Information security analyst jobs in South Bend, IN - 629 jobs

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation. AtAHEAD, we prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD. We are an equal opportunity employer, and do not discriminate based on an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status, or any other protected characteristic under applicable law, whether actual or perceived. We embraceall candidatesthatwillcontribute to the diversification and enrichment of ideas andperspectives at AHEAD. Senior consultants are experienced experts in information security and/or information security governance or compliance. Successful candidates support the Security Practice in delivery, business development, and practice development. This senior consultant will specifically support the cyber advisory program which seeks to advise clients at various points of maturity and help design and improve their cyber security programs. While each client has a different starting point, most start with common infrastructure hardening and hygiene challenges. This senior consultant will be expected to confidently advise on remediation of discovered vulnerabilities. These vulnerabilities may range from common software vulnerabilities to general architecture concerns. The consultant must leverage previous experience to convey potential impacts and criticality of remediation. The senior consultant is not expected to have knowledge or experience with every vulnerability but must be able to use their knowledge and experience to research potential solutions. Communicating the impact and criticality of vulnerabilities and remediation is a critical part of this role. This requires the consultant to understand the client's environment, concerns, business drivers, and potential impact of remediation efforts. Finally, the consultant must be comfortable in acting as authority on recommendations. The senior consultant is often asked to review and sometimes create common security program documentation such as policies, risk registers, and other assessment documents. The ability to manage small teams is a requirement for success in this role. This program requires frequent evolution as the program must keep pace with changes in technology, techniques, and vulnerabilities. Because of this, this senior security consultant must be flexible, self-motivated, and willing to take on dynamic challenges. Responsibilities Client Delivery Facilitate sessions of strategy, roadmap, design, and planning workshops for service engagements Effectively communicate risk to stakeholders and work to drive security program success Ensure that customer expectations are appropriately set and managed Lead project engagement teams through the delivery of consulting service offerings Understand vulnerabilities and create remediation plans Break down risks or issues into manageable segments, identify the factors that contribute to risk and determine how best to approach the risk Creation and finalization of project deliverables, may perform peer review for collateral developed by others on a delivery team Presentation of deliverables to client executive management Act as the Engagement Lead on customer facing projects, when assigned Business Development Support business development pursuits through client discovery meetings Support sales opportunities throughout the sales cycle, including project scoping, proposal development, and presenting proposals to clients. Familiarity with AHEAD's enterprise service portfolio to identify opportunities for cross-practice collaboration Practice Development & Thought Leadership Maintain subject matter expertise in security domains and security solutions Participate in the development, enhancement, and standardization of AHEAD in-practice service offerings Own and/or enable more than one service capability Maintain a broad knowledge and understanding of current and future state IT trends, technologies, and standards Lend support and mentorship to others Requirements Undergraduate degree in Computer Sciences or Business Management is preferred, but not required Minimum of 2 years of information security leadership experience 7+ years technical work experience 2 professional and/or technical certifications, including industry-recognized certifications which align to AHEAD's Security service portfolio, or commensurate work experience (CISSP, CISM, SANS certs, etc.) Cybersecurity background (vulnerability management, various security controls such as EDR, firewalls, content filtering, etc.) Active directory experience (group policy and Intune experience) Securing windows servers and desktops (system hardening such as Microsoft Baseline/STIGS/CIS) Office 365 experience Common written policy understanding Excellent verbal and written communication skills Comfort in addressing groups of people in virtual or in-person settings Ability to solve complex, abstract problems Excellent interpersonal skills, good listener, ability to connect with different personalities Exhibit Executive presence with leadership characteristics Demonstrated experience as a technology change agent $165,000 - $195,000 a year Why AHEAD Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between. We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning. USA Employment Benefits include Medical, Dental, and Vision Insurance 401(k) Paid company holidays Paid time off Paid parental and caregiver leave Plus more! See benefits for additional details. The compensation range indicated in this posting reflects the On-Target Earnings (“OTE”) for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidate's relevant experience, qualifications, and geographic location. #J-18808-Ljbffr

Senior Physical Security Consultant Chicago, IL. WEC Energy Group is one of the nation's largest electric generation and distribution and natural gas delivery holding companies serving 4.7 million customers across the Midwest. We are committed to providing clean, reliable, and affordable energy in an environmentally sustainable manner. Customers are the heart of our business, and we work every day to help grow and support communities where we provide vital energy services. As a Fortune 500 company, we value and develop our employees who are making a difference in a mission that matters. We don't just offer a job; we provide fulfilling careers where safety and well-being are paramount. Join our team and experience first‑hand our commitment to your success. We offer competitive pay and benefits to recognize your hard work and dedication. If you're talented, energetic and ready for a career with a future, we want you on our team. We are powered by a diverse and inclusive workforce fueled by the pride in what we do. If you're driven by the passion to change lives, this is the place for you. WBS, a subsidiary of WEC Energy Group, is seeking a Senior Physical Security Consultant in our Chicago, Illinois location. Job Summary The Physical Security Consultant (Senior) is responsible for identifying security gaps, concerns, threats, and/or risks and follow internal procedures and protocol to elevate or resolve issues as appropriate, such as conducting investigations or sharing threat intelligence with appropriate members of the organization. Specific functional areas include, but are not limited to, enterprise protection, operational integration, intelligence, investigations, situational awareness and security projection. This position is the primary interface for the business and operations to share information and coordinate security‑related activities and requirements. Physical Security Consultants are expected to develop and maintain relationships with key internal and external stakeholders such as contract security personnel, local law enforcement, and internal business areas who work closely with security. Job Responsibilities Provides security protection services, consulting services and advisory support to the business and operations to reduce risks, maximize workforce safety, and protect property Leads investigations in close support and coordination with cybersecurity, HR, ethics, and/or external law enforcement as appropriate Follows policy and procedures to elevate security matters, file reports, collect evidence, and maintain relevant databases or information in security systems Executes company policies and procedures for the physical security program aligned with the overarching enterprise security model and best practice standards and ensure compliance with applicable industry standards and regulations (e.g. NERC CIP, TSA) Provides work direction, site training, policy and process training, and maintains relationships with contract security personnel Maintains an understanding of the application of security technology to the company's processes to mitigate risk Develops and maintains relationships and represents the company with local law enforcement, other security‑related external agency stakeholders and the broader intelligence community Responds to crises or urgent situations to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property and operational assets Participates in internal and external emergency response and business continuity planning exercises Analyzes intelligence to identify trends and determine risks Foster a culture that promotes security as an integral part of safety. Maintains key performance and process metrics to evaluate the efficiency and effectiveness of processes, procedures, and systems The Senior Physical Security Consultant performs all duties of a Physical Security Consultant, usually in a lead role Minimum Qualifications Physical Security Consultant - Minimum 2- 4 years of physical security work experience in law enforcement, investigations or intelligence in a civilian or military organization required. Senior Physical Security Consultant - Minimum 4 -7 years of physical security work experience in law enforcement, investigations or intelligence in a civilian or military organization required. Preferred experience with or understanding of nation state threats to critical infrastructure. It requires some out-of-state travel and is subject to 24 hour call out. Preferred Qualifications A Bachelor's degree in Criminal Justice, Police Science, Security Management or Business Administration is preferred. A combination of associate degree, military, law enforcement or professional physical security experience and physical security certification (CPP, PSP) or certificates (enterprise security risk management, security risk assessment, workplace violence prevention, executive protection, etc) will be considered Preferred experience with or understanding of nation state threats to critical infrastructure Project and Contract Management experience (Threat Assessments, CCTV System Installation, etc.) Familiarity with the City of Chicago Neighborhoods and Streets, in addition to the Urban areas #J-18808-Ljbffr

