Information security analyst jobs in West Lafayette, IN

Job Title: Cybersecurity Analyst Duration: 12 Months Contract + Possible Extension/ FTE Key Responsibilities: Perform cybersecurity risk-based assessments using the NIST Framework Identify and mitigate cybersecurity threats using industry-standard tools and controls Support development of a risk-based cybersecurity program meeting regulatory requirements Assist in creating cybersecurity strategies, policies, and standards Apply technical expertise to safeguard information and technology assets Required Skills & Experience: Strong cybersecurity background Hands-on experience with NIST Framework Risk-based threat identification and mitigation experience Familiarity with security tools, technologies, and best practices Education Preference: Master's in Cybersecurity (preferred) Master's in Software or related field Bachelor's in Cybersecurity

In this role, you will work closely with IT teams to secure our applications throughout the development lifecycle. You'll help build a secure-by-design culture, drive security automation, and protect our systems against evolving threats. This position reports to the Manager of Information Security. ESSENTIAL JOB FUNCTIONS: Work with the Information Security Team to improve security for the company by configuring and administering security systems and tools Monitor and respond to security events using SIEM and SOAR tools Investigate security incidents to determine root cause and remediation tactics Help automate security monitoring and remediation processes Prepare and analyze security incident data and metrics for periodic reporting Collaborate on vulnerability management, remediation, and penetration testing efforts Implement and manage SAST, DAST, and Burp Suite across GitHub CI/CD pipelines and development workflows Champion secure coding practices based on OWASP Top 10 and SSDF guidelines Help secure cloud environments (Azure, AWS) and container-based deployments Conduct regular security assessments to ensure alignment with SSDLC standards After-hours configuration changes and on-call support required MINIMUM QUALIFICATIONS: Bachelor's degree in Computer Science, Information Systems (or related degree), or equivalent experience. 3+ years of experience in Application or Information Security Strong understanding of SSDLC, NIST SSDF, and DevSecOps principles. Experience with SAST/DAST tools (e.g., GitHub Advanced Security, BURP). Solid knowledge of OWASP Top 10 and secure coding best practices. Proficiency in GitHub for code review, pipeline security, and automation. Hands-on with scripting (Python, PowerShell, Bash) and API security. Experience in Azure and AWS cloud security, containers, and infrastructure-as-code. Familiarity with SIEM/SOAR platforms and incident response workflows. Experience with Windows, MacOS, and Linux operating systems Proficient in Microsoft Office applications such as Microsoft Outlook, Word, Excel, PowerPoint, and SharePoint ** This is a full-time, W2 position with Hub Group - We are NOT able to provide sponsorship at this time ** Salary: $95,000-150,000/year + bonus eligibility ** This is an estimated range based on the circumstances at the time of posting, however, may change based on a combination of factors, including but not limited to skills, experience, education, market factors, geographical location, budget, and demand** Benefits We offer a comprehensive benefits plan including: Medical Dental Vision Flexible Spending Account (FSA) Employee Assistance Program (EAP) Life & AD&D Insurance Disability Paid Time Off Paid Holidays BEWARE OF FRAUD! Hub Group has become aware of online recruiting related scams in which individuals who are not affiliated with or authorized by Hub Group are using Hub Group's name in fraudulent emails, job postings, or social media messages. In light of these scams, please bear the following in mind Hub Group will never solicit money or credit card information in connection with a Hub Group job application. Hub Group does not communicate with candidates via online chatrooms such as Signal or Discord using email accounts such as Gmail or Hotmail. Hub Group job postings are posted on our career site: ******************************** About Us Hub Group is the premier, customer-centric supply chain company offering comprehensive transportation and logistics management solutions. Keeping our customers' needs in focus, Hub Group designs, continually optimizes and applies industry-leading technology to our customers' supply chains for better service, greater efficiency and total visibility. As an award-winning, publicly traded company (NASDAQ: HUBG) with $4 billion in revenue, our 6,000 employees and drivers across the globe are always in pursuit of "The Way Ahead" - a commitment to service, integrity and innovation. We believe the way you do something is just as important as what you do. For more information, visit ****************

Resource will work as an Information Security Analyst responsible for auditing and monitoring systems containing confidential information. This position is also responsible for helping the organization manage its risks by monitoring the organization's IT systems for inefficiencies, inaccuracies, mismanagement, etc. Tasks will include assisting with the configuration of data, application, network, and IAAM logs; assisting with log reporting tools; and monitoring systems for security problems. The position participates in all aspects of the technology audit and monitoring including the planning, control analysis, testing, issue development, and reporting phases. This position will also participate in all federal and state audits against DCS technology systems. Employee works in an Information Technology Division of a State Agency, the Department of Child Services (DCS-IT) under the guidance of the Security Manager. The essential functions of this role are as follows: • Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement; • Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment. • Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits. • Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800-53). • Develops Standard Operating Procedures (SOP) for implementing security polices; • Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems; • Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data; • Develops and implements procedures for use of information security management software; • Proposes information security software enhancements; • Performs periodic audits to assure security policies and standards are being followed and are effective. • Develops recommendations for enhancements and generates reports where necessary; • Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security; • Mentors and provides guidance to new or other staff as needed; • Performs related duties as assigned. • Assist on other task as assigned. Thorough knowledge of information security management tools, policies, and standards of information security procedures; • Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy; • Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation; • Familiarity with domain structures, user authentication, and digital signatures; • Ability to develop and maintain information security standards; • Ability to understand and apply complex computer logic to work; • Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management; • Experience in assessing security needs of teams and assist in their security training. • Ability to communicate effectively both orally and in writing; • Ability to be a team member as well as a team leader depending on the situation; • Degree in information security or technology preferred; • Security certification preferred (e.g. CISSP). • Network Admin experience preferred. Supervisory Responsibilities/Direct Reports: This role does not provide direct supervision to direct reports.

