Security engineer jobs in Evanston, IL

Network & Systems Engineer (IT Generalist & Security Focus) 📍 On-site | New Lenox, IL We're partnering with a well-established organization in the healthcare industry to hire a Network and Systems Engineer - a versatile, hands-on IT professional who can manage and secure the company's full technology environment. This role is 100% on-site at the New Lenox, IL headquarters and requires daily in-person support for users, hardware, and network infrastructure. About the Role As a key member of the IT team, the Network & Systems Engineer will design, maintain, and secure the company's network and server environment while providing Tier 1 and Tier 2 support across all systems. You'll manage everything from network security and database administration to ERP support and e-commerce integrations - perfect for someone who thrives as a technical “jack of all trades.” Key Responsibilities Provide Tier 1 and Tier 2 support for hardware, software, and user devices (desktops, laptops, mobile, peripherals). Administer user accounts, Active Directory/Azure AD, and Windows systems. Design, implement, and maintain LAN/WAN/Wi-Fi networks for performance and security. Configure and manage firewalls, VPNs, IDS/IPS, and security policies. Conduct network security audits, vulnerability assessments, and incident response. Support and maintain the ERP system (Prophet 21 by Epicor) including reporting, data integrity, and performance. Manage SQL Server and Microsoft Access databases - backups, tuning, and security hardening. Develop and maintain reports using SAP Crystal Reports and SQL queries. Assist with API integrations and reporting automation. Support the technical and connectivity aspects of the BigCommerce e-commerce platform. Oversee IT asset management, inventory, and hardware lifecycle. Required Skills & Experience Proven experience as a Network Engineer, Systems Engineer, or IT Generalist with a cybersecurity focus. Strong knowledge of networking (TCP/IP, routing, switching, VLANs, VPNs, firewalls). Hands-on experience with Windows OS (desktop and server) and Active Directory/Azure AD. Proficiency in SQL and Microsoft Access for database management. Experience with Prophet 21 (P21) and SAP Crystal Reports is required. Familiarity with API integrations and e-commerce platforms (BigCommerce preferred). Excellent troubleshooting, communication, and documentation skills. Must be available to work fully on-site in New Lenox, IL. Preferred Qualifications Experience with Linux systems. Familiarity with Power BI or Tableau for business intelligence. Certifications such as CompTIA Network+, Security+, CCNA, or CISSP. Knowledge of cloud networking (AWS, Azure, GCP). Scripting experience with PowerShell or Python. 💡 Why Apply? This is an exciting opportunity for a technically curious and self-driven IT professional who enjoys variety, autonomy, and making a direct impact. You'll play a vital role in maintaining secure, efficient, and modern systems that power critical operations every day.

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: SAPTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. We are seeking capable, talented, and motivated team-contributors at our Northrop Grumman Rolling Meadows site. Our products range from advanced sensing technologies to state-of-the-art targeting and tracking systems that are deployed in Electro-Optical Infrared (EOIR) and Radio Frequency Electronic Warfare (RFEW) systems. These systems are designed, developed, built, integrated, and tested by the capable folks at our company to protect the lives of US and Allied warfighters in present and future conflicts. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world's biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today. If you are interested in consideration to be included as a part of this team, we would invite you to apply. Northrop Grumman Mission Systems Sector (NGMS) is seeking a Staff Systems Security Engineer to join our Systems Security Engineering team. The Security Engineering team is cross-disciplinary across the security domain; encompassing embedded Systems Engineering, Cybersecurity, Software Security and Anti-Tamper Engineering. Roles & Responsibilities: · Design/develop system architectures and generate system designs to be implemented in a cost-effective manner. Implement and ensure compliance with government policies (e.g., JSIG, DAAPM, NIST 800-53, CNSSI 1253, DODI 5200.39, etc.) by reviewing process tailoring needs and approving documented procedures. Guide and monitor technical documentation/publication to document trades studies, system designs, analysis, and results related to a systems security posture such as identifying Critical Program Information (CPI) and creation of Anti-Tamper Plans Develop an understanding of system interfaces and how to protect them. Assist with the definition of key capabilities and performance requirements. Adapt production and development products to meet unique customer needs and support the development of system security functions. Collaborate with security engineering team(s), across a portfolio of programs, through the duration of program execution to solve issues and to prepare for requirements sell off. Support technical work products developed by the larger engineering team in support of major milestone deliveries (e.g.: SRR, SVR, PDR, CDR, TRR, PRR). Authoring technical documentation such as white papers, proposal technical volumes, and program milestone briefings. Collaborate with security engineering team(s), across a portfolio of programs, through the duration of program execution to solve issues and to prepare for requirements sell off. Other duties may include technical leadership, business capture activities, interfacing with industry partners and the USG. This position will be full-time, on-site at our Rolling Meadows, IL location. This position is contingent upon Funding/Contract award, special access program and acquiring and maintaining the necessary US Government security clearance per customers' requirements prior to start. Basic Qualifications for a Staff Systems Security Engineer: Bachelor's degree in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 12+years of related experience, a Master's degree in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 10+ years of related experience or a PhD in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 7+ years of related experience. 3 years of cumulative experience on DoD based platforms and/or systems regarding the application of Cybersecurity RMF or Anti-Tamper with competencies in security threat analysis, systems architecture, engineering design, requirements derivation, validation, and verification. Must have demonstrated experience in leading teams to solve technical problems, including decomposition, root cause analysis, solution development, implementation and monitoring Experience contributing to and/or making technical presentations to internal and external customers. Ability to obtain and maintain a minimum of a Secret Clearance with additional customer specified clearance prior to start. Preferred Qualifications for a Staff Systems Security Engineer: Advanced degrees in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields. Experience with design verification testing, reverse engineering, embedded software development, Cybersecurity, or Anti-Tamper Possess a DoD 8140 certification, e.g. CompTIA Security+, CISSP, or similar. Experience with proposals and creating basis of estimates (BOEs) Primary Level Salary Range: $163,200.00 - $244,800.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Job Description: Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the security resilience of the bank's applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. These individuals are expected to perform application security-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated source code. Key Responsibilities in order of importance: * Perform assigned analysis of internal and external threats on information systems and predict future threat behavior. * Incorporate threat actors' tactics, techniques, and procedures into offensive security testing to identify high-value vulnerabilities/chained attacks. * Developing Proof-of-concepts for exploitation. * Perform assessments of the security, effectiveness, and practicality of multiple technology systems. * Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. * Prepare and present detailed technical information for various media including documents, reports, and notifications. * Provide clear and practical advice regarding managing risks. * Learn and develop advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills. * Respond to security incidents and provide technical assistance to leadership across the Information Security organization. Required Skills: * Minimum of 5+ years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment * Detailed technical knowledge in at least 5 of the following areas: * security engineering * application architecture * authentication and security protocols * application session management * applied cryptography * common communication protocols * mobile frameworks * single sign-on technologies * exploit automation platforms * Web APIs * Cloud environments * LLM security * Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings * Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools * Experience performing manual code reviews for security relevant issues * Experience working with DAST and SAST tools to identify vulnerabilities * Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) * Experience with vulnerability assessment tools and penetration testing techniques. * Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction * Threat Analysis, threat modelling and SBOM analysis * Innovative thinking, threat actor simulation * Technology Systems Assessment * Technical Documentation * Advisory Desired: * CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/All Practitioner Certs [Port Swigger BSP Academy]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester Academy] * Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40