Role -Business Analyst/ Information Security Governance Analyst Project Overview: We are seeking an analyst with experience in governance of security products, authentication, authorization, and access management with business analysis background. These resources will support the SaaS initiatives Contractor's Role: As a member of Governance team you will play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .Net etc. Experience level: Level 3 Qualifications - Bachelor's degree in computer science, audit or a related discipline and experience in information security, or an equivalent combination of education and work experience. - Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. - 5 -6 years of experience in the Information Security or Audit role. - Strong collaboration skills and a analytical ability - Knowledge of SOX methodology implementation for applications & Internal & External Audit executions Requirements Nice to Haves: - Knowledge on Obsidian Remediation Tasks & Responsibilities - Drive governance and risk framework around applications using authentication and authorization - Define and respond to risks surrounding the business functions and the security capabilities - Define and respond to audits from internal and external parties - Knowledge of control execution and design - Collect and maintain evidence of control testing - Collect and maintain evidence of application attestation to standards

Information Security Specialist | The Shyft Group, Inc. | Novi, MI Regular Employee | Salary Non-Exempt What you'll do: The IT Security Specialist is responsible for designing, implementing, and maintaining the organization's cybersecurity infrastructure across information technology, operational technology, and cloud environments. This position plays a vital role in safeguarding corporate systems, networks, and information by monitoring emerging threats and vulnerabilities. The individual in this role will work collaboratively with all departments across Aebi Schmidt Group to assess risk, coordinate vulnerability remediation, and develop defensible architectures to protect our assets. The IT Security Specialist will apply technical expertise to implement and manage security tools, automate key processes, and support incident response activities to minimize business impact and maintain continuity of operations. This position requires strong analytical and problem-solving skills, a comprehensive understanding of cybersecurity principles and technologies, and the ability to communicate effectively with both technical and non-technical stakeholders. Key responsibilities * Design, implement, and manage cybersecurity solutions across endpoints, networks, cloud, and identity management systems * Conduct vulnerability assessments and coordinate remediation efforts across IT and DevOps teams * Monitor, triage, and manage alerts from cybersecurity related tools and services * Leverage cybersecurity related tools and benchmarks to harden and build defensible IT systems and resources * Participate in incident response efforts including triage, containment, eradication, and post-incident efforts * Perform risk assessments on new technologies, vendors, and IT system changes * Automate repetitive tasks using Python, Bash, PowerShell, Terraform, or equivalent scripting languages What you need to be successful: * Bachelor's degree in computer science, information systems, cybersecurity, or related field * Relevant cybersecurity certifications such as CompTIA's Security+ * 5+ years of hands-on experience in cybersecurity or infrastructure security role * 3 - 5 years of experience in cloud technologies such as AWS and Azure * Strong understanding of networking and security protocols, firewalls, VPN's, SIEM, EDR/XDR, and vulnerability management * Knowledge of IAM concepts; idP, MFA, SSO, SAML/OAuth2, and the access policies that control them * Working knowledge of scripting or automation languages such as Python, PowerShell, or equivalent * Industry leading certifications such as CISSP, CEH, GICSP, or GSEC * Exposure to compliance standards such as ISO 27001, NIST, and PCI DSS * Experience with CI/CD pipelines or DevSecOps methodologies * Familiarity with the MITRE ATT&CK framework and threat hunting * Implement and manage OT cybersecurity controls across plant floor networks, control systems, and IT infrastructure * Data management and discovery tools such as Purview or other data loss prevention technologies Why The Shyft Group? Our people are our greatest asset, and your success is our success! That's why we provide comprehensive benefits that support your health, financial security, and work-life balance-so you can thrive both personally and professionally. * Health & Wellness: Medical, Dental, Vision, HSA/FSA, Wellness Plan * Financial Security: 401(k) with match, Disability, Life Insurance * Work/Life & Growth: Educational Reimbursement, EAP, Dependent Care At The Shyft Group, we don't just offer benefits-we invest in your well-being. Join us and experience the difference! Who we are: The Shyft Group is the North American leader in specialty vehicles, including last-mile delivery vans, work trucks, and motorhome chassis. Our 10 brands- Utilimaster, Blue Arc, Royal Truck Body, DuraMag, Magnum, Strobes-R-Us, Spartan RV Chassis, Red Diamond, Builtmore, and Independent Truck Upfitters- are powered by 3,000+ team members across the U.S. and Canada. Backed by 50 years of innovation and a supportive, entrepreneurial culture, we're leading the way in electrification and proudly ranked among Fortune's 100 Fastest Growing Companies. Equal Employment Opportunity (EEO) The Shyft Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, genetic information, status as a protected veteran or status as a qualified individual with a disability, or any other characteristic protected by applicable federal, state, or local law. If you have a disability and would like to request an accommodation in order to apply, please email us at *************************. The Shyft Group is an E-Verify Employer Shyft uses E-Verify, which is an online system operated by the U.S. Department of Homeland Security in partnership with the Social Security Administration to verify employment eligibility and validate social security numbers. Through participation in the E-Verify program, information entered on Form I-9 will be provided and compared to information available at both of these agencies. See posters for more details. E-Verify Notice U.S. Right to Work Notice.