Job Title: Senior Information Security Engineer - AI Primary Location: Rosemont, IL - Hybrid, 3 days onsite Direct Hire TalentFish is casting a line for a Senior Information Security Engineer - AI/Artificial Intelligence. This is a Direct Hire role based in Rosemont, IL with a hybrid schedule (3 days onsite) with our premier client. This is a new, exciting position within an awarded top Chicago employer organization where you'll contribute to the organization's Responsible Artificial Intelligence governance by assessing the security, integrity, and risks associated with the use of AI models and technologies. This role is hands-on and works closely with multi-disciplinary teams to evaluate AI use cases and maintain AI security frameworks and standards. What You Bring to the Role (Ideal Experience) • Bachelor's degree in Computer Science, Mathematics, or related field • 5+ years of total professional experience, including security, data security, or control validation experience • 2-3 years of practical, hands-on experience working with Artificial Intelligence technologies; working directly with AI models or ML systems • Ability to evaluate AI model risks, including bias, data exposure, data leakage, and model poisoning • Data processing or analytics skills are a plus What You'll Do (Skills Used in This Position) • Lead security assessments for AI models, including Large Language Models (LLMs), Natural Language Models (NLMs), and Small Language Models (SLMs) • Participate in review committees to assess AI use cases for value, complexity, feasibility, risk, compliance, and strategic alignment • Review AI architecture and usage within internal and third-party solutions to ensure adherence to AI security frameworks and regulatory requirements • Support development and maintenance of AI security standards, frameworks, and governance models • Provide education on AI security best practices, emerging risks, and mitigation strategies • Perform additional related responsibilities as required Compensation Information The expected salary range for this position is $120,000 - $150,000 per year, depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, 401(k), and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations. This role requires authorization to work in the U.S. without current or future visa sponsorship. All offers are contingent upon the completion of a background check, which may include but is not limited to reference checks, education verification, employment verification, drug testing, criminal records checks, and any required certifications or compliance requirements based on the end client's background check policies and applicable laws. TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening, and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible. At TalentFish we are an Equal Opportunity Employer; we embrace and encourage diversity!

Local candidates only. Resource will work as an Information Security Analyst responsible for auditing and monitoring systems containing confidential information. This position is also responsible for helping the organization manage its risks by monitoring the organization's IT systems for inefficiencies, inaccuracies, mismanagement, etc. Tasks will include assisting with the configuration of data, application, network, and IAAM logs; assisting with log reporting tools; and monitoring systems for security problems. The position participates in all aspects of the technology audit and monitoring including the planning, control analysis, testing, issue development, and reporting phases. This position will also participate in all federal and state audits against DCS technology systems. Employee works in an Information Technology Division of a State Agency, the Department of Child Services (DCS-IT) under the guidance of the Security Manager. The essential functions of this role are as follows: • Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement; • Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment. • Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits. • Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800-53). • Develops Standard Operating Procedures (SOP) for implementing security polices; • Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems; • Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data; • Develops and implements procedures for use of information security management software; • Proposes information security software enhancements; • Performs periodic audits to assure security policies and standards are being followed and are effective. • Develops recommendations for enhancements and generates reports where necessary; • Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security; • Mentors and provides guidance to new or other staff as needed; • Performs related duties as assigned. • Assist on other task as assigned. Thorough knowledge of information security management tools, policies, and standards of information security procedures; • Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy; • Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation; • Familiarity with domain structures, user authentication, and digital signatures; • Ability to develop and maintain information security standards; • Ability to understand and apply complex computer logic to work; • Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management; • Experience in assessing security needs of teams and assist in their security training. • Ability to communicate effectively both orally and in writing; • Ability to be a team member as well as a team leader depending on the situation; • Degree in information security or technology preferred; • Security certification preferred (e.g. CISSP). • Network Admin experience preferred. Supervisory Responsibilities/Direct Reports: This role does not provide direct supervision to direct reports.

Security Engineer - Application Security (Azure Focus) An established global logistics leader is seeking a Security Engineer to join its growing cybersecurity team. This is the second dedicated security hire, reporting directly to the CISO, and will play a key role in advancing the company's security posture across application environments. Day-to-Day: This engineer will own new initiatives from research through implementation, focusing on application security in Azure environments. The role involves incident response, tool deployment, vendor collaboration, policy creation, and hands-on engineering work. You'll partner closely with both technical and non-technical teams to establish security best practices, communicate effectively across departments, and drive adoption of new solutions. The position requires someone who can operate independently, lead projects, and contribute strategically to ongoing security improvements. While networking knowledge is helpful, this role is security-focused-ideal for someone with experience in an MSSP or enterprise security environment. What You'll Bring: Application Security expertise with hands-on engineering experience Strong Azure Cloud background Advanced GIAC certifications Excellent communication and collaboration skills Self-driven, proactive approach to problem-solving and project ownership This is not a compliance or analyst position-it's a hands-on, technical engineering role for someone ready to take ownership of the application security landscape and shape the future of security initiatives within a global organization.