We have and exciting Embedded Security Systems Engineer/Technician opportunity with well-known client in The River North section of Chicago. Position is with a well-run integrator that is growing aggressively in both Illinois and also Nationally. If you enjoy learning and deploying new technology, this will be right up your alley! This position will require you to work in their office 2-3 days per week and you can also work remote 2-3 days/week. We are looking for a high-level Commercial/Industrial Security Technician (No wire pulling!!!!) with good programming, networking, and communication skills. Position will be a combination of programming, routine service, and basic systems admin tasks. *All applicants must be Lenel certified and/or highly proficient in programming Lenel. Milestone experience is also preferred. Basic database and networking skills also are required. There will be a TON of room to grow. Company is well run and values their employee's insights. They are small enough where your voice will be heard but big enough to play with the big boys (Siemens, JCI, Convergint etc….). If you are interested in discussing confidentially, please send an updated resume as a PDF or Word attachment. Keywords: KEYWORDS: IP Video, CCTV, Access Control, Card Access, Alarm, Biometrics, DVR, Systems Integration, Electronic Security Design Engineer, Lenel, Software House, SW House, Casi-Rusco, S2, IP Video, Honeywell Prowatch, AMAG, Genetec, CCure 9000, C-Cure 9000, Avigilon, Security Systems Technician, Security Systems Engineer, Security Technician, Security Installation Technician, Security Service Technician, Security Designer, Electronic Security Engineer, Physical Security Engineer, Security Systems Design, Security Applications Engineer, Security Pre Sales, Security Estimator, Electronic Security Estimator, Electronic Security Programmer, Access Control Programmer, Brad Culp Sr. Technical Recruiter/Partner Solution Staffing, Inc. 207 Amy Court North Wales, PA 19454 Ph: (267) 222-8760 Brad@Solutionstaffing.net www.solutionstaffing.net

