Security engineer jobs in Gary, IN

In this role, you will work closely with IT teams to secure our applications throughout the development lifecycle. You'll help build a secure-by-design culture, drive security automation, and protect our systems against evolving threats. This position reports to the Manager of Information Security. ESSENTIAL JOB FUNCTIONS: Work with the Information Security Team to improve security for the company by configuring and administering security systems and tools Monitor and respond to security events using SIEM and SOAR tools Investigate security incidents to determine root cause and remediation tactics Help automate security monitoring and remediation processes Prepare and analyze security incident data and metrics for periodic reporting Collaborate on vulnerability management, remediation, and penetration testing efforts Implement and manage SAST, DAST, and Burp Suite across GitHub CI/CD pipelines and development workflows Champion secure coding practices based on OWASP Top 10 and SSDF guidelines Help secure cloud environments (Azure, AWS) and container-based deployments Conduct regular security assessments to ensure alignment with SSDLC standards After-hours configuration changes and on-call support required MINIMUM QUALIFICATIONS: Bachelor's degree in Computer Science, Information Systems (or related degree), or equivalent experience. 3+ years of experience in Application or Information Security Strong understanding of SSDLC, NIST SSDF, and DevSecOps principles. Experience with SAST/DAST tools (e.g., GitHub Advanced Security, BURP). Solid knowledge of OWASP Top 10 and secure coding best practices. Proficiency in GitHub for code review, pipeline security, and automation. Hands-on with scripting (Python, PowerShell, Bash) and API security. Experience in Azure and AWS cloud security, containers, and infrastructure-as-code. Familiarity with SIEM/SOAR platforms and incident response workflows. Experience with Windows, MacOS, and Linux operating systems Proficient in Microsoft Office applications such as Microsoft Outlook, Word, Excel, PowerPoint, and SharePoint ** This is a full-time, W2 position with Hub Group - We are NOT able to provide sponsorship at this time ** Salary: $95,000-150,000/year + bonus eligibility ** This is an estimated range based on the circumstances at the time of posting, however, may change based on a combination of factors, including but not limited to skills, experience, education, market factors, geographical location, budget, and demand** Benefits We offer a comprehensive benefits plan including: Medical Dental Vision Flexible Spending Account (FSA) Employee Assistance Program (EAP) Life & AD&D Insurance Disability Paid Time Off Paid Holidays BEWARE OF FRAUD! Hub Group has become aware of online recruiting related scams in which individuals who are not affiliated with or authorized by Hub Group are using Hub Group's name in fraudulent emails, job postings, or social media messages. In light of these scams, please bear the following in mind Hub Group will never solicit money or credit card information in connection with a Hub Group job application. Hub Group does not communicate with candidates via online chatrooms such as Signal or Discord using email accounts such as Gmail or Hotmail. Hub Group job postings are posted on our career site: ******************************** About Us Hub Group is the premier, customer-centric supply chain company offering comprehensive transportation and logistics management solutions. Keeping our customers' needs in focus, Hub Group designs, continually optimizes and applies industry-leading technology to our customers' supply chains for better service, greater efficiency and total visibility. As an award-winning, publicly traded company (NASDAQ: HUBG) with $4 billion in revenue, our 6,000 employees and drivers across the globe are always in pursuit of "The Way Ahead" - a commitment to service, integrity and innovation. We believe the way you do something is just as important as what you do. For more information, visit ****************

We are looking for a Developer Security professional with strong expertise in DevOps and Cloud Computing. In this role, you will design, develop, and implement secure, scalable software solutions across the full Secure Software Development Life Cycle (SDLC) - from conception to deployment. Familiarity with CI/CD pipelines is essential, and experience with Kubernetes is a plus. Responsibilities Design and develop Terraform scripts for infrastructure automation. Automate cloud deployments and ensure secure configurations. Install and configure products on Kubernetes clusters. Develop and unit test software components following best practices. Collaborate with business partners to translate requirements into technical solutions. Work closely with architects and enterprise framework teams to deliver optimal solutions. Ensure non-functional requirements (security, performance, scalability, maintainability, usability, reliability) are met. Maintain code quality standards and perform appropriate testing. Qualifications 8+ years of experience in software development and security. Strong knowledge of cloud deployments and Terraform. Familiarity with middleware technologies (WebLogic, Tomcat, JBoss). Experience with Spring Boot and Agile development methodologies. Proficiency in CI/CD pipelines and GIT-based source control. Solid understanding of the secure software development lifecycle. Experience with Kubernetes, React, and Docker. Knowledge of web technologies and application servers. Skills Terraform Kubernetes Cloud Deployment Middleware (WebLogic, Tomcat, JBoss) Spring Boot CI/CD pipelines GIT-based source control Rate: $75-95/HR