About Us Founded in 2014, we offer the industry's first and only cloud-based, fully-customizable, end-to-end software solution to automate securities-based lending from origination through the life of the loan. By combining thought leadership in suitability and risk management with industry-leading education and the latest technology, Supernova enables advisors to deliver holistic, goals-based advice and to help their clients achieve financial wellness. We partner with the industry's largest banks, most prominent insurance companies and leading online brokerages to democratize access to securities-based lending and better the entire financial ecosystem. Why Join Supernova? At Supernova Technology, we believe that the best results come from a team that is passionate, driven, and supported in all aspects of their professional lives. Here, you'll work alongside talented and innovative individuals who are committed to driving the future of securities-based lending technology. We foster a culture of collaboration, continuous learning, and growth, where each person's contributions make a real impact. Job Overview We are seeking a highly motivated and detail-oriented Security Engineer to help secure our securities-backed lending SaaS platform. The successful candidate will focus primarily on application security, secure SDLC, and application vulnerability management, while also assisting with the execution and implementation of broader information security initiatives. You'll partner with engineering, SRE/DevOps, and business teams to embed security into our build and delivery processes, support risk reduction across cloud and endpoint surfaces, and drive measurable remediation outcomes in a regulated financial-services environment. RESPONSIBILITIES: Perform hands-on web/API penetration tests, validate scanner findings, and provide clear PoCs, impact statements, and prioritized remediation aligned with OWASP. Integrate and tune SAST, DAST, SCA, container, and secret-detection tools in CI/CD; define pass/fail gates and PR checklists. Conduct lightweight threat modeling and security design reviews for new features such as authentication, session management, and secrets handling. Manage the full application vulnerability lifecycle (discover → prioritize → fix → retest → close) with SLAs and metrics. Assist in hardening AWS and ECS/Docker workloads (IAM roles, network segmentation, image policies, logging/monitoring) and support patch hygiene across cloud, container, and endpoints. Participate in incident response, including exploit reproduction, log analysis, impact assessment, and lessons learned. Provide evidence for audits (ISO 27001, SOC 2, NIST SSDF), maintain policies and developer guidance, and support vendor/security evaluations. Translate findings into developer-ready tickets, publish secure-coding guidance, and partner with engineering to streamline secure delivery. Prototype automation, explore AI/LLM-assisted workflows to improve triage and code review, and share improvements across teams. Contribute to organization-wide cybersecurity training and awareness efforts. QUALIFICATIONS: Bachelor's degree in security engineering, information assurance, or related field. 2-3 years of experience in security or software engineering (internships, labs, or open-source count), preferably in regulated industries. Strong knowledge of web/API security issues (auth, session management, injections, SSRF, CSRF, access control) and common cloud/web misconfigurations. Experience with SDLC security tools (SAST/DAST/SCA/secret detection/container scanning), CI/CD workflows, and Git. Scripting or coding skills (Python or JavaScript/TypeScript) and ability to read backend code. Familiarity with AWS security basics (IAM least privilege, KMS, logging/monitoring, security groups) and Docker/ECS runtime considerations. Clear communication skills with the ability to translate risk into actionable remediation. Experience using AI/LLM-assisted tools for triage, documentation, or code review preferred. Exposure to WAF/CDN tuning, API protection, and risk-based remediation SLAs/metrics preferred. Familiarity with frameworks like OWASP ASVS/SAMM, NIST SSDF, ISO 27001, SOC 2, PCI DSS preferred. Relevant security certifications preferred. Our Employee Benefits At Supernova Technology, we provide a robust benefits package to support the health and well-being of our employees. Our offerings include: Medical, Dental, and Vision Insurance: Multiple plans with coverage for employees and dependents. HSA and FSA Accounts: Tax-advantaged accounts for health and dependent care expenses. Life and Disability Insurance: Employer-paid basic coverage with options for additional voluntary coverage. Compensation: $95,000 - $130,000 Retirement Savings: 401(k) plan with employer contributions. Employee Assistance Program (EAP): Confidential support services, including free therapy sessions. Paid Time Off: Flexible PTO policies. Additional Perks: Commuter benefits, pet insurance, continuing education assistance, and more. Note: Actual salary at the time of hire may vary and may be above or below the range based on various factors, including but not limited to, the candidate's relevant qualifications, skills and experience, and the location where this position may be filled. Our Core Values Our core values drive everything we do. At Supernova, we... Form, execute, and communicate new ideas that add value to our employees and customers Strive through obstacles and failures Follow-through on promises or commitments to others, accept responsibility, and answer for actions & decisions Listen to, understand, and support our employees and customers Act with speed, positive attitude, and flexibility Exceed expectations and surpass ourselves every day; we embrace a sense of pride and never stop growing Join us and make an impact while growing your career at Supernova.

About the Company: A Leading Financial Service Client is looking to hire a strong Security Engineer who can lead Red team exercises against a hybrid environment using threat intelligence and the MITRE Telecommunication&CK Framework. Responsibilities: Approx 8 years' experience with industry standard Red Team testing tools (Cobalt Strike, Mythic C2, Rubeus, Bloodhound, Covenant, etc.) or the ability to demonstrate equivalent knowledge. Expert understanding of how an Advanced Persistent Threat could compromise a financial institution without using phishing. Expert understanding of Red Team concepts, tools, and automation strategies. Expert understanding of MITRE Telecommunication&CK framework tactics, techniques, and procedures. Expert understanding of measuring and rating vulnerabilities based on principal characteristics of a vulnerability. Expert understanding of Windows and Linux system hardening concepts and techniques.