Vedder Price's Chicago office is seeking an Information Security Analyst. The Information Security Analyst is primarily responsible for maintaining technologies to ensure the security of the firm's systems. Thorough understanding on both product based solutions and fundamental security best practices are vital to this role. The Information Security Analyst will collaborate with other Engineers and SMEs, to apply and support best practices for information and cyber security, system building, change management, account management, documentation, and user experience management. As the Information Security Analyst, your job duties will include but not be limited to: Serve as a technical resource at the firm for information security issues. Collaborate with other staff in the Technology Department to ensure that security standards are developed and enforced in the course of implementing or upgrading firm technology, educating others on security best practices. Administration, troubleshooting and resolving issues with security infrastructure on Vedder Price's network, including the following: SASE (Secure Access Service Edge) firewalls Intrusion detection and prevention Vulnerability management Identity Management Microsoft Windows systems, Including Defender, Azure and M365 Review of business processes, recommendation and implementation of supportable security changes including any relevant tools to better secure those processes Evaluation of security practices around identity management, remote solutions, including AVD and privileged remote access Participation in incident response plan for vulnerabilities or other security events Investigation of actual and suspected security breaches Ensure consistent security policies are being applied to any hosted or cloud-based services being utilized by the firm Log review and reporting on security devices and identified Windows systems Generating evidence for compliance/audit Working with vendors as necessary to supplement our security capabilities, and recommend their use when appropriate Backup assistance for other Network Operations team members as necessary Assistance with all projects and tasks related to the firm as directed by the Senior Manager Infrastructure & Security and the Information Security Architect Assists the Information System Architect in developing and documenting security standards as needed Skills & Competencies: Expert-level proficiency with key technologies to be supported, including demonstrated willingness and ability to develop expertise in new technologies as needed Demonstrated competence in detecting and eliminating technical issues in complex systems, utilizing monitoring and other analysis tools to ensure optimal system performance Investment in understanding technologies outside of those directly supported by the Analyst, including demonstrated basic awareness of key functionality of systems that interact with or depend upon the systems directly managed by the Analyst Ability to participate in assessing business purpose of managed systems and to recommend operational or efficiency-related improvements Ability to act independently to meet goals and objectives identified by senior management, including the ability to assist in the creation of project plans and manage time effectively High-level involvement in providing optimal performance and responsive support. Works to ensure optimal performance and reliability of systems while also providing mentoring and knowledge transfer to other Engineers and Technical Support Specialists. Acknowledges key role in responding to alerts and assisting Technical Support in analysis and resolution of issues Accepts responsibility for understanding firm Information Security Standards and applying those standards to ensure security of managed systems Effective communication skills, both written and oral. Strong interpersonal skills required to communicate with all other technology team members, members of the firm (users of systems), and clients. Must have customer service attitude and ability to work well with other groups. Superior understanding of the firm's goals and objectives, with demonstrated ability to apply technology in solving business problems Strong organizational skills, capability to schedule and coordinate multiple activities in results-oriented environment. Initiative and ability to enforce policies and procedures through influence Qualifications & Required Experience: Bachelor's Degree in computer related field or equivalent work experience Minimum five (5) years' experience in Information Technology required Experience in the legal industry a plus Must subscribe to being highly available and responsive to occasional after-hours issues, as the firm operates on a 24x7 basis Position also requires the ability to work under pressure to meet strict deadlines Computer Skills: To perform this job successfully, an individual must be proficient in the following software and/or their equivalent: Experience with Microsoft and Azure security tools, Cato Networks, BeyondTrust, Tenable Nessus and Sumo Logic preferred Compensation Range: $95,000/yr. to $110,000/yr At Vedder Price, we believe in recognizing and rewarding our employees' contributions. Our comprehensive Total Rewards Package includes: Competitive Salary: We offer a competitive base salary commensurate with skills and experience. Bonus Program: Discretionary annual bonus program. Retirement Planning: Discretionary profit sharing and 401(k) matching to help you plan for your future. Health and Wellness: Comprehensive health, dental, and vision plans, along with optional health savings and flexible spending accounts, firm-paid Life and Disability benefits, and wellness programs to support your overall well-being. Paid Time Off: Competitive time off package including vacation days, paid holidays, sick time and personal days. Professional Development: Opportunities for continuous learning and career growth through firm provided training programs. Employee Recognition: Anniversary and Vedder Praise Programs to celebrate your achievements and milestones. Work-Life Balance: Hybrid work model and family-friendly policies. Additional Perks: Employee discount program, pre-tax commuter benefits, back up child & elder care, Employee Assistance Program (EAP), fitness center discounts and more. Join Vedder Price and be part of a team that values hard work and dedication! Equal Employment Opportunity Vedder Price P.C. is an equal opportunity employer. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability (where applicant is qualified to perform the essential functions of the job with or without reasonable accommodations), medical condition, protected veteran status, gender identity, genetic information, or any other characteristic protected by federal, state, or local law. We participate in E-verify. Applicants who are interested in applying for a position and require special assistance or an accommodation during the process due to a disability should contact the Vedder Price Recruiting Team at vprecruiting@vedderprice.com.