Full-time Description WHO WE ARE: At ZBeta we endeavor to be the most sought-after Security Partner in the world. This drives every decision we make, and the most effective way to realize this goal is through garnering a reputation for excellence and innovation in everything we do. The ZBeta Innovation Lab (LabZ) initiative is a specialized team and program with the mission of inventing, developing, testing, and analyzing better ways, both big and small, to do physical security - for us, for our clients, and for the industry. LabZ seeks to optimize the value of physical security to the client's business mission, to optimize the value of the solutions we recommend, design, deliver, and manage, and to continuously identify opportunities to perform at a higher level. The LabZ program helps ensure that ZBeta and its approach are always data-driven, technology-led, and human-centered. Find out more about us here. WHO YOU ARE: You are a forward-thinking strategic partner with a passion for the physical security mission and for building programs, optimizing operations, and delivering integrated solutions. You excel in fast-paced settings where your leadership abilities can catalyze meaningful action and tangible progress towards objectives. You thrive in a workplace culture that is: Innovative Excellence Focused Reliable Detail Oriented Adaptable Highly Organized Client Obsessed Curious Resilient Does this sound like you? If so, join us in our mission to redefine security standards and make a lasting difference in our community. WHAT YOU'LL DO: The Physical Security Research Engineer (PSRE) is a critical resource of the ZBeta LabZ team and will conduct research and proof of concept (PoC) testing at the LabZ facility for clients and internal teams. The PSRE assists in requirements gathering, testing, and report production in the ZBeta LabZ program and leads, develops, manages, and completes key LabZ efforts for the testing and analysis of stand-alone and integrated physical security technology solutions. The PSRE is familiar with security software applications, integrations, and network-connected devices and engages both internally and externally, working collaboratively with other LabZ engineering resources and with project and production team members. The PSRE will help grow, mature, and optimize the LabZ program by contributing to the tools and processes LabZ uses to effectively evaluate physical security products against real-world design requirements and generate research reports. This is an in-office position at the ZBeta LabZ location in Schiller Park, IL. Relocation assistance provided. Core Competencies Growth Minded: High self-awareness of strengths and areas for development with a curiosity and appetite for change and innovation Data-Driven: Strong analytical skills, with the ability to work effectively with data and think critically Collaborative: Ability to solicit and understand multiple perspectives and maximize the application of team talent and experience Evaluative: Ability to evaluate outputs rigorously to ensure consistent excellence in delivery Tactical: Ability to recognize current priorities, manage changes and risks, and efficiently clear roadblocks and resolve issues Position Responsibilities The essential duties and responsibilities include, but are not limited to the following: ZBeta Lab Environment In partnership with ZBeta LabZ team, maintain a ZBeta test/dev environment of technology solutions that represent both client and industry standards. Work with ZBeta IT to build appropriate server environments and remote access abilities for LabZ platforms. Load, configure, and update Lab environment software applications, and wire, connect, and configure test hardware, devices, and technologies. Design and build (or manage the production of) custom testing apparatus, devices, and mechanisms. Maintain current knowledge of and training in key applications and products. Solution Testing Work with ZBeta LabZ team and client resources to plan, implement, and conduct hands-on testing of physical security products, applications and functions, and integrated solutions. Lead the development of testing concepts to address client and industry needs, challenges, & opportunities. Manage and execute testing scope related to server, application, and IoT elements. Create test plans and testing requirement documentation, record and analyze testing results, and document outcomes and conclusions in testing reports. Research & Requirements Gathering Conduct studies and analysis of technology categories, trends, solution proposals, and industry approaches. Research, collect, and analyze relevant documentation and data to reach meaningful conclusions, form opinions of value propositions, generate ideas for solutions and approach improvement, and categorize study topics in terms of potential application and impact to client and industry needs and expectations. Work with consultants to gather requirements for client proof of concept tests and internal teams for quarterly research projects. Research Program Development Assist in the development and ongoing management of process, approach, and standards for the research performed in the ZBeta LabZ program. Identify opportunities and initiatives for improvements in the efficiency and thoroughness of ZBeta LabZ research deliverables. Hold regular research update meetings to review, improve, and manage the status of ongoing projects and deliverables. Requirements WHAT YOU'LL NEED: Experience: 5+ years of physical security industry and technology experience. 3+ years of experience in a software or hardware engineering role. Education: Bachelor's degree in engineering, computer science, or related technical field, or equivalent work experience Knowledge: Knowledge of and working familiarity with server and network storage solutions, operating systems architecture and key considerations, and network architecture models and principles. Professional knowledge of and training in the principles of electrical systems, components, and circuits. Skills: Highly proficient in the use of Microsoft Office applications including Word, Excel, PowerPoint, Teams, OneNote and Visio Proficiency in project management tools, such as MS Project, SharePoint and QuickBase Training and manufacturer certification in multiple industry-leading platforms and equipment components, with particular emphasis on software applications and network-connected security devices. Genetec and LenelS2 experience a plus. Abilities: Demonstrated excellence in communication and interpersonal skills, with proven ability to communicate and present complex information to technical and non-technical stakeholders, both verbally and in written form Strong technical documentation, technical writing, and data analysis and interpretation skills Exceptional attention to detail and highly organized, with the ability to prioritize and balance workloads Team player with the ability to establish collaborative working relationships across all levels of the organization Self-directed problem solver who takes the initiative to start projects, work unsupervised, complete tasks independently, solve roadblocks, and address issues before they become problems Physical Demands: Lifting and Carrying: Ability to lift and carry equipment weighing up to 50 lbs or more, including cameras, control panels, and tools. Climbing and Crawling: Must be able to climb ladders, scaffolding, and operate a high lift to install and maintain equipment Manual Dexterity: Requires good hand-eye coordination and fine motor skills for handling tools, wiring components, and making precise adjustments to security systems Kneeling, Squatting, and Crawling: Must be comfortable kneeling, squatting, or crawling to install or troubleshoot security equipment. WHAT WE OFFER: Competitive salary based on job-related skills, experience, and qualifications Our excellent benefits package includes 100% paid premiums on health, dental, vision, and life insurance, a 401(k) retirement plan, and significant work schedule and workplace flexibility. Diverse and supportive culture WHAT'S IMPORTANT TO KNOW: Full-time, in-office role at our Schiller Park, IL LabZ facility (relocation assistance provided). While ZBeta is a remote-first company, this role requires hands-on, on-site lab work. This position is not eligible for visa sponsorship Candidates must be able to meet client and/or government security screening requirements for the role This position requires verification of U.S. citizenship due to citizenship-based legal restrictions. As a condition of employment, the successful candidate will be required to provide proof of citizenship. The successful completion of a background check is required upon hire and every two years thereafter We look forward to connecting with individuals who are passionate about our mission and can bring diverse contributions to our team - not just those who check all the boxes. We are committed to creating a supportive, encouraging environment where everyone can fully express their diverse perspectives, showcase their talents, and grow their knowledge, skills, and abilities. The base pay offered will depend on factors, including but not limited to job-related knowledge, skills, experience, and internal equity. At ZBeta, new hires are rarely placed at the top of the pay range; compensation is determined by the specific circumstances of each position and candidate. A note to third-party recruiters - we do not accept unsolicited agency resumes, and we are not responsible for any fees related to unsolicited resumes. Salary Description $110,000 - $130,000