Salary: Open + Bonus Hybrid: 3 days onsite, 2 days remote *This role is open to H1B transfer* Qualifications Bachelors' degree including 6+ years of related experience Experience in one or more of the following disciplines: security operations, development, engineering, or architecture Experience supporting privileged access management and access controls programs. Professional or personal experience using AI coding agents such as OpenAI Codex, Claude Code, or Gemini CLI. Expertise in providing operational and engineering support for one or more of the following: CyberArk, HashiCorp Vault, Active Directory Certificate Services (ADCS), HSMs, and Public Key Infrastructure (PKI). Expertise in scripting languages and developing in one or more of the following languages Golang, Bash, Python, PowerShell, Ansible, and/or Terraform. Knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation. Knowledge of application authentication and authorization systems (i.e., Active Directory, OAuth 2.0, OIDC, AWS IAM, App Role, k8s, LDAPS, Kerberos, Certificate) Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. Working knowledge of security architecture design and principles including confidentiality, integrity and availability. Responsibilities Manage privileged access systems that protect most critical assets, implement AI-based security capabilities, and help shape security architecture. Provide 24x7 operational support for the suite of privileged management solutions (e.g., CyberArk, Hashi, PKI), including implementing hot fixes, resolving bugs, troubleshooting issues, performing break-fixes, managing secrets lifecycle, and delivering end-user support. Maintain robust operational integrity of privileged access management infrastructure throughout its lifecycle (e.g., patching, version control, system upgrades, etc.). Provide organizational subject matter experts on secrets management and privileged access management architecture, establishing and enforcing security as code principles throughout the environment. Develop and implement system enhancements to improve platform user experience and automated integrations, while designing long-term solutions to address operational issues through innovative technologies including artificial intelligence for faster detection and remediation of functional and technical problems.

Ann & Robert H. Lurie Children's Hospital of Chicago provides superior pediatric care in a setting that offers the latest benefits and innovations in medical technology, research and family-friendly design. As the largest pediatric provider in the region with a 140-year legacy of excellence, kids and their families are at the center of all we do. Ann & Robert H. Lurie Children's Hospital of Chicago is ranked in all 10 specialties by the U.S. News & World Report. Location 680 Lake Shore Drive Job Description The Incident Response Analyst helps guide resources to prepare for, coordinate, and respond to incidents, including, but not limited to, computer security vulnerabilities, malware, phishing, and social engineering, as well as associated forensic investigations. This position utilizes industry-leading security incident response procedures, performing frequent monitoring of incident detection control effectiveness and helping to inform preparedness exercises. This position effectively collaborates with managed detection and response, incident assistance, and security forensics partners. This position coordinates with internal emergency preparedness teams and contributes to a resilient business continuity posture. Essential Job Functions: Area Specific Job Accountabilities: Receive and triage incoming security alerts to determine their severity, priority, and relevance. Conduct initial triage and investigation of security incidents, including gathering and analyzing relevant data and logs. Analyze logs and security event data to identify indicators of compromise (IOCs) and potential security incidents. Conduct analysis of suspicious files, malware samples, or artifacts to understand their behavior and potential impact. Assist in the collection and preservation of digital evidence during incident investigation. Prepare detailed incident reports, documenting the timeline, actions taken, and lessons learned from each incident. Performs other duties as assigned. Knowledge, Skills, & Abilities: Bachelor's degree, preferably in Computer Science or related information security expertise. 2+ years of experience in information security incident response required. SANS GCIH (GIAC Certified Incident Handler), CISSP (Certified Information Systems Security Professional), CISA (Certified Information Security Auditor) or equivalent certification highly desired. Strong knowledge of information security forensics, security operations, security monitoring, technology implementation, risk analysis strategy, and NIST incident response life cycle. Experience and knowledge with information security frameworks, regulatory compliance, and regulatory bodies (e.g., HITRUST, NIST, HIPAA, DHHS). Goal oriented with the ability to lead team achievements toward desired results utilizing both internal and external resources. Professional communication, disciplined documentation, and commitment to following and improving processes and procedures. Familiarity and experience with crisis management, disaster recovery, and business availability programs and procedures Education High School Diploma/GED (Required) Pay Range $93,600.00-$154,440.00 Salary At Lurie Children's, we are committed to competitive and fair compensation aligned with market rates and internal equity, reflecting individual contributions, experience, and expertise. The pay range for this job indicates minimum and maximum targets for the position. Ranges are regularly reviewed to stay aligned with market conditions. In addition to base salary, Lurie Children's offer a comprehensive rewards package that may include differentials for some hourly employees, leadership incentives for select roles, health and retirement benefits, and wellbeing programs. For more details on other compensation, consult your recruiter or click the following link to learn more about our benefits. Benefit Statement For full time and part time employees who work 20 or more hours per week we offer a generous benefits package that includes: Medical, dental and vision insurance Employer paid group term life and disability Employer contribution toward Health Savings Account Flexible Spending Accounts Paid Time Off (PTO), Paid Holidays and Paid Parental Leave 403(b) with a 5% employer match Various voluntary benefits: Supplemental Life, AD&D and Disability Critical Illness, Accident and Hospital Indemnity coverage Tuition assistance Student loan servicing and support Adoption benefits Backup Childcare and Eldercare Employee Assistance Program, and other specialized behavioral health services and resources for employees and family members Discount on services at Lurie Children's facilities Discount purchasing program There's a Place for You with Us At Lurie Children's, we embrace and celebrate building a team with a variety of backgrounds, skills, and viewpoints - recognizing that different life experiences strengthen our workplace and the care we provide to the Chicago community and beyond. We treat everyone fairly, appreciate differences, and make meaningful connections that foster belonging. This is a place where you can be your best, so we can give our best to the patients and families who trust us with their care. Lurie Children's and its affiliates are equal employment opportunity employers. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin, ancestry, age, disability, marital status, pregnancy, protected veteran status, order of protection status, protected genetic information, or any other characteristic protected by law. Support email: ***********************************