National Heritage Academies (NHA) is seeking a talented and motivated Cyber Security Analyst to join our team. The ideal candidate will play a critical role in protecting our organization's digital assets and ensuring the confidentiality, integrity, and availability of our information systems. As a Cyber Security Analyst, you will be responsible for leading the analysis, investigation, and response to security incidents. This role is central to protecting our students, staff, and sensitive data while maintaining a secure and compliant educational environment. This position is based at our Grand Rapids headquarters (onsite 4 days/week) and requires close collaboration with business partners, customers, and IT teams. COMPANY INFORMATION: National Heritage Academies (NHA) partners with communities to build and operate public charter schools. Founded in 1995, today NHA serves over 100 schools in nine states, with more than 65,000 students in kindergarten through 12th grade. Our schools are designed to eliminate the achievement gap and provide school choice to families so their children are prepared for success in college, career, and life. A majority of our schools consistently outperform their local district on the state test. According to the Center for Research on Education Outcomes at Stanford University, NHA is a leading performer among charter schools and management organizations, outperforming both conventional district schools and other charter school operators. In addition, according to our employee survey, over 90% of respondents agree that the work they do is meaningful to them. Join our team. DUTIES AND RESPONSIBILITIES: Security Monitoring and Analysis: Utilize the SIEM/XDR platform to perform threat hunting, correlation, and deep analysis of security events across cloud, network, and endpoint telemetry. Analyze security data to identify and investigate potential security incidents and threats. Stay current with emerging threats and vulnerabilities to proactively identify potential risks. Incident Response: Respond promptly to security incidents, following established incident response procedures. Execute Tier 2 incident response procedures, including detailed forensic evidence preservation, advanced containment strategies, and effective communication during active incidents. Document incident details and lessons learned for future improvement. Vulnerability Management: Manage the full lifecycle of vulnerabilities, from tool configuration (e.g., Rapid7) and regular scanning, through risk prioritization, to working with IT peers to validate and implement remediation. Identify and prioritize vulnerabilities, and work with relevant teams to remediate them. Keep software and systems up-to-date with patches and security updates. Security Policies and Procedures: Contribute to the design and formal documentation of security policies and standards (e.g., access control, data handling) ensuring adherence to FERPA and other regulatory mandates. Provide guidance and training to staff on security best practices and awareness. Security Tools and Technologies: Manage and configure security tools and technologies, such as firewalls, antivirus, intrusion detection/prevention systems, and encryption solutions. Leverage AI/ML Features: Actively utilize and fine-tune Artificial Intelligence (AI) and Machine Learning (ML) capabilities within security platforms (SIEM/XDR, SOAR) to enhance threat detection accuracy, reduce false positives, and improve automated response workflows. Evaluate, recommend, and manage new security technologies to continuously enhance the organization's security posture and automation capabilities. Reporting and Documentation: Generate and maintain reports related to security incidents, vulnerabilities, and compliance for management and regulatory purposes. Maintain accurate records of security activities and documentation of security configurations and procedures. QUALIFICATIONS: Bachelor's degree in Computer Science, Information Security, or a related field preferred. Relevant certifications (e.g., CISSP, CISA, CompTIA Security+) are a plus. Minimum of 3+ years of progressive experience in a security operations center (SOC), incident response, or security analyst role preferred. Hands-on experience with Data Loss Prevention (DLP), Application Security (AppSec) principles, and Security Orchestration, Automation, and Response (SOAR) solutions. Strong understanding of security principles, practices, and technologies. Proficiency in security tools and technologies, such as SIEM, IDS/IPS, antivirus, firewall, and vulnerability assessment tools. Knowledge of regulatory requirements (e.g., FERPA, ISO 27001) and ability to ensure compliance. Excellent analytical and problem-solving skills, with the ability to think critically and respond effectively to security incidents. Strong communication and interpersonal skills to work collaboratively with cross-functional teams and communicate security issues to non-technical stakeholders. Continuous learning mindset to keep up with evolving cyber threats and security best practices. This is an in-person position at our NHA Service Center located at 3850 Broadmoor Ave., Grand Rapids, MI. Please click here to learn more about our core values. National Heritage Academies is an equal opportunity employer.

3M has a long-standing reputation as a company committed to innovation. We provide the freedom to explore and encourage curiosity and creativity. We gain new insight from diverse thinking, and take risks on new ideas. Here, you can apply your talent in bold ways that matter. : JOB DESCRIPTION: What You'll Do As a key member of the IT Security Compliance team, reporting to the Team Lead - Security Compliance, you will: * Execute day-to-day cybersecurity risk, compliance, and assurance activities. * Support global cybersecurity certifications including ISO 27001 and ISO 27017, evaluating control effectiveness and reviewing evidence of controls. * Assist in achieving ISO 27001 certification by identifying risks and implementing controls. * Maintain and continuously improve 3M's Information Security Management System (ISMS). * Create, update, and manage ISMS documentation, reports, and audit records. * Act as Subject Matter Expert (SME) for PCI DSS, advising stakeholders, conducting internal assessments, and driving PCI DSS v4.0.1 reviews, gap assessments, and control evaluations. * Provide high-level knowledge support on other frameworks and standards including NIST, SOX, SWIFT, and TISAX. * Deliver timely written reports, metrics, and updates to cybersecurity management. * Collaborate and communicate effectively across teams and with stakeholders. What We're Looking For * Education: Bachelor's degree with a minimum of 4 years of experience in Information Security, GRC, or related roles. * Certifications (preferred): ISO 27001 Lead Auditor/Implementer, PCI ISA, CISA, CISM, CRISC, or equivalent. * Skills & Knowledge: * Strong knowledge of information security risk standards, frameworks, and methodologies. * Experience working with GRC tools such as OneTrust, Archer (or similar). * Excellent written and verbal communication skills. * Ability to manage multiple priorities and adapt to evolving business needs. Learn more about 3M's creative solutions to the world's problems at ********** or on Instagram, Facebook, and LinkedIn @3M. Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement. Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly. 3M Global Terms of Use and Privacy Statement Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms. Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.

The Information Assurance Principal Analyst/Program Lead will provide leadership, oversight, and operational management for the Joint Operation Planning and Execution System (JOPES) and the Transportation Visualizer (TransViz) Functional Management Support contract. This individual will act as the primary liaison between TeAM, government officials, and all contract stakeholders, ensuring the coordination, integration, and execution of all program activities in accordance with DoD and USTRANSCOM expectations. The Information Assurance Principal Analyst/Program Lead will be responsible for meeting all performance, schedule, and quality objectives as outlined in the contract's scope. Mission Objectives - The primary objective of this project is to support the operational effectiveness and mission readiness of the JOPES and TransViz platforms at Scott Air Force Base. As a critical contract team member, the Information Assurance Principal Analyst/Program Lead ensures seamless functional management, stakeholder coordination, and compliance with all contractual and security requirements while facilitating process improvements and the timely delivery of program services. This position supports USTRANSCOM and associated DoD agencies by optimizing system capabilities and user experience in support of national defense objectives. Position Responsibility Summary Serve as the principal point of contact (POC) for all programmatic, technical, and contractual matters, representing TeAM in communications with government officials and stakeholders. Serve as a Liaison for all meetings & events, coordinating & scheduling all course training for teams, and attending reviews of the program. Lead, supervise, and coordinate activities of the project team-overseeing System Administrators and the Database Administrator-to fulfill contract objectives. Ensure timely and accurate reporting of program performance, deliverables, metrics, and compliance with DoD security, safety, and operational requirements. Manage risks, mitigate issues, and implement corrective actions to maintain project schedule and instill quality control. Oversee and ensure workforce compliance with all mandatory security, safety, and DoD-mandated annual training, including but not limited to OPSEC, Antiterrorism Level I, CUI, and Emergency Operations. Develop and implement process improvements, leveraging industry best practices (e.g., ITIL) to enhance JOPES/TransViz functionality and user satisfaction. Foster a culture of open communication and collaboration across stakeholders, promoting continuous improvement in program delivery. Ensure all support activities are conducted on-site in compliance with established guidelines and within the designated geographic radius.

