRUST, and a broad healthcare customer base. You will own the day-to-day execution of GRC, Audit Readiness, Evidence Collection, Policy Management, TPRM, and Client Trust-and must have hands-on experience implementing or operating Vanta as a centralized compliance automation platform. You will serve as a multiplier for the Sr Director, creating repeatable processes, driving deadlines, maturing documentation, and ensuring audit-ready control operation across Azure, M365, and our SaaS product ecosystem. Key Responsibilities Security Assurance Leadership (Primary Responsibility - 60%) Lead the end-to-end Security Assurance function across SOC 2, HIPAA, HITRUST, and regulatory frameworks. Act as the program manager for all audits, coordinating with Legal, HR, Engineering, Product, and Infrastructure to maintain year-round audit readiness. Own the implementation, configuration, optimization, and continuous operation of Vanta, including: Control mapping and ownership assignments Evidence collection workflows Vendor risk management modules Client Trust functionality (best answers, trust portal, knowledge base) Build and maintain an audit calendar, evidence repository, and standardized evidence collection playbooks. Drive development and continuous maintenance of security policies, standards, and procedures. Operate the Third-Party Risk Management process, including vendor classification (Tier 1/BAA), questionnaire review, residual risk scoring, and contract security review. Respond to customer security questionnaires, RFPs, and client audit requests with clarity, accuracy, and speed. Cyber Resilience & SecOps Leadership (25%) While not a hands-on SecOps role, you will: Partner with the SecOps Engineers to build daily operational cadence across alerts, incidents, vulnerability management, and hygiene controls. Ensure controls monitored by Tenable, Microsoft Defender, Sentinel, and other platforms produce audit-ready evidence. Help design operational dashboards and KPIs for incident response, vulnerability SLAs, and hygiene metrics. Validate operational controls for compliance frameworks (MFA, SSO, logging, monitoring, access reviews, backups, endpoint security, network protections, etc.). Application Security Collaboration (15%) Work with Engineering, Architecture, and DevOps teams to ensure Product and AppSec controls align with SOC 2 and HITRUST expectations. Contribute to secure SDLC processes, risk assessments for new features, and remediation tracking for vulnerabilities and findings. Validate that security requirements are integrated into CI/CD workflows where appropriate. Required Qualifications 7+ years of progressive experience in Information Security, with at least 3+ years in a governance, compliance, or Security Assurance leadership role. Direct experience implementing or operating Vanta (must be hands-on). Strong experience supporting and maturing SOC 2 Type II, HIPAA Security Rule, and HITRUST programs in a SaaS environment. Deep understanding of Microsoft Azure security architecture, including Entra ID, RBAC, Conditional Access, Defender for Cloud, Sentinel, and workload identities. Clear understanding of audit control design, evidence, and auditor expectations. Experience building vendor risk programs, reviewing DPAs and BAAs, and performing vendor due diligence. Excellent writing skills for policies, procedures, client responses, and audit documentation. Demonstrated ability to lead complex projects with multiple stakeholders and tight deadlines. Strong communication and relationship-building skills across technical and non-technical teams. Preferred Qualifications Experience in healthcare SaaS or other regulated industries. Hands-on experience with: Vanta Vendor Risk + Trust Center Microsoft Purview (DLP, Information Protection) Azure DevOps or GitHub governance Tenable, Defender, or other vulnerability platforms Jira/Confluence Certifications such as CISA, CISSP, HCISPP, HITRUST CCSFP, or similar. Experience working with offshore teams. Benefits: Generous health, dental, & vision benefits package Flexible paid time off 11 paid company holidays 401k + matching Parental leave Access to our award-winning RethinkCare platform supporting neurodiversity in the workplace through parental success, professional resilience, and personal wellbeing. Location: Remote opportunities are available to candidates who reside in the following states: AL, AZ, CT, FL, GA, HI, IA, IL, IN, KY, LA, MD, MA, MI, MN, MO, MT, NC, NE, NH, NJ, NV, OH, OR, PA, RI, TN, TX, VA, WA, WI, WY Our commitment to an inclusive workplace RethinkFirst is an equal opportunity employer and is committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws. Accommodations are available for applicants with disabilities. JazzHR Privacy Policy JazzHR Terms of Use California Privacy Notice #remote

AYR Global IT Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations by providing proven and experienced consultants to our clients. Our competitive, transparent pricing model and industry experience make us a top choice of Global System Integrators and enterprise customers with federal and commercial projects supported nationwide. Job Role: Data and System Security Engineer Location: Lincolnshire, IL Duration: 6+ Months Qualifications Job Description: Data and System Security engineer Experience with data encryption management solutions, such as Vormteric and CloudLink Experience with PKI management solutions, such as ADCS and External providers Investigative and analytical problem solving skills Customer service/support experience Additional Skills:PKI Knowledge of encryption management technologies, such as Vormetric, CloudLink. Additional Information If anyone might be intersted please send resumes to kmarsh@ayrglobal (dot) com or you can reach me direct at **************

SC Data Center, Inc. is an affiliate company of Colony Brands, Inc., which is one of the world's largest and most successful direct marketing catalog and e-Commerce companies. To support our business, we are seeking an IT Security Analyst to promote and execute our information security programs, policies and related regulatory compliance so that we may support and protect our customers, company, and affiliates. We operate with a lean team that necessitates a strong multi-tasking and multi-faceted skillset. If you're an IT professional with experience in both the engineering side and process/procedure development side of security and don't want to be restricted to a niche area - this position should interest you! What You'll Do The IT Security Analyst is a critical member of the IT Security team and works closely with the other members of the team to develop and implement a comprehensive information security program. You'll work across IT to select and deploy technical controls to meet specific security requirements and define processes and standards to ensure that security configurations are maintained. In general, you'll be responsible for defining and promoting the information security policies, processes, and standards by designing technologies in a secure manner, monitoring compliance against company policies, applicable law(s), investigating and reporting of security violations and incidents. You'll report and advise on information security issues to ensure internal security controls are appropriate and operating as intended. You'll analyze information and processes to balance normal vulnerability levels with investment, personnel and end-user capabilities. You'll also be responsible for: • Serving as a subject matter expert to the business and providing security guidance • Partnering with Project Teams to facilitate and implement new systems, policies, and processes • Partnering with Managed service SOC to coordinate centralized logging and identification of security incidents or misconfigured security controls • Coordinating/conducting responses to information security incidents (ability to begin forensic investigation as part of the Incident Response process) • Preparing documentation, business notifications, and security alerts • Daily interaction with our employees while managing security alerts from EDR (Endpoint Detection & Response), SIEM (Security Incident & Event Management), Vulnerability Management, Phishing identification tools, and general service tickets. • Researching, recommending, and developing security and risk mitigation solutions Note: This position is not eligible for Visa Sponsorship.