Job Description Support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

Min USD $31.51/Hr. Max USD $48.83/Hr. Under the direction of the Manager, Security Operations, the Security Operations Analyst protects organizational assets by ensuring an effective information security control environment for Memorial Health System. This role is a combination of project management and incident response through identification, analysis, prioritization, communication and mitigation of incidents as they occur. Please note this is a hybrid position and is required to be onsite in Springfield, IL several days per week. On call rotation is for 1 week approximately every 5 weeks. Qualifications Minimum Qualifications:Education:• Bachelor's degree in health information management, Computer Science, Business, Cybersecurity, Health Care, or related discipline required. Four or more years of relevant prior work experience may be considered in lieu of degree.Licensure/Certification/Registry:• Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or similar security related certification preferred.Experience:• Minimum 2 years of security experience required.• Minimum 2 years of compliance experience preferred.• Minimum 2 years of project management experience preferred. • Demonstrated experience with healthcare clinical and financial applications required.• Experience with audit methodologies and control frameworks (such as ISO27001 or NIST) required.• Experience with MS365 Office suite and collaboration tools required. Other Knowledge/Skills/Abilities:• Demonstrated strong communication skills and diplomacy to work between technical and administrative teams at all organizational levels, as well as to write and update concise and accurate documentation.• Demonstrated knowledge of Microsoft Windows systems, administrator and client/server communications protocol, UNIX, Oracle, LDAP, XML and directory administration. Demonstrated knowledge of computer systems, architecture and process flow. • Evidence of leadership, creativity, integrity, and initiative. Evidence of ability to achieve results and inspire others to do the same, personal accountability, and dedication to continue learning and investigating relevant technology required.• Demonstrated planning, problem-solving, decision-making, analytical and change management skills. • Demonstrated ability to maintain confidentiality, professionalism, and trustworthiness.• Demonstrated ability to drive projects forward and achieve objectives aligned with strategic direction, even in the face of stakeholder resistance or ambiguity.• Must be personally motivated to achieve results alone and through others particularly related to providing exceptional customer service. Must be results oriented and be able to manage time appropriately in order to meet assigned goals. Responsibilities Principle Duties & Responsibilities:1. Performs various daily operational tasks as assigned by Security Operations Manager to ensure the continued security and protection of MH data. 2. Provides ongoing consulting on industry best practices regarding the securing of information assets.3. Analyzes department processes and identifies security gaps between teams.4. Documents control gaps; proactively develop plans to address identified gaps with subject matter expert and stakeholder input. 5. Investigate security incidents and breaches6. Responds to computer security incidents according to the incident response policy and procedures.7. Coordinate containment, eradication, and recovery efforts8. Works with business areas to develop, document, and update policies, plans, processes, procedures, and guidance to ensure a safe, effective control environment. 9. Maintains the organizational security control baseline for security-related compliance. 10. Collaborate with vulnerability management teams to assess and remediate risks11. Embodies the Memorial Health System Performance Excellence Standards of Safety, Courtesy, Quality, and Efficiency that support our mission, vision and values:• SAFETY: We put safety first. We speak up and take action to create an environment of zero harm. We build an inclusive culture where everyone can fully engage.• INTEGRITY: We are accountable for our attitude, actions and health. We honor diverse abilities, beliefs and identities. We respect others by being honest and showing compassion.• QUALITY: We listen to learn and partner for success. We seek continuous improvement while advancing our knowledge. We deliver evidence-based care to achieve excellent outcomes.• STEWARDSHIP: We use resources wisely. We are responsible for delivering equitable care. We work together to coordinate care.12. Develops, maintains, and tests incident response plans to ensure organizational compliance with required laws and regulations. 13. Supports the Security Operations Manager in continued development and refinement of Disaster Recovery plans14. Supports security awareness training, working to expose all departments to new and improved processes.15. Perform triage on incoming alerts to determine severity and relevance, working with system, application, and network owners to explain, remediate, and document as needed The intent of this job description is to provide a representative summary of the major duties and responsibilities performed by incumbents of this job. Incumbents may be requested to perform tasks other than those specifically presented in this description.

3M has a long-standing reputation as a company committed to innovation. We provide the freedom to explore and encourage curiosity and creativity. We gain new insight from diverse thinking, and take risks on new ideas. Here, you can apply your talent in bold ways that matter. : JOB DESCRIPTION: What You'll Do As a key member of the IT Security Compliance team, reporting to the Team Lead - Security Compliance, you will: * Execute day-to-day cybersecurity risk, compliance, and assurance activities. * Support global cybersecurity certifications including ISO 27001 and ISO 27017, evaluating control effectiveness and reviewing evidence of controls. * Assist in achieving ISO 27001 certification by identifying risks and implementing controls. * Maintain and continuously improve 3M's Information Security Management System (ISMS). * Create, update, and manage ISMS documentation, reports, and audit records. * Act as Subject Matter Expert (SME) for PCI DSS, advising stakeholders, conducting internal assessments, and driving PCI DSS v4.0.1 reviews, gap assessments, and control evaluations. * Provide high-level knowledge support on other frameworks and standards including NIST, SOX, SWIFT, and TISAX. * Deliver timely written reports, metrics, and updates to cybersecurity management. * Collaborate and communicate effectively across teams and with stakeholders. What We're Looking For * Education: Bachelor's degree with a minimum of 4 years of experience in Information Security, GRC, or related roles. * Certifications (preferred): ISO 27001 Lead Auditor/Implementer, PCI ISA, CISA, CISM, CRISC, or equivalent. * Skills & Knowledge: * Strong knowledge of information security risk standards, frameworks, and methodologies. * Experience working with GRC tools such as OneTrust, Archer (or similar). * Excellent written and verbal communication skills. * Ability to manage multiple priorities and adapt to evolving business needs. Learn more about 3M's creative solutions to the world's problems at ********** or on Instagram, Facebook, and LinkedIn @3M. Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement. Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly. 3M Global Terms of Use and Privacy Statement Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms. Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.