Security Engineer - Application Security (Azure Focus) An established global logistics leader is seeking a Security Engineer to join its growing cybersecurity team. This is the second dedicated security hire, reporting directly to the CISO, and will play a key role in advancing the company's security posture across application environments. Day-to-Day: This engineer will own new initiatives from research through implementation, focusing on application security in Azure environments. The role involves incident response, tool deployment, vendor collaboration, policy creation, and hands-on engineering work. You'll partner closely with both technical and non-technical teams to establish security best practices, communicate effectively across departments, and drive adoption of new solutions. The position requires someone who can operate independently, lead projects, and contribute strategically to ongoing security improvements. While networking knowledge is helpful, this role is security-focused-ideal for someone with experience in an MSSP or enterprise security environment. What You'll Bring: Application Security expertise with hands-on engineering experience Strong Azure Cloud background Advanced GIAC certifications Excellent communication and collaboration skills Self-driven, proactive approach to problem-solving and project ownership This is not a compliance or analyst position-it's a hands-on, technical engineering role for someone ready to take ownership of the application security landscape and shape the future of security initiatives within a global organization.

Job Title: Senior Information Security Engineer - AI Primary Location: Rosemont, IL - Hybrid, 3 days onsite Direct Hire TalentFish is casting a line for a Senior Information Security Engineer - AI/Artificial Intelligence. This is a Direct Hire role based in Rosemont, IL with a hybrid schedule (3 days onsite) with our premier client. This is a new, exciting position within an awarded top Chicago employer organization where you'll contribute to the organization's Responsible Artificial Intelligence governance by assessing the security, integrity, and risks associated with the use of AI models and technologies. This role is hands-on and works closely with multi-disciplinary teams to evaluate AI use cases and maintain AI security frameworks and standards. What You Bring to the Role (Ideal Experience) • Bachelor's degree in Computer Science, Mathematics, or related field • 5+ years of total professional experience, including security, data security, or control validation experience • 2-3 years of practical, hands-on experience working with Artificial Intelligence technologies; working directly with AI models or ML systems • Ability to evaluate AI model risks, including bias, data exposure, data leakage, and model poisoning • Data processing or analytics skills are a plus What You'll Do (Skills Used in This Position) • Lead security assessments for AI models, including Large Language Models (LLMs), Natural Language Models (NLMs), and Small Language Models (SLMs) • Participate in review committees to assess AI use cases for value, complexity, feasibility, risk, compliance, and strategic alignment • Review AI architecture and usage within internal and third-party solutions to ensure adherence to AI security frameworks and regulatory requirements • Support development and maintenance of AI security standards, frameworks, and governance models • Provide education on AI security best practices, emerging risks, and mitigation strategies • Perform additional related responsibilities as required Compensation Information The expected salary range for this position is $120,000 - $150,000 per year, depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, 401(k), and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations. This role requires authorization to work in the U.S. without current or future visa sponsorship. All offers are contingent upon the completion of a background check, which may include but is not limited to reference checks, education verification, employment verification, drug testing, criminal records checks, and any required certifications or compliance requirements based on the end client's background check policies and applicable laws. TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening, and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible. At TalentFish we are an Equal Opportunity Employer; we embrace and encourage diversity!

About the Company: A Leading Financial Service Client is looking to hire a strong Security Engineer who can lead Red team exercises against a hybrid environment using threat intelligence and the MITRE Telecommunication&CK Framework. Responsibilities: Approx 8 years' experience with industry standard Red Team testing tools (Cobalt Strike, Mythic C2, Rubeus, Bloodhound, Covenant, etc.) or the ability to demonstrate equivalent knowledge. Expert understanding of how an Advanced Persistent Threat could compromise a financial institution without using phishing. Expert understanding of Red Team concepts, tools, and automation strategies. Expert understanding of MITRE Telecommunication&CK framework tactics, techniques, and procedures. Expert understanding of measuring and rating vulnerabilities based on principal characteristics of a vulnerability. Expert understanding of Windows and Linux system hardening concepts and techniques.