The Role We are seeking a hands-on, outcome-driven Information Security Engineer who thrives at the intersection of technical execution and security operations mentorship. You will design, deploy, and maintain security technologies, lead incident response alongside our analysts, and serve as a force multiplier for the security program. This role requires a builder mindset-you won't just keep the lights on, you'll create repeatable processes, automation, and measurable improvements. You'll also be expected to mentor our analysts, helping them grow while raising the overall maturity of our SOC. This role will be reporting to the Information Security Operations Manager. This role is based in Chicago. The role is primarily remote but you must live within the Chicagoland area to come into the office as needed. Responsibilities Operational Excellence Lead incident response cases, ensuring timely containment, eradication, and recovery. Oversee daily system operations, tuning, and health of security tools (SIEM, EDR, email security, vulnerability management, DLP, DNS protection). Own the vulnerability management cycle: identification, prioritization, and remediation tracking against defined SLAs. Provide Tier 3 escalation support and guidance for SOC and analyst team. Engineering & Architecture Design and implement security controls across network, endpoint, application, and cloud environments. Drive automation and SOAR integrations to reduce analyst fatigue and increase response speed. Build and maintain playbooks, standard operating procedures, and evidence packs for compliance frameworks (NIST 2.0, SOC 2, HIPAA). Conduct penetration testing and application security assessments, validating remediation. Mentorship & Enablement Act as point of contact for incident escalations, providing calm, clear direction. Mentor security analysts and guide them in investigative techniques, root cause analysis, and threat hunting. Represent InfoSec in change advisory board (CAB) and project management meetings, ensuring security-by-design. Translate technical risks into business impact for stakeholders across retail, cultivation, and HQ operations. Qualifications Bachelor's degree or higher in Information Security, or at least 6 years' experience in Information Technology, or 4 years in Information Security. ISC(2) CISSP, ISC(2) CCSP, CCNA-S, or similar certifications can help you stand out, but not required. Experience in executing security solutions from concept through deployment. Experience in Incident Response. Strong understanding of Information Security technologies, design, and architecture. Proven track record of training or mentoring fellow colleagues. Demonstrated ability to self-direct tasks with minimal supervision to achieve goals. Strong written and oral communication skills. Deep knowledge of network, endpoint, application, and cloud security. Foundational knowledge of CIS, COBIT, NIST, MITRE, OWASP, or other common security frameworks or control schemes. Foundational knowledge of risk management and disaster recovery planning / management. Foundational knowledge of compliance standards like SOX, SOC2 and ISO 27001 or regulations like GDPR, PCI, CCPA, HIPAA. Strong problem-solving skills with well-organized and structured work habits. Ability to keep calm in high-stress or emergency situations. Ability to think abstractly and critically to consider potential concerns and determine their validity. Ability to discuss highly technical situations in terms that non-technical stakeholders can effectively understand. An insatiable intellectual curiosity and the ability to learn quickly in a complex space. Additional Requirements Must pass any and all required background checks Must be and remain compliant with all legal or company regulations for working in the industry Must be a minimum of 21 years of age #LI-HYBRID The pay range is competitive and based on experience, qualifications, and/or location of the role. Positions may be eligible for a discretionary annual incentive program driven by organization and individual performance. Green Thumb Pay Range$110,000-$140,000 USD

The Aspen Group (TAG) is one of the largest and most trusted retail healthcare business support organizations in the U.S. and has supported over 20,000 healthcare professionals and team members with close to 1,500 health and wellness offices across 48 states in four distinct categories: dental care, urgent care, medical aesthetics, and animal health. Working in partnership with independent practice owners and clinicians, the team is united with a single purpose: to prove that healthcare can be better and smarter for everyone. TAG provides a comprehensive suite of centralized business support services that power the impact of five consumer-facing businesses: Aspen Dental, ClearChoice Dental Implant Centers, WellNow Urgent Care, Chapter Aesthetic Studio, and Lovet. Each brand has access to a deep community of experts, tools and resources to grow their practices, and an unwavering commitment to delivering high-quality consumer healthcare experiences at scale. As a reflection of our current needs and planned growth we are very pleased to offer a new opportunity to join our dedicated team as a AI Security Engineer. Job Overview: An AI security engineer designs and implements security controls for AI systems, protecting models, data, and infrastructure from threats like adversarial attacks and prompt injection. Key responsibilities include performing technical security assessments, developing AI-specific defenses, integrating security into the AI/ML lifecycle, and creating automated security tools for tasks like threat detection and compliance. This role requires a combination of cybersecurity fundamentals and AI-specific knowledge, including secure coding for AI and understanding AI-related vulnerabilities. Essential Job Duties Collaboratively develop agent RBAC (role-based access control) to ensure AI agents operate under permissions aligned to firm roles, enforcing least-privilege access Design integrations for AI systems with corporate IAM/SSO (Entra, Okta, etc.) to manage persona- and role-based access across the enterprise Design Data Loss Prevention (DLP) and redaction pipelines to prevent confidential, regulated, or proprietary data from being sent to external LLM endpoints Provide technical advice, direction, and hands-on support to design and develop safe, compliant, and resilient AI workflows Evaluate existing and proposed AI/ML architectures for bias, fairness, drift, hallucination, and security risks; recommend controls aligned with NIST AI RMF, EU AI Act, ISO/IEC 42001, CIS Collaborate with Information Security, Cloud, Governance, and Engineering teams to implement standardized AI safety and compliance practices Actively contribute to the development of AI security standards, playbooks, and architectural patterns Automate guardrails, compliance checks, and AI gateway protections for scale and efficiency Build and maintain initiative-level artifacts, including AI policy-as-code configs (YAML), architectural diagrams, and risk assessments Monitor, log, and audit AI activity for policy violations, compliance tracking, and security event correlation. YAML-based guardrails, architectural diagrams, and AI risk assessments Design and build systems to detect and prevent AI abuse, such as anti-abuse agents. Perform technical security assessments, code reviews, and penetration testing on AI products and systems. Integrate security controls throughout the AI/ML lifecycle, from data handling and model training to deployment and monitoring. Develop and implement AI-driven automation for tasks like real-time alert enrichment, log analysis, and incident triage using tools like Security Copilot and other AI-assisted platforms. Research and reproduce vulnerabilities in AI systems, develop mitigation strategies, and work with engineering teams to improve security. Contribute to creating and implementing governance policies, security standards, and privacy frameworks for AI systems. Develop AI-specific incident response plans and playbooks. Stay up-to-date on emerging AI security threats, such as adversarial attacks, prompt injection, and data leakage. Skills and Experience At least 5+ years' experience in cybersecurity, including compliance and risk management with a system and network security engineering background. Strong background in traditional cybersecurity, including networking, web-based protocols, and security systems. Experience in secure software development, including secure coding for AI-powered applications. Familiarity with AI concepts, machine learning, and the AI/ML lifecycle. Experience with implementing security controls like encryption, access controls, and authentication for AI systems. Experience with security tools and platforms like Chronicle & Orca/Wiz, and familiarity with concepts like SAST/DAST. Excellent problem-solving, communication, and leadership skills. Experience with dynamic and static analysis tools. Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively. Additional Qualifications Experience with applications hosted in Google Cloud Platform (GCP), Amazon Web Services (AWS) or Microsoft Azure. Experience with cryptography controls and measures to secure applications and data. Proficiency with scripting in Python, JavaScript, PowerShell, PHP or Ruby. Proficiency with Terraform, Python, and cloud automation Prior experience in cloud security, data protection, and SIEM/logging for AI traffic Experience with one or more of the following: ISO 27001, NIST, PCI Data Security Standard (PCI DSS), HIPAA, Health Information Technology for Economic and Clinical Health (HITECH) Act, SOX, the General Data Protection Regulation (GDPR), Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2. Working knowledge of Windows, Linux and Unix. Familiarity with state privacy laws. Highly trustworthy; leads by example. Education Requirements Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent. Experience Requirements 5-7+ years of related experience required Certification Requirements SANS certifications (GWAPT) and others; CISSP (preferred, or CSSLP), OSCP (and related) Annual Salary Range: $130,000-$150,000/year, with a generous benefits package that includes paid time off, health, dental, vision, and 401(k) savings plan with match. If you are an applicant residing in California, please view our privacy policy here: *********************************************************************************