Join American Structurepoint and become part of a team that goes the extra mile for our clients and communities. We live by our values - respect, staff development, results and family. Our team is encouraged to explore new ideas and turn our clients' dreams into reality. With exceptional benefits, training, and mentorship, we pave the way for a rewarding career. Ready for more than just a job? Explore opportunities with us and help improve the quality of life in the communities we serve. Group: Information Technology Position: IT Security Analyst Location: Indianapolis, IN Are you passionate about cybersecurity and ready to protect the digital backbone of an innovative engineering firm? We're looking for a skilled IT Security Analyst to join our team and help secure mission-critical systems, proprietary data, and infrastructure. Join a team where your cybersecurity expertise directly supports groundbreaking engineering projects. Apply now or message us to learn more! Responsibilities • Monitor and analyze network traffic for threats and vulnerabilities • Conduct regular security assessments and penetration testing • Work collaboratively with Infrastructure team to learn and review firewalls, antivirus, and intrusion detection/prevention systems - Maintain Secure by Design Approach • Investigate and respond to security incidents • Continually develop (update) and implement cybersecurity policies and procedures • Collaborate with engineering and IT teams to secure sensitive project data • Stay ahead of emerging threats and technologies • Be passionate about: o Learning new technologies o Working collaboratively in a team atmosphere Qualifications Must-Haves: • Bachelor's degree in Computer Science, Cybersecurity, or related field • 3+ years of experience in IT security roles • Strong knowledge of network protocols, firewalls, and endpoint protection • Experience with SIEM tools - Understand and develop queries and expressions • Basic Understanding of NIST, SOC2, CMMC or similar frameworks • Excellent communication and problem-solving skills • Excellent written and documentation skills Nice-to-Haves: • Certifications: CISSP, CISM, CEH, or Security+ • Experience with cloud security (AWS, Azure) • Scripting knowledge (Python, PowerShell) • Exposure to engineering software platforms (AutoCAD, SolidWorks) • Familiarity with Zero Trust architecture

Title: Security Operations Center (SOC) - Information Security Analyst Company: Award-Winning, $50B Publicly Traded Company Type: Full-Time Location: Hybrid - Chicagoland Area (Onsite 3-4 Days/Week) Travel: None Job Overview Join an award-winning, publicly traded company and be part of a fast-paced, cutting-edge security team! This newly developed SOC Analyst role offers an exciting and dynamic environment where no two days are the same. You'll have the opportunity to work with leading security tools like Splunk, CrowdStrike, Digital Shadows, and Proofpoint, while collaborating with a skilled and supportive security engineering team. You'll be part of a tight-knit, communicative team that values collaboration, knowledge-sharing, and professional growth. If you thrive in fast-paced security operations and enjoy hands-on problem-solving, this is an excellent opportunity to make an impact. Key Responsibilities: Manage the Phish Alert mailbox. Perform QA on tickets for a service provider. Handle tier 2 escalated inquiries. Support security operations through log aggregation and analysis. Leadership & Team Culture The leadership team is known for holistically supporting its team members, ensuring that growth, learning, and well-being remain top priorities. They provide ongoing career development opportunities, mentorship, and hands-on training to help employees expand their expertise and advance their careers. Beyond technical growth, leadership fosters a culture of inclusivity and collaboration, ensuring that every team member is heard, valued, and supported. Open communication, continuous learning, and a strong sense of community define the workplace, empowering individuals to contribute, innovate, and succeed. Requirements 3+ years of experience in cybersecurity or a related field. Proficiency with at least some of the following tools: CrowdStrike, Proofpoint, Digital Shadows, or Splunk Experience working in a Security Operations Center (SOC) environment is a plus, but not required. Compensation & Benefits Base Salary: $70,000 - $90,000 (dependent on qualifications, skills, and experience). Bonus Eligible. Comprehensive Benefits Package Includes: Medical, Dental, Vision, and Life Insurance Traditional and Roth 401(k) with company match Employee Stock Purchase Plan (ESPP) And much more! Apply Today!

The Information Security Specialist supports the planning, implementation, and operation of StarPlus Energy's global and local security management systems. This position ensures compliance with international and Korean security regulations, establishes physical and IT infrastructure security systems, and coordinates with both corporate headquarters and Korean government authorities to prevent information leaks and respond to potential security threats. This position reports to the Information Security Manager. Roles & Responsibilities: Plan, develop, and operate corporate information security systems for facility and IT infrastructure protection Establish incident response procedures and maintain readiness against internal and external security threats Develop and operate the site's physical security management system, including access control, CCTV, and intrusion detection system Manage and oversee external security service providers (e.g., physical security guards, monitoring services, and system maintenance vendors) to sure proper performance and contract compliance Support vendor performance evaluations, documentation, and corrective actions when service issues arise Define and enforce information protection policies and procedures to ensure consistent implementation across the organization Establish and operate a security management framework for Korean National Core Technology (KNCT) compliance Assign protection grades, define and manage secure communication systems, and safeguard all data and documentation related to KNCT Coordinate and conduct security education and training for employees Develop and maintain incident response systems to address potential data or technology leakage Support internal and external security audits and inspections from Korean government and SDI Headquarters Perform security infrastructure vulnerability assessments and implement corrective actions as needed Prepare technical report, standard operating procedures (SOPs), and other documentation required for compliance and audit response Perform other position related duties as assigned