Job Description . Must live in the Indianapolis area. Pay: $42.70/hour In this role you will: • Monitor and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement • Interface with user customers to understand their security needs and implement procedures to accommodate them including training and assessment • Assist with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assist with creating and submitting reports relevant to security audits • Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800-53) • Develop Standard Operating Procedures (SOP) for implementing security polices • Recommend appropriate security safeguards to be included during development of new information technology systems and legacy systems • Ensure maximum utilization of computer hardware and software features to secure automated systems and associated data • Develop and implement procedures for use of information security management software • Propose information security software enhancements • Perform periodic audits to assure security policies and standards are being followed and are effective • Develop recommendations for enhancements and generates reports where necessary • Keep abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security

Resource will work as an Information Security Analyst responsible for auditing and monitoring systems containing confidential information. This position is also responsible for helping the organization manage its risks by monitoring the organization's IT systems for inefficiencies, inaccuracies, mismanagement, etc. Tasks will include assisting with the configuration of data, application, network, and IAAM logs; assisting with log reporting tools; and monitoring systems for security problems. The position participates in all aspects of the technology audit and monitoring including the planning, control analysis, testing, issue development, and reporting phases. This position will also participate in all federal and state audits against DCS technology systems. Employee works in an Information Technology Division of a State Agency, the Department of Child Services (DCS -IT) under the guidance of the Security Manager. The essential functions of this role are as follows: • Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement; • Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment. • Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits. • Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800 -53). • Develops Standard Operating Procedures (SOP) for implementing security polices; • Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems; • Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data; • Develops and implements procedures for use of information security management software; • Proposes information security software enhancements; • Performs periodic audits to assure security policies and standards are being followed and are effective. • Develops recommendations for enhancements and generates reports where necessary; • Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security; • Mentors and provides guidance to new or other staff as needed; • Performs related duties as assigned. • Assist on other task as assigned. Thorough knowledge of information security management tools, policies, and standards of information security procedures; • Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy; • Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation; • Familiarity with domain structures, user authentication, and digital signatures; • Ability to develop and maintain information security standards; • Ability to understand and apply complex computer logic to work; • Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management; • Experience in assessing security needs of teams and assist in their security training. • Ability to communicate effectively both orally and in writing; • Ability to be a team member as well as a team leader depending on the situation; • Degree in information security or technology preferred; • Security certification preferred (e.g. CISSP). • Network Admin experience preferred. Supervisory Responsibilities/Direct Reports: This role does not provide direct supervision to direct reports. Required / Desired Skills Skill Required / Desired Amount of Experience To be effectively with wide range of information technologists, including systems administrators, technical support, application development, end users Required 3 Years Network Admin experience Required 3 Years Security certification (e.g. CISSP, CRISC) Required 3 Years Ability to develop and maintain information security standards; Required 1 Years Ability to understand and apply complex computer logic to work Required 1 Years Degree in information security or technology Required 1 Years Familiar with cybersecurity security framework (e.g. NIST, ISO, SOC 2, CIS, Cobit, etc.) Required Computer security compliance and auditing experience Required IRS, SSA computer security compliance and audit experience Required HIPAA experience Required

The Information Security Specialist supports the planning, implementation, and operation of StarPlus Energy's global and local security management systems. This position ensures compliance with international and Korean security regulations, establishes physical and IT infrastructure security systems, and coordinates with both corporate headquarters and Korean government authorities to prevent information leaks and respond to potential security threats. This position reports to the Information Security Manager. Roles & Responsibilities: Plan, develop, and operate corporate information security systems for facility and IT infrastructure protection Establish incident response procedures and maintain readiness against internal and external security threats Develop and operate the site's physical security management system, including access control, CCTV, and intrusion detection system Manage and oversee external security service providers (e.g., physical security guards, monitoring services, and system maintenance vendors) to sure proper performance and contract compliance Support vendor performance evaluations, documentation, and corrective actions when service issues arise Define and enforce information protection policies and procedures to ensure consistent implementation across the organization Establish and operate a security management framework for Korean National Core Technology (KNCT) compliance Assign protection grades, define and manage secure communication systems, and safeguard all data and documentation related to KNCT Coordinate and conduct security education and training for employees Develop and maintain incident response systems to address potential data or technology leakage Support internal and external security audits and inspections from Korean government and SDI Headquarters Perform security infrastructure vulnerability assessments and implement corrective actions as needed Prepare technical report, standard operating procedures (SOPs), and other documentation required for compliance and audit response Perform other position related duties as assigned