The Cloud Security Engineer is primarily responsible for designing, implementing, and supporting secure Microsoft Azure cloud environments for the Firm. This individual will ensure that cloud-based development platforms, APIs, and applications follow best practices, regulatory requirements, and Firm-specific policies to protect sensitive Client and Firm data. The Cloud Security Engineer acts as a subject matter expert, collaborating with cross-functional teams to establish secure coding, deployment, and data management processes. This role also participates in security incident response activities related to cloud infrastructure and applications, ensuring timely detection, containment, and remediation of potential threats. This person will also contribute to our overall Cloud Security Strategy. Duties and Responsibilities Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Familiarity with AWS and Google cloud needed as well. Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring. Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management. Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing. Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production. Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows. Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices. Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes. Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions. Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA). Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem. Salaries vary by location and are based on numerous factors, including, but not limited to, the relevant market, skills, experience, and education of the selected candidate. If an estimated salary range for this role is available, it will be provided in our Target Salary Range section. Our compensation package also includes bonus eligibility and a comprehensive benefits program. Benefits information can be found at Sidley.com/Benefits. Target Salary Range $127,000 - $147,000 if located in Illinois Qualifications To perform this job successfully, an individual must be able to perform the Duties and Responsibilities (Duties) above satisfactorily and meet the requirements below. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the job. If you need such an accommodation, please email ************************** (current employees should contact Human Resources). Education and/or Experience: Required: Bachelor's degree with a preference for those with a degree in Computer Science, Information Security, Technology or a related field. Minimum of 3 years of experience in cloud security engineering, with a strong focus on Microsoft Azure. Hands-on experience with Azure security services (e.g., Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management). Experience designing and managing secure DevSecOps pipelines using Azure DevOps or equivalent tools. Strong understanding of cloud-based network security, encryption, and identity management best practices. Demonstrated ability to assess, troubleshoot, and remediate security issues in cloud environments. Preferred: Relevant cloud and security certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+). Experience in the legal, financial, or other highly regulated industries. Relevant certifications (e.g. CISSP, Security+, etc.) Familiarity with AWS and Google a plus. Other Skills and Abilities: The following will also be required of the successful candidate: Strong organizational skills Strong attention to detail Good judgment Strong interpersonal communication skills Strong analytical and problem-solving skills Able to work harmoniously and effectively with others Able to preserve confidentiality and exercise discretion Able to work under pressure Able to manage multiple projects with competing deadlines and priorities Sidley Austin LLP is an Equal Opportunity Employer #LI-Hybrid #LI-HM1

The JFG Information Security Engineering & Operations Analyst plays a key role in supporting JFG's Identity & Access Management (IAM), Cyber Threat Management, and Vulnerability Management services. This role helps support IAM services to provision, deprovision, and certify access to JFG systems. It also helps detect, analyze, hunt for, and report on cybersecurity events related to malware, network intrusion, and data loss protection and insider threat incidents. This role is also responsible for finding and reporting on internal and external vulnerabilities on JFG systems. This role will be supported by a Managed Detection & Response (MDR) services and Identity & Access Management Managed services. Occasional off-hour and weekend work will be expected. Very little (less than 5%) business travel is expected in this role. This role will be located in Racine, Wisconsin. Ability to come in-office would be required (working a hybrid schedule.) KEY RESPONSIBILITIES: * Detect, analyze, contain, and remediate threats and vulnerabilities across the JFG environment. * Operate and support vulnerability management, data loss protection, cybersecurity monitoring, cybersecurity incident response, intrusion analysis, root-cause-analysis (digital forensics), cyber-threat intelligence, and malware analysis technologies. * Lead and report on incidents involving malware, network intrusion, insider-threat, internal investigations and litigation support activities. * Incorporate Cyber Threat Intelligence into operational signal intelligence and reporting. * Proactively investigate JFG environment for threats based on Cyber Threat Intelligence and known threat methods and patterns (aka Threat Hunting). * Operate and support Identity Governance and Administration technologies to support timely on/off-boarding of people and regular access governance reviews to ensure appropriate access. * Support weekly/monthly/quarterly/annual operational metrics, reports and dashboards. * Assist with maintaining the Cybersecurity Incident Response Plan. * Collaborate on the continuous improvement of Information Security Operations processes, workflows, and procedures (e.g. RunBooks). * Automate repetitive tasks and drive efficiencies with measurable benchmarks to show progress. JOB REQUIREMENTS: * Associates degree in Information Security, Cybersecurity preferred * 0-2 years' experience * Types of certification preferred: Security+, CEH, SSCP * Experience with Python and PowerShell scripting languages for automation preferred * Good report writing and communication skills * Has a basic understanding of the Information Security platforms at JFG, common Information Security controls and frameworks, networking concepts and technologies, as well as Windows and Linux environments Come as you are. Johnson Financial Group supports and is committed to the principle of equal employment opportunity. We make all employment-related decisions without regard for an individual's race, color, religion, sex, sexual orientation, age, national origin, citizenship, disability, veteran status, or any other protected status as required by law.