Resource will work as an Information Security Analyst responsible for auditing and monitoring systems containing confidential information. This position is also responsible for helping the organization manage its risks by monitoring the organization's IT systems for inefficiencies, inaccuracies, mismanagement, etc. Tasks will include assisting with the configuration of data, application, network, and IAAM logs; assisting with log reporting tools; and monitoring systems for security problems. The position participates in all aspects of the technology audit and monitoring including the planning, control analysis, testing, issue development, and reporting phases. This position will also participate in all federal and state audits against DCS technology systems. Employee works in an Information Technology Division of a State Agency, the Department of Child Services (DCS -IT) under the guidance of the Security Manager. The essential functions of this role are as follows: • Monitors and keep supervisor informed of status of information security and confidentiality conditions, including problem areas and recommended enhancement; • Interfaces with user customers to understand their security needs and implement procedures to accommodate them including training and assessment. • Assists with preparing for security audits (e.g. IRS, SSA, OCSE, FBI, SBOA) and remediating any findings; assists with creating and submitting reports relevant to security audits. • Develop information security policies and standards for protection of information systems in compliance with state and federal requirements (e.g. IRS, SSA, OCSE, FBI, IOT) and guidelines (e.g. NIST SP 800 -53). • Develops Standard Operating Procedures (SOP) for implementing security polices; • Recommends appropriate security safeguards to be included during development of new information technology systems and legacy systems; • Ensures maximum utilization of computer hardware and software features to secure automated systems and associated data; • Develops and implements procedures for use of information security management software; • Proposes information security software enhancements; • Performs periodic audits to assure security policies and standards are being followed and are effective. • Develops recommendations for enhancements and generates reports where necessary; • Keeps abreast of new laws and changes affecting privacy standards, network security, cloud security, remote access, and physical security; • Mentors and provides guidance to new or other staff as needed; • Performs related duties as assigned. • Assist on other task as assigned. Thorough knowledge of information security management tools, policies, and standards of information security procedures; • Thorough knowledge of state and federal legislation and regulatory laws pertaining to information system security and privacy; • Thorough knowledge of software vulnerabilities, vulnerabilities scanning tools, and vulnerabilities remediation; • Familiarity with domain structures, user authentication, and digital signatures; • Ability to develop and maintain information security standards; • Ability to understand and apply complex computer logic to work; • Ability to work effectively with a wide range of information technologists, including systems administrators, technical support, application development, end users and management; • Experience in assessing security needs of teams and assist in their security training. • Ability to communicate effectively both orally and in writing; • Ability to be a team member as well as a team leader depending on the situation; • Degree in information security or technology preferred; • Security certification preferred (e.g. CISSP). • Network Admin experience preferred. Supervisory Responsibilities/Direct Reports: This role does not provide direct supervision to direct reports. Required / Desired Skills Skill Required / Desired Amount of Experience To be effectively with wide range of information technologists, including systems administrators, technical support, application development, end users Required 3 Years Network Admin experience Required 3 Years Security certification (e.g. CISSP, CRISC) Required 3 Years Ability to develop and maintain information security standards; Required 1 Years Ability to understand and apply complex computer logic to work Required 1 Years Degree in information security or technology Required 1 Years Familiar with cybersecurity security framework (e.g. NIST, ISO, SOC 2, CIS, Cobit, etc.) Required Computer security compliance and auditing experience Required IRS, SSA computer security compliance and audit experience Required HIPAA experience Required

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Job Description Location: 100 Abbott Park Road, Lake County, Abbott Park, IL 60064 Duration: 6+ months (could go beyond) Roles: • Network Directory and Infrastructure Services Administration. • Knowledge of domain administration and troubleshooting, Active Directory, MS FIM, Exchange, MS Office365 and supporting technologies, MS Azure, NPS, Federation and SQL Server administration required. Responsibilities: • Provide technical Level III problem isolation and resolution for a Global Active Directory Network. • Configures and performs advanced diagnostics on infrastructure components and cloud based applications. • Understands and repairs Domain infrastructure including DNS, DHCP, ADLDS, ADFS and FIM Sync. • Understands and can configure/install Win Server 2008r2/2012r2 technologies for domain controllers and Radius Authentication servers. • Repair and recover from hardware or software failures. • Rotate on-call and must be available to work a varied shift schedule in a 7x24 hour operations center environment. • Initiate major outage communication technical bridges as requested. • Apply fix procedures as instructed for repetitive events as instructed and coordinate with impacted constituencies. Competencies: • Superior knowledge of Active Directory overall and its administrative components. • Perform domain administration for 61,000+ workstations including domain controllers, NPS, Win 2003/2008R2/2012 server hardware, dynamic host configuration protocol (DHCP), domain name servers (DNS) configuration integrated with active directory, desktop configuration and end user support. • Candidate will have worked in an AD environment that has done acquisition and divestiture work, Candidate will have worked with products such as ADMT, and ADLDS and the roles they play in M&A activities such as management of active directory structure in creation, administration of organizational units (OU), containers and sub containers throughout the domain from geographic to organizational standards, while setting policies and permissions. • Candidate should have expert knowledge of Federation protocols including OAuth, SAML, WSFed, and a deep understanding of the IDP and SP roles associated with Federation environments. • Candidate will have worked with Office 365 from an Identity standpoint and have an understanding of Azure Active Directory Sync and Identity Federation for Cloud services. • Expertise should include attribute mapping and troubleshooting as well as rule sets associated with AADSync. • Candidate must be able to correctly configure servers and clients for all services. • Can isolate and repair most DNS and IP service problems. • Understands and uses the appropriate tools in all instances during problem isolation and repair. • Possesses an in depth understanding of communications technologies and can isolate and resolve most infrastructure issues. Qualifications • Associates Degree Minimum, prefer Computer Science or technology area or telecommunications science business minor • Three (3) to six (6) months of specialized technical courses in Win and Active Directory technology's typically provided by vendors, technical societies, or equivalent experience. Additional Information To know more about this position, please contact: Himanshu Prajapat ************ **********************************