The Role We're looking for an Information Security Governance, Risk & Compliance Analyst to join our growing Information Security team. This role will be reporting to the Manager of Information Security Governance, Risk & Compliance. Our security team works to create a strong Information Security function within GTI that enables the business to continue its tremendous growth. The Information Security Governance, Risk & Compliance Analyst is responsible for maintaining continuous compliance with security policies, industry laws, and regulations (HIPAA, SOX, NIST, etc.). The candidate must communicate effectively with business partners and team members to help raise the level of security awareness, security compliance, and security risk. The candidate will perform environment-specific risk assessments factoring in both qualitative and quantitative risks and assist with the deployment of various controls based on those assessments. This role will also involve ongoing monitoring and improvement of security governance, ensuring a proactive approach to risk management. The role is based out of our Chicago, office. While the role is primarily remote, you need to live in the Chicagoland area and commute to the office on an as needed basis. Responsibilities Own the relationship working with IT and business stakeholders to perform ongoing internal and vendor risk assessments, providing reporting to stakeholders, and ensuring appropriate action is taken. Update and track KPIs from the Information Security risk register and work with stakeholders on developing Corrective Action Plans to address risks. Provide guidance to newer staff working with internal IT stakeholders for vulnerability management, ensuring vulnerabilities are remediated in accordance with policy and SLAs. Own the process for working with IT and business stakeholders to perform ongoing compliance reviews in line with security policies, information security regulations (HIPAA, SOX/ITGC), and security frameworks (NIST, MITRE, etc.). Assist with ongoing internal operations and tasks, including ITGC security reviews. Spearhead the ongoing internal and external SOX and HIPAA audits and other security audits that are relevant to GTI's business. Provide updates and insight during the development and maintenance of Information Security policies, standards and procedures, aligning with NIST. Lead the identification of security training and awareness initiatives for the organization. Participate in incident response tabletops, business continuity tests, and other compliance activities and exercises. Maintain KPIs and KRIs for Information Security risk & compliance activities. Execute tasks as a member of the Information Security team as assigned by management. Provide mentorship and guidance to Associate Information Security GRC Analysts. Stay up to date on relevant laws and regulations to ensure continuous compliance and audit readiness. Collaborate with the IT and security teams in response to security incidents, ensuring proper documentation and reporting. Qualifications 3+ years of experience with responsibilities relating to security and compliance. Bachelor's degree or higher in Information Security or Information Technology may help you stand out but is not required. Demonstrated work experience can be substituted. Strong written and oral communication skills. Strong conceptual understanding of Information Security theories. Knowledge of network, application, and cloud security controls. Knowledge of regulatory frameworks and compliance standards such as NIST, MITRE, OWASP, HIPAA, PCI-DSS and SOX. Strong analytical and problem-solving skills with well-organized and structured work habits, and the ability to identify and mitigate risks. Security certifications, such as CRISC, CISA are preferred, but not required. We're doing some big things, and we'll find some roadblocks along the way, big and small. A big part of this role is keeping an even keel and finding the route through or around the obstacles. This role requires lots of communication with customers and everyone at GTI. Your colleagues will rely on your ability to translate security requirements into digestible bits of information for them. Customers will expect you to quickly articulate components of the GTI security program to help them assess risk, including as part of the business development process. An insatiable intellectual curiosity and the ability to learn quickly in a complex space. Additional Requirements Must pass any and all required background checks Must be and remain compliant with all legal or company regulations for working in the industry Must be a minimum of 21 years of age #LI-HYBRID The pay range is competitive and based on experience, qualifications, and/or location of the role. Positions may be eligible for a discretionary annual incentive program driven by organization and individual performance. Green Thumb Pay Range$80,000-$100,000 USD

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We're looking for people who are determined to make life better for people around the world. Join our Security Operations team in Indianapolis, IN where you will get to work on cutting edge cybersecurity technologies while driving exceptional customer experience and improving our enterprise security platform services. What You'll Be Doing Respond to support cases from customers experiencing issues with security tools Provide timely and effective technical troubleshooting and resolution Document case studies, playbooks, and solutions for future reference by team Develop and maintain knowledge base articles and operational procedures Communicate updates and status clearly and professionally to customers Collaborate with cross-functional teams (engineering, product, IT architects) to escalate and resolve complex issues Identify trends in customer issues and recommend product or process improvements Participate in training sessions, conferences, and workshops to expand skills and share learnings with the team Support & Troubleshooting Manage inbound security tool incidents across SIEM, IDS/IPS, EDR, Zscaler (ZIA/ZPA), Cloudflare WAF, Identity & Access Management, and/or other cloud security platforms Adaptability and willingness to learn new technologies and processes Develop proactive means of identifying security platform issues before business impact is realized Assist with developing automation scripts and workflows to increase operational efficiency Identify opportunities and drive initiatives to automate routine tasks and processes Documentation & Knowledge Sharing Create and update detailed playbooks, runbooks, and troubleshooting guides Contribute to an evolving knowledge base to empower peers and customers Document health metrics to measure security tool effectiveness and coverage Collaboration & Communication Foster strong teamwork by mentoring and coaching junior engineers Work closely with product managers and senior engineers to translate feedback into platform enhancements Liaise with enterprise IT, architects, Technical leads and stakeholders to align solutions with business needs Advocate innovative security solutions that balance user experience and protection Continuous Improvement Stay current on security threats, regulatory changes, and emerging technologies Drive adoption of creative, scalable solutions for complex global security platform challenges Analyze recurring issues, support tickets and operational data to identify improvement areas Propose and implement process optimizations and preventive measures Assist with testing and enablement of new tools, technologies and operational capabilities Evaluate new tools and/or feature sets for existing tools (e.g., Splunk, CrowdStrike, Zscaler (ZIA/ZPA), Cloudflare WAF) and recommend integrations Your Minimum Requirements: Bachelor's degree in Cybersecurity, Computer Science, IT, or similar degree and at least 1 year experience in technical support, security operations, or platform engineering OR Associate degree in Cybersecurity, Computer Science, IT or similar degree and at least 5 years experience in technical support, security operations, or platform engineering Hands-on with SIEM, IDS/IPS, EDR, web application firewalls, identity/access management, and cloud security Basic networking knowledge (TCP/IP, DNS, DHCP) Qualified candidates must be legally authorized to be employed in the United States. Lilly does not anticipate providing sponsorship for employment visa status (e.g., H-1B or TN status) What You Should Bring: Strong problem-solving skills and a methodical troubleshooting approach Excellent written and verbal communication; customer-focused mindset Scripting proficiency (Python, PowerShell) for automation and data processing Basic coding abilities for scripts, automation, and custom integration Experience with cloud platforms (AWS, Azure, GCP) and containerized environments Familiarity with IT Service Management (ITIL) practices Certifications such as CompTIA Security+, CISSP, CCSP, or GIAC Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form (******************************************************** for further assistance. Please note this is for individuals to request an accommodation as part of the application process and any other correspondence will not receive a response. Lilly is proud to be an EEO Employer and does not discriminate on the basis of age, race, color, religion, gender identity, sex, gender expression, sexual orientation, genetic information, ancestry, national origin, protected veteran status, disability, or any other legally protected status. Our employee resource groups (ERGs) offer strong support networks for their members and are open to all employees. Our current groups include: Africa, Middle East, Central Asia Network, Black Employees at Lilly, Chinese Culture Network, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinx at Lilly (OLA), PRIDE (LGBTQ+ Allies), Veterans Leadership Network (VLN), Women's Initiative for Leading at Lilly (WILL), en Able (for people with disabilities). Learn more about all of our groups. Actual compensation will depend on a candidate's education, experience, skills, and geographic location. The anticipated wage for this position is $64,500 - $158,400 Full-time equivalent employees also will be eligible for a company bonus (depending, in part, on company and individual performance). In addition, Lilly offers a comprehensive benefit program to eligible employees, including eligibility to participate in a company-sponsored 401(k); pension; vacation benefits; eligibility for medical, dental, vision and prescription drug benefits; flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts); life insurance and death benefits; certain time off and leave of absence benefits; and well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities).Lilly reserves the right to amend, modify, or terminate its compensation and benefit programs in its sole discretion and Lilly's compensation practices and guidelines will apply regarding the details of any promotion or transfer of Lilly employees. #WeAreLilly