AYR Global IT Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations by providing proven and experienced consultants to our clients. Our competitive, transparent pricing model and industry experience make us a top choice of Global System Integrators and enterprise customers with federal and commercial projects supported nationwide. Job Role: Data and System Security Engineer Location: Lincolnshire, IL Duration: 6+ Months Qualifications Job Description: Data and System Security engineer Experience with data encryption management solutions, such as Vormteric and CloudLink Experience with PKI management solutions, such as ADCS and External providers Investigative and analytical problem solving skills Customer service/support experience Additional Skills:PKI Knowledge of encryption management technologies, such as Vormetric, CloudLink. Additional Information If anyone might be intersted please send resumes to kmarsh@ayrglobal (dot) com or you can reach me direct at **************

Job Description Support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

Job Title: SAP Security Architect Duration for Contract: 5 Months + - ECC 6.0 Security design / architecture is the base requirement for the role. - 7+ years of experience in application or SAP ECC, BI, HR, portal and CRM security architecture, design and administration. Summary: Provide solutions architecture oversight for new development projects specific to SAP according to timelines and budget, while following accepted programming, testing and change control standards, and accepted business intelligence technology best practices. Job Responsibilities: • Define and document the structure, connections and relationships of business processes, organizational work groups, SAP data models, SAP applications, user interfaces, applications interfaces, SAP infrastructure and network topology. • Provide standards, guidelines and statements of direction for IT system architectures, establishing a framework that constrains the design of systems for the purpose of integration of systems and accessibility of data supporting various business processes and functions. • Define, design and develop the SAP enterprise systems information architecture to enable cross functional operational reporting and performance optimization. • Identify strategic opportunities and drive cross-business and cross-functional change. Skills: • Knowledge of ITIL and SDLC. • Experience in business system application design, development and installation. • Experience in planning/architecture development and support. • Experience designing and implementing advanced SAP application architectures. Education/Experience: • Bachelor's degree in Computer Science or a related field. • Master's degree in Business or Management Information Systems preferred. • 8-10 years of SAP functional systems experience. • SAP Certification preferred. Additional Information All your information will be kept confidential according to EEO guidelines.

Title: Security Operations Center (SOC) - Information Security Analyst Company: Award-Winning, $50B Publicly Traded Company Type: Full-Time Location: Hybrid - Chicagoland Area (Onsite 3-4 Days/Week) Travel: None Job Overview Join an award-winning, publicly traded company and be part of a fast-paced, cutting-edge security team! This newly developed SOC Analyst role offers an exciting and dynamic environment where no two days are the same. You'll have the opportunity to work with leading security tools like Splunk, CrowdStrike, Digital Shadows, and Proofpoint, while collaborating with a skilled and supportive security engineering team. You'll be part of a tight-knit, communicative team that values collaboration, knowledge-sharing, and professional growth. If you thrive in fast-paced security operations and enjoy hands-on problem-solving, this is an excellent opportunity to make an impact. Key Responsibilities: Manage the Phish Alert mailbox. Perform QA on tickets for a service provider. Handle tier 2 escalated inquiries. Support security operations through log aggregation and analysis. Leadership & Team Culture The leadership team is known for holistically supporting its team members, ensuring that growth, learning, and well-being remain top priorities. They provide ongoing career development opportunities, mentorship, and hands-on training to help employees expand their expertise and advance their careers. Beyond technical growth, leadership fosters a culture of inclusivity and collaboration, ensuring that every team member is heard, valued, and supported. Open communication, continuous learning, and a strong sense of community define the workplace, empowering individuals to contribute, innovate, and succeed. Requirements 3+ years of experience in cybersecurity or a related field. Proficiency with at least some of the following tools: CrowdStrike, Proofpoint, Digital Shadows, or Splunk Experience working in a Security Operations Center (SOC) environment is a plus, but not required. Compensation & Benefits Base Salary: $70,000 - $90,000 (dependent on qualifications, skills, and experience). Bonus Eligible. Comprehensive Benefits Package Includes: Medical, Dental, Vision, and Life Insurance Traditional and Roth 401(k) with company match Employee Stock Purchase Plan (ESPP) And much more! Apply Today!