Information Security Analyst STATUS: Full time DEPARTMENT: Information Security Office DIVISION: Information Technology CLASSIFICATION: Exempt UNION: Non-Union REPORTS TO: Senior Director Information Security PLACEMENT: Professional staff, S11 HIRING RANGE: $70,689 - 79,526 Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The student population at the college is diverse in ethnicity, gender, language, age and background. Joliet Junior College is an AA/EO employer and strongly encourages applications from candidates who would enhance the diversity of its staff. POSITION SUMMARY The Information Security Analyst is responsible for protecting the college's information systems and data by monitoring, analyzing, and responding to security incidents and threats. This role supports compliance with regulatory requirements (e.g., CIRCIA, HIPAA, GLBA), enhances operational efficiency, and contributes to the continual improvement of security processes and documentation. The analyst will also detect opportunities to develop and maintain security documentation, including knowledgebase articles, and manage security-related tickets from stakeholders. ESSENTIAL JOB DUTIES AND KEY RESPONSIBILITIES 1. Incident Management: Monitor, triage, and respond to cybersecurity threats and incidents across network, application, identity, and cloud layers. 2. Vulnerability Management: Participate in vulnerability assessments and penetration testing to identify and remediate security weaknesses. 3. Security Operations: Manage and maintain security tools (e.g., SIEM, IDS/IPS, vulnerability scanners), ensuring daily monitoring and compliance. 4. Facilitate the integration of SOC/Managed Security Services activities with the broader Information Security team, ensuring consistent application of ITIL processes such as Incident Management, Problem Management, and Event Management. 5. Identity Management: Support Office 365 email account management tasks, including user permissions, credential hand-offs, mailbox access provisioning, and coordination with identity and access management processes." 6. Compliance & Risk Management: Assist in legal and regulatory compliance efforts; conduct risk assessments and support audit activities. 7. Service Request Management: Handle, triage, and manage tier 2 level and up security-related tickets and requests from stakeholders, ensuring timely resolution and escalation as needed. 8. Knowledge Management: Detect opportunities to develop, improve, and maintain security documentation, including knowledgebase articles and process guides. 9. Process Improvement: Assist with the development and continual improvement of security-related processes, automation initiatives, and reporting tools. 10. Cloud Support: Support secure cloud infrastructure through systems auditing and account lifecycle management. 11. Collaboration & Training: Collaborate with IT and academic departments to ensure secure deployment of new technologies; provide security awareness training to staff and students. 12. Reporting: Prepare and present reports on security incidents, vulnerabilities, compliance status, and process improvements to leadership. 13. Professional Development: Stay current with emerging security threats, trends, best practices, and ITIL service management principles. 14. Perform related duties as assigned. MINIMUM QUALIFICATIONS 1. Bachelor's degree in Computer Science or a closely related field, OR an Associate's degree combined with 2-4 years of experience in information security or IT operations. 2. Ability to establish and maintain cooperative and effective working relationships with other members of the college and community, displaying cultural competence as well as emotional intelligence. 3. Demonstrated commitment to the college's core values of respect and inclusion, sustainability, integrity, collaboration, humor and well-being, innovation and quality. Bachelor's degree in information technology, Cybersecurity, Computer Science, or related field.. 4. Understanding of cybersecurity principles, tools, and compliance frameworks. 5. Experience with Microsoft Azure, Active Directory, and security monitoring tools. 6. Experience in information security and/or IT risk management with a focus on security performance and reliability 7. Familiarity multiple risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT) 8. Excellent analytical, communication, documentation, and collaboration skills. 9. Possesses relevant industry certifications such as CEH, CISA, CCET, Network+, Security+, CySa+, or Microsoft SC-900, demonstrating foundational and specialized knowledge in cybersecurity. 10. Demonstrated understanding of the NIST Cybersecurity framework and auditing security controls identified in NIST800-171 and NIST SP800-53A. 11. Knowledgeable on ITIL process management. PREFERRED QUALIFICATIONS 1. Experience in higher education or public sector environments. 2. English and Spanish verbal and written communication proficiency. 3. Demonstrated multicultural competence. PHYSICAL DEMANDS 1. Normal office physical demands. 2. Ability to travel between campus locations and to and from community events. 3. Ability to travel in state and nationally. WORKING CONDITIONS 1. Duties are performed indoors in the usual office and/or outdoor environment. BENEFITS Click on the link for information about JJC's Benefits: Non-Union Support Staff, Professional, Administrative Full Time/Part Time: Full time Union (If Applicable): Scheduled Hours: 40