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Job Description Location: 100 Abbott Park Road, Lake County, Abbott Park, IL 60064 Duration: 6+ months (could go beyond) Roles: • Network Directory and Infrastructure Services Administration. • Knowledge of domain administration and troubleshooting, Active Directory, MS FIM, Exchange, MS Office365 and supporting technologies, MS Azure, NPS, Federation and SQL Server administration required. Responsibilities: • Provide technical Level III problem isolation and resolution for a Global Active Directory Network. • Configures and performs advanced diagnostics on infrastructure components and cloud based applications. • Understands and repairs Domain infrastructure including DNS, DHCP, ADLDS, ADFS and FIM Sync. • Understands and can configure/install Win Server 2008r2/2012r2 technologies for domain controllers and Radius Authentication servers. • Repair and recover from hardware or software failures. • Rotate on-call and must be available to work a varied shift schedule in a 7x24 hour operations center environment. • Initiate major outage communication technical bridges as requested. • Apply fix procedures as instructed for repetitive events as instructed and coordinate with impacted constituencies. Competencies: • Superior knowledge of Active Directory overall and its administrative components. • Perform domain administration for 61,000+ workstations including domain controllers, NPS, Win 2003/2008R2/2012 server hardware, dynamic host configuration protocol (DHCP), domain name servers (DNS) configuration integrated with active directory, desktop configuration and end user support. • Candidate will have worked in an AD environment that has done acquisition and divestiture work, Candidate will have worked with products such as ADMT, and ADLDS and the roles they play in M&A activities such as management of active directory structure in creation, administration of organizational units (OU), containers and sub containers throughout the domain from geographic to organizational standards, while setting policies and permissions. • Candidate should have expert knowledge of Federation protocols including OAuth, SAML, WSFed, and a deep understanding of the IDP and SP roles associated with Federation environments. • Candidate will have worked with Office 365 from an Identity standpoint and have an understanding of Azure Active Directory Sync and Identity Federation for Cloud services. • Expertise should include attribute mapping and troubleshooting as well as rule sets associated with AADSync. • Candidate must be able to correctly configure servers and clients for all services. • Can isolate and repair most DNS and IP service problems. • Understands and uses the appropriate tools in all instances during problem isolation and repair. • Possesses an in depth understanding of communications technologies and can isolate and resolve most infrastructure issues. Qualifications • Associates Degree Minimum, prefer Computer Science or technology area or telecommunications science business minor • Three (3) to six (6) months of specialized technical courses in Win and Active Directory technology's typically provided by vendors, technical societies, or equivalent experience. Additional Information To know more about this position, please contact: Himanshu Prajapat ************ **********************************

Mindlance is a national recruiting company which partners with many of the leading employers across the country. Feel free to check us out at ************************* Job Title: Cyber Security Analyst Duration: 12 Months Location: Oakbrook Terrace, IL Job Description: Responsible for planning, designing, and implementing a process for cyber security monitoring, incident detection, and incident response. 1-3 yrs of experience and a Bachelor's degree in IT systems or a related discipline. Position Requirements: - Configuration and administration of logging aggregation and security event monitoring tools (like Industrial Defender, Splunk, etc.) - Configuration and maintenance of performance monitoring tools (like Solarwinds, Uptime, CA Spectrum, etc.) o Understands and can configure tools and endpoint systems to use SNMP for monitoring - General IT Support (application patching, client updates, remote access and administration tools) - General Networking knowledge (IP Networking, OSI Stack, etc.) Additional Information Thanks & Regards' ___________________________________________________________________________ Vikram Bhalla | Team Recruitment | Mindlance, Inc. | W: ************ All your information will be kept confidential according to EEO guidelines.

Job Description Are you ready to apply cutting-edge technologies to solve real world problems? Do you thrive in an environment where people leverage technology and processes to build innovative and sustainable solutions? You might just be a perfect fit for the CDO team. Since 1995, CDO Technologies has delivered the best solutions for unique business problems in the commercial and federal sectors ranging from Asset Management to IT Services. CDO employees demonstrate integrity, embrace teamwork, and embody a Can Do attitude in the delivery of superior customer service. Position Summary Demonstrated knowledge of system security. Possesses familiarity with cyber threats, malicious cyber threat actor motivations, and working knowledge of threat analysis and enterprise level cyber threat mitigation strategies. Must have networking experience in addition to cyber security. Work is delivered on-site at Scott AFB, IL. Minimum Requirements 8+ Years of experience is required. Experience should include: Network experience with controlled interfaces, routers, switches, firewalls, and access or transfer cross domain solutions Experience with Risk Management and preparing approval documentation for authorization/approval Cybersecurity and Information Assurance documentation and analysis Experience with different domains, security, integration, and interoperability Experience with reviewing engineering data for Joint, DoD, and AF Networks Must possess a DoD 8570.01 Level II Certification (Such as Security+, CAP, or GSLC) Must possess a BA or BS in Computer Science, Electronics Engineering, or other Engineering or Technical Discipline Secret Security Clearance is required. What can a CDO employee expect? At CDO Technologies, we believe in taking care of our employees with a comprehensive benefits package. Our health and welfare benefits include two medical plan options along with a LiveHealth program to see a doctor online anytime day or night. CDO offers dental, vision, and a Flexible Spending Account for medical or childcare. Employees may also enroll in a 401(k) plan with their first paycheck. Full-time employees also receive company paid short and long-term disability and life insurance. We also provide tuition reimbursement, professional development, and certification reimbursements. Finally, CDO also offers employees a generous leave program including paid holidays, vacation, and sick leave. CDO is an equal opportunities employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, or veteran status.