Information Security Analyst STATUS: Full time DEPARTMENT: Information Security Office DIVISION: Information Technology CLASSIFICATION: Exempt UNION: Non-Union REPORTS TO: Senior Director Information Security PLACEMENT: Professional staff, S11 HIRING RANGE: $70,689 - 79,526 Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The student population at the college is diverse in ethnicity, gender, language, age and background. Joliet Junior College is an AA/EO employer and strongly encourages applications from candidates who would enhance the diversity of its staff. POSITION SUMMARY The Information Security Analyst is responsible for protecting the college's information systems and data by monitoring, analyzing, and responding to security incidents and threats. This role supports compliance with regulatory requirements (e.g., CIRCIA, HIPAA, GLBA), enhances operational efficiency, and contributes to the continual improvement of security processes and documentation. The analyst will also detect opportunities to develop and maintain security documentation, including knowledgebase articles, and manage security-related tickets from stakeholders. ESSENTIAL JOB DUTIES AND KEY RESPONSIBILITIES 1. Incident Management: Monitor, triage, and respond to cybersecurity threats and incidents across network, application, identity, and cloud layers. 2. Vulnerability Management: Participate in vulnerability assessments and penetration testing to identify and remediate security weaknesses. 3. Security Operations: Manage and maintain security tools (e.g., SIEM, IDS/IPS, vulnerability scanners), ensuring daily monitoring and compliance. 4. Facilitate the integration of SOC/Managed Security Services activities with the broader Information Security team, ensuring consistent application of ITIL processes such as Incident Management, Problem Management, and Event Management. 5. Identity Management: Support Office 365 email account management tasks, including user permissions, credential hand-offs, mailbox access provisioning, and coordination with identity and access management processes." 6. Compliance & Risk Management: Assist in legal and regulatory compliance efforts; conduct risk assessments and support audit activities. 7. Service Request Management: Handle, triage, and manage tier 2 level and up security-related tickets and requests from stakeholders, ensuring timely resolution and escalation as needed. 8. Knowledge Management: Detect opportunities to develop, improve, and maintain security documentation, including knowledgebase articles and process guides. 9. Process Improvement: Assist with the development and continual improvement of security-related processes, automation initiatives, and reporting tools. 10. Cloud Support: Support secure cloud infrastructure through systems auditing and account lifecycle management. 11. Collaboration & Training: Collaborate with IT and academic departments to ensure secure deployment of new technologies; provide security awareness training to staff and students. 12. Reporting: Prepare and present reports on security incidents, vulnerabilities, compliance status, and process improvements to leadership. 13. Professional Development: Stay current with emerging security threats, trends, best practices, and ITIL service management principles. 14. Perform related duties as assigned. MINIMUM QUALIFICATIONS 1. Bachelor's degree in Computer Science or a closely related field, OR an Associate's degree combined with 2-4 years of experience in information security or IT operations. 2. Ability to establish and maintain cooperative and effective working relationships with other members of the college and community, displaying cultural competence as well as emotional intelligence. 3. Demonstrated commitment to the college's core values of respect and inclusion, sustainability, integrity, collaboration, humor and well-being, innovation and quality. Bachelor's degree in information technology, Cybersecurity, Computer Science, or related field.. 4. Understanding of cybersecurity principles, tools, and compliance frameworks. 5. Experience with Microsoft Azure, Active Directory, and security monitoring tools. 6. Experience in information security and/or IT risk management with a focus on security performance and reliability 7. Familiarity multiple risk management concepts, frameworks, and standards (CSC, NIST, ISO, COBIT) 8. Excellent analytical, communication, documentation, and collaboration skills. 9. Possesses relevant industry certifications such as CEH, CISA, CCET, Network+, Security+, CySa+, or Microsoft SC-900, demonstrating foundational and specialized knowledge in cybersecurity. 10. Demonstrated understanding of the NIST Cybersecurity framework and auditing security controls identified in NIST800-171 and NIST SP800-53A. 11. Knowledgeable on ITIL process management. PREFERRED QUALIFICATIONS 1. Experience in higher education or public sector environments. 2. English and Spanish verbal and written communication proficiency. 3. Demonstrated multicultural competence. PHYSICAL DEMANDS 1. Normal office physical demands. 2. Ability to travel between campus locations and to and from community events. 3. Ability to travel in state and nationally. WORKING CONDITIONS 1. Duties are performed indoors in the usual office and/or outdoor environment. BENEFITS Click on the link for information about JJC's Benefits: Non-Union Support Staff, Professional, Administrative Full Time/Part Time: Full time Union (If Applicable): Scheduled Hours: 40

Build your best future with the Johnson Controls team As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of buildings to serve people, places and the planet. Join a winning team that enables you to build your best future! Our teams are uniquely positioned to support a multitude of industries across the globe. You will have the opportunity to develop yourself through meaningful work projects and learning opportunities. We strive to provide our employees with an experience, focused on supporting their physical, financial, and emotional wellbeing. Become a member of the Johnson Controls family and thrive in an empowering company culture where your voice and ideas will be heard - your next great opportunity is just a few clicks away! What we offer Paid vacation/holidays/sick time - 15 days of vacation first year Comprehensive benefits package including 401K, medical, dental, and vision care - Available day one Extensive product and on the job/cross training opportunities with outstanding resources Encouraging and collaborative team environment Dedication to safety through our Zero Harm policy Check us Out: A Day in a Life at Johnson Controls: What you will do Under specific direction, assists in the design, configuration, and operation of building systems including security, fire, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Assists in the development of software programs, commissioning and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How you will do it Design and configure technically complex Security & Fire systems as defined by the contract documents. Create flow diagrams, sequence of operations and bill of material, network layouts and electrical schematics as required. Develop and test software programs necessary to operate the system per the intent of the project requirements. Use your ability to integrate different Security subsystems with each other. Coordinate and create the necessary drawings and equipment schedules for submittals and installation. Select, order, and track the delivery of materials for assigned projects. Coordinate factory-mounting processes to meet factory and project schedule. Assist in the loading and commissioning of all system and network-level controllers as required. Assist in validation of complete system functionality and troubleshoot problems with subcontractors and other trades to ensure proper operation. Provide field change information to the project team for the creation of as-built drawings and software. Keep management and JCI contractor or customer informed of job progress and issues. Assist in performing site-specific training for owner / operator on the total building control system. Participate in release meeting with project field team. Perform value engineering to provide cost effective results while maintaining customer satisfaction. Adhere to safety standards. Operate with a high degree of regard to employee and subcontractor safety. What we look for: Required Experience in setting up application deployment (Installation, Configuration, Integration with other components) on Cloud environment based on underlying Application Architecture Experience in Disaster Recovery setup Administration, Maintenance and support of the Application instances on Reference, Validation and Customer environments Identify any known incident resolutions using a knowledge management system Apply identified resolutions to the incident and interact with the customer to ensure the incident has been properly resolved Antivirus - Symantec (Installation, updates and remediation's of antivirus client for servers and computers Off-shift support for machine moves quarterly maintenance Deployment of physical and virtual server deployment, troubleshooting and maintenance Ability to learn security software programs (I.E. C-cure9000, Milestone, Genetec) Strong technical skills in the domain of Windows Server 2008/2012, Microsoft Hyper-V and SCCM/SCOM/SCVMM is essential Basic MS SQL database and scripting skills is an asset Basic MS SQL database and scripting skills is an asset HIRING SALARY RANGE: $85,000 - $106,000 Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** #LI - AD2 #LI - DS1 Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Job Description: Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the vulnerability of the bank's applications to malicious hacking activity. This intermediate technical role is responsible for performing application security assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include performing research, understanding the bank's security policies, working with the appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. Key Responsibilities in order of importance: * Perform assigned analysis of internal and external threats on information systems and predict future threat behavior * Incorporate threat actors' tactics, techniques, and procedures into offensive security testing * Perform assessments of the security, effectiveness, and practicality of multiple technology systems * Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. * Prepare and present detailed technical information for various media including documents, reports, and notifications * Provide clear and practical advice regarding managed risks * Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills Required Skills: * Minimum of 4 years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment * Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services * SQL injection/XSS attack without the use of tools * Experience performing manual code reviews for security relevant issues * Experience working with SAST tools to identify vulnerabilities * Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings * Experience performing manual web application assessments i.e., must be able to simulate a * Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) * Experience with vulnerability assessment tools and penetration testing techniques * Solid programming/debugging skills * Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map * Threat Analysis * Innovative Thinking * Technology Systems Assessment * Technical Documentation * Advisory Desired: * CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar * Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40

The Cloud Security Engineer is primarily responsible for designing, implementing, and supporting secure Microsoft Azure cloud environments for the Firm. This individual will ensure that cloud-based development platforms, APIs, and applications follow best practices, regulatory requirements, and Firm-specific policies to protect sensitive Client and Firm data. The Cloud Security Engineer acts as a subject matter expert, collaborating with cross-functional teams to establish secure coding, deployment, and data management processes. This role also participates in security incident response activities related to cloud infrastructure and applications, ensuring timely detection, containment, and remediation of potential threats. This person will also contribute to our overall Cloud Security Strategy. Duties and Responsibilities Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Familiarity with AWS and Google cloud needed as well. Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring. Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management. Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing. Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production. Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows. Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices. Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes. Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions. Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA). Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem. Salaries vary by location and are based on numerous factors, including, but not limited to, the relevant market, skills, experience, and education of the selected candidate. If an estimated salary range for this role is available, it will be provided in our Target Salary Range section. Our compensation package also includes bonus eligibility and a comprehensive benefits program. Benefits information can be found at Sidley.com/Benefits. Target Salary Range $127,000 - $147,000 if located in Illinois Qualifications To perform this job successfully, an individual must be able to perform the Duties and Responsibilities (Duties) above satisfactorily and meet the requirements below. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the job. If you need such an accommodation, please email ************************** (current employees should contact Human Resources). Education and/or Experience: Required: Bachelor's degree with a preference for those with a degree in Computer Science, Information Security, Technology or a related field. Minimum of 3 years of experience in cloud security engineering, with a strong focus on Microsoft Azure. Hands-on experience with Azure security services (e.g., Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management). Experience designing and managing secure DevSecOps pipelines using Azure DevOps or equivalent tools. Strong understanding of cloud-based network security, encryption, and identity management best practices. Demonstrated ability to assess, troubleshoot, and remediate security issues in cloud environments. Preferred: Relevant cloud and security certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+). Experience in the legal, financial, or other highly regulated industries. Relevant certifications (e.g. CISSP, Security+, etc.) Familiarity with AWS and Google a plus. Other Skills and Abilities: The following will also be required of the successful candidate: Strong organizational skills Strong attention to detail Good judgment Strong interpersonal communication skills Strong analytical and problem-solving skills Able to work harmoniously and effectively with others Able to preserve confidentiality and exercise discretion Able to work under pressure Able to manage multiple projects with competing deadlines and priorities Sidley Austin LLP is an Equal Opportunity Employer #LI-Hybrid #LI-HM1

AYR Global IT Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations by providing proven and experienced consultants to our clients. Our competitive, transparent pricing model and industry experience make us a top choice of Global System Integrators and enterprise customers with federal and commercial projects supported nationwide. Job Role: Data and System Security Engineer Location: Lincolnshire, IL Duration: 6+ Months Qualifications Job Description: Data and System Security engineer Experience with data encryption management solutions, such as Vormteric and CloudLink Experience with PKI management solutions, such as ADCS and External providers Investigative and analytical problem solving skills Customer service/support experience Additional Skills:PKI Knowledge of encryption management technologies, such as Vormetric, CloudLink. Additional Information If anyone might be intersted please send resumes to kmarsh@ayrglobal (dot) com or you can reach me direct at **************

Job Description Job Title: SAP Security Architect Duration for Contract: 5 Months + - ECC 6.0 Security design / architecture is the base requirement for the role. - 7+ years of experience in application or SAP ECC, BI, HR, portal and CRM security architecture, design and administration. Summary: Provide solutions architecture oversight for new development projects specific to SAP according to timelines and budget, while following accepted programming, testing and change control standards, and accepted business intelligence technology best practices. Job Responsibilities: • Define and document the structure, connections and relationships of business processes, organizational work groups, SAP data models, SAP applications, user interfaces, applications interfaces, SAP infrastructure and network topology. • Provide standards, guidelines and statements of direction for IT system architectures, establishing a framework that constrains the design of systems for the purpose of integration of systems and accessibility of data supporting various business processes and functions. • Define, design and develop the SAP enterprise systems information architecture to enable cross functional operational reporting and performance optimization. • Identify strategic opportunities and drive cross-business and cross-functional change. Skills: • Knowledge of ITIL and SDLC. • Experience in business system application design, development and installation. • Experience in planning/architecture development and support. • Experience designing and implementing advanced SAP application architectures. Education/Experience: • Bachelor's degree in Computer Science or a related field. • Master's degree in Business or Management Information Systems preferred. • 8-10 years of SAP functional systems experience. • SAP Certification preferred. Additional InformationAll your information will be kept confidential according to EEO guidelines.