Company DescriptionJobs for Humanity is partnering with Capital One to build an inclusive and just employment ecosystem. Therefore, we prioritize individuals coming from the following communities: Refugee, Neurodivergent, Single Parent, Blind or Low Vision, Deaf or Hard of Hearing, Black, Hispanic, Asian, Military Veterans, the Elderly, the LGBTQ, and Justice Impacted individuals. This position is open to candidates who reside in and have the legal right to work in the country where the job is located. Company Name: Capital One Job Description201 Third Street (61049), United States of America, San Francisco, CaliforniaSenior Manager, Information Security Office Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. What You'll Do: Act as a central Information Security point of contact for the Enterprise Platform team Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Product security consulting in Authentication/Access Management /Identity application and experienced in Authentication and industry-standard protocol for authorization/authorization Basic Qualifications: High School Diploma, GED or equivalent certification At least 8 years of experience working in cybersecurity or information technology At least 7 years of experience providing guidance and oversight of Security concepts At least 7 years of experience performing security risk assessments and security architecture reviews At least 7 years of experience with architecture, software design, networking, and cloud infrastructure At least 5 years of experience with cloud security engineering Preferred Qualifications: Bachelor's Degree 3+ years of experience in securing a public cloud environment (e.g. AWS, GCP, Azure) 4+ years of experience in IAM or related areas Experience building software utilizing public cloud (e.g. AWS, GCP, Azure) Familiarity with Cloud patch management practices such as system rehydration and image management Experience utilizing Agile methodologies Experience with Software Security Architecture Experience with Application Security Experience with Threat Modeling Experience with Penetration Testing or Vulnerability Management Experience with integrating SaaS products into an Enterprise Environment Experience with securing Container services Splunk-Fu / Enterprise Monitoring experience Financial services industry experience Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) Experience in Offensive and Defensive Security techniques Experience in a regulated environment Strong conceptual thinking, influence and communication skills At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $230,100 - $262,700 for Sr Manager, Cyber TechnicalSan Francisco, California (Hybrid On-Site): $243,800 - $278,200 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections 4901-4920; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at ************** or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to [email protected] Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Granger, IN (On-site) Full-time Intro: Contract opportunity supporting a transportation and infrastructure technology organization focused on providing safe, efficient travel across the Midwest. This position offers relocation support and is ideal for a cybersecurity professional with strong experience in vulnerability management, threat response, and security toolsets in a mission-critical environment. Role Summary: The Cyber Security Engineer III is responsible for leading incident response, managing vulnerabilities, and maintaining compliance with internal and external security requirements. This position plays a key role in the daily operation and advancement of enterprise-wide cybersecurity strategy and toolsets. Key Responsibilities: Monitor systems for threats, anomalies, and breaches across the organization Lead and manage vulnerability assessments and remediation efforts Oversee and maintain key security tools such as SIEM, antivirus, firewalls, asset discovery, and email protection platforms Test and verify the effectiveness of security controls, reporting findings in an organized manner Collaborate with auditors and regulatory stakeholders to ensure compliance with relevant frameworks Contribute to security architecture recommendations for network and system design Stay current on evolving cybersecurity threats and best practices Participate in on-call security support rotation Uphold organizational safety and security standards across all responsibilities Required Qualifications: Bachelors degree in Computer Science or equivalent professional experience Hands-on experience in cybersecurity, with a focus on network security and vulnerability management Strong understanding of tools and techniques used in penetration testing and threat mitigation Familiarity with security technologies including SIEM, proxies, firewalls, antivirus, and IdPs Ability to assess and prioritize remediation of system vulnerabilities Strong written and verbal communication skills Valid drivers license required Additional Information: On-site role based in Elkhart, IN Relocation assistance is available for qualified candidates Must be able to work independently with minimal supervision

The Senior Information Security Engineer position will work both independently and as part of a team to ensure our security posture by designing, implementing, and maintaining our security toolsets. In addition, you will help foster collaboration with IT teams, management, and other stakeholders to promote and embed security throughout the organization. ESSENTIAL REQUIREMENTS * Develops and leads incident response strategies. * Safeguards our integration of AI by identifying and mitigating risks. * Assesses our current cloud security and propose improvements or solutions. * Serves as a subject matter expert for security tools, applications, and processes. * Leads SIEM platform management, log integrations, and detection engineering. * Champions the integration of cutting-edge security technologies, strategies, and best practices. * Participates in project initiatives to ensure security alignment. * Maintains awareness of latest trends and developments within an everchanging threat landscape. * Provides advanced technical guidance and training to team members. * Tracks remediation and follow-up of audit and assessments. * Conducts regular security assessments. * Proactively identify security gaps and work with both management and staff to address those gaps through processes, policies, or technology. * Creates detailed design drawings and documentation for implementations, procedures, and remediation plans. * Regular and predictable attendance is an essential requirement of the position. * Responsible for the completion of all compliance training related to the position and continuing professional education to maintain professional security certifications. * Understands all applicable laws and regulations that apply to the position and comply with the requirements. NON-ESSENTIAL FUNCTIONS Perform all other duties as assigned. EXPERIENCE/SKILLS Required: * Five (5) years of experience in security engineering with a strong emphasis on SOAR, detection, and response. * Seven (7) to ten (10) years of experience in various security domains (e.g., security operations, network security). * Experience creating solutions to enhance visibility, alerting, and reducing risk within IaaS, PaaS, SaaS, and M365 environments. * In-depth knowledge of M365 security features and capabilities, with a focus on threat protection, data loss prevention, and compliance. * Proven experience with tools such as: Nessus, Nmap, BurpSuite, Metasploit, Responder, CrackMapExec, Certipy, Impacket, and Bloodhound as well as an in-depth knowledge of open-source security projects and tools. * Excellent communication and collaboration skills with IT partner teams, business units, and leadership. * Excellent analytical and problem-solving skills to identify, assess, and mitigate security risks. * Solid foundational understanding of networking concepts. Preferred: * Three (3)+ years of experience in the banking or financial services industries. * Experience with vulnerability assessment and penetration testing. * Experience with a wide range of Azure security architecture, services, and tools. * Strong understanding of security frameworks and compliance regulations (e.g., NIST, PCI DSS). * Knowledge of cloud service providers and their various technologies and services. * Intermediate scripting/programming proficiency in various languages, with a preference for Python, for security orchestration, automation, and code analysis. * Strong organizational and time management skills. * Strong leadership and project management skills. * Strong documentation and report writing skills. * Ability to handle multiple tasks in a fast-paced environment. EDUCATION Bachelor's degree in Cybersecurity, Computer Science, or related discipline preferred. CERTIFICATIONS Security certifications such as CISSP, CISM, CEH, OCSP or equivalent preferred. TRAVEL REQUIREMENTS Ability to travel to all locations as needed for meetings, projects, seminars, etc. PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job Reasonable accommodations may be made to enable individuals to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands and fingers to operate keyboard and other office equipment; reach with hands and arms; and talk or hear. The employee frequently is required to sit, stand and walk. The employee is occasionally required to stoop or kneel. The employee may occasionally lift and/or move up to 10 pounds. EQUIPMENT MS Office, PC, phone, and standard office equipment.