Seeking a Senior Network Security Engineer to spearhead a major network infrastructure standardization and security initiative. This is a unique opportunity for a highly autonomous and experienced engineer to own and redefine the network strategy for a multi-site enterprise. The ideal candidate will leverage their deep technical expertise in firewalls, hybrid cloud networking, and security to drive significant, long-term operational improvements. Key Responsibilities Network Standardization: Lead a year-long project to evaluate, clean up, and standardize all network architecture, including IP subnetting and VLAN configurations, across multiple physical locations. Security and Monitoring: Manage day-to-day firewall maintenance, review security logs, and implement a Security Information and Event Management (SIEM) solution to visualize and secure internal (east/west) network traffic. Infrastructure Management: Oversee the migration to and maintenance of Cisco network devices and manage the operation of the hybrid cloud environment, including connectivity like ExpressRoutes to the cloud platform. Required Qualifications Proven hands-on experience with Palo Alto firewall administration and maintenance. Expertise in managing a hybrid network environment with strong cloud service (e.g., Azure/EntraID) integration. Demonstrable competency in core networking concepts, including VLANs and IP subnetting. Familiarity with network device patching, security hardening, and leveraging SIEM tools for security monitoring. Demonstrated ability to function as a highly independent, senior resource capable of self-managing large-scale, strategic projects. This is a pivotal role for a security-minded Network Engineer to design, secure, and fully own the network infrastructure for a growing company. #11273

Senior Manager, Information Security Office (ISO) Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security. You are pragmatic and practical in your understanding of risk and security, but also willing to know when to pull in experts and escalate. You collaborate and innovate with other teams within Capital One to push the envelope. You are comfortable with Cloud Service technologies like Storage Services, Security & Access Control Management, Container Services, and API Implementation and Management. You are familiar with various Cloud computing models to include IaaS, PaaS, and SaaS along with their architectural differences. Security is essential to what we do here, from protecting our customers to our associates. Responsibilities: The Senior Lead ISO Consultant will provide cyber security architecture advisory support needed to build the Technology & Business capabilities on a novel Modern platform, that will enable customer set-up, use, and management of a Capital One Credit Card, including Data Product. In this role, the responsibilities will include: Act as a central Information Security point of contact for the Global Payment Networks line of business Coordinate and execute proactive Information Security consulting to the business and technology teams covering Infrastructure Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management Serve as an expert in Capital One's Information Security capabilities, solutions, policies, procedures and standards Collaborating with enterprise cyber teams and tech architects in defining and driving the cyber architecture strategy and guiding principles for the architecting and designing of the modern platforms. Support security architecture and implementation needs for technology modernization efforts Overseeing all cyber related dependencies across the multiple components being built for the modernization effort. Influence customers to leverage security capabilities and solutions to shift and integrate security to the left in the development processes Escalate and manage cyber security risk Provide ad-hoc support on special Information Security hot topics for the business Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment Work with line of business leadership to anticipate their objectives and needs to better serve the line of business Support the team on collectively mapping technologies to a standardized framework in order to identify and execute on best practices in risk reduction through the configuration of cybersecurity tools and platforms. Support the development, modification, and use of capability, risk, or threat classification frameworks and standardization methodologies to facilitate the conduct of correlative capability, maturity, and effectiveness evaluations. Support data validation and communications on the impact of identified operational, compliance, process, control, and tooling gaps and potential remediation courses of action to multiple audiences, including leadership, to support the enhancement of their cybersecurity postures. About You: You have a desire to work in a very fast moving, forward leaning, and modern computing environment You have a deep passion for Securing modern computing platforms You have a strong desire to continually learn about new technologies You possess strong conceptual thinking and communication skills You are able to work well under minimal supervision You are a demonstrated leader with team-oriented interpersonal skills and the ability to interface effectively with a broad range of people and roles, including upper management, IT leaders, and technology vendors You maintain calmness and clarity of thought under pressure and ability to maintain confidentiality You have a deep understanding of strategic business objectives and the ability to drive results toward those objectives Basic Qualifications: High School Diploma, GED or equivalent certification At least 6 years of experience working in cybersecurity or information technology At least 5 years of experience providing guidance and oversight of cyber security concepts At least 5 years of experience performing cyber security risk assessments or cyber security architecture reviews At least 4 years of experience with cloud security Preferred Qualifications: Bachelor's Degree 7+ years of experience in securing a public cloud environment (AWS, GCP, Azure) 6+ years of cyber security advisory and technology consulting experience 6+ years of experience in Cyber Risk Management 3+ years of experience on cryptography, HSMs and similar systems Knowledge of HPNS, ATM, Mainframe technologies and other payment networks infrastructure technologies Experience in security integration for Mergers and Acquisitions Experience with PCI and Payment Network Compliance. Professional certifications AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP) At this time, Capital One will not sponsor a new applicant for employment authorization, or offer any immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer). The minimum and maximum full-time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. Chicago, IL: $204,900 - $233,800 for Sr Manager, Cyber Technical McLean, VA: $225,400 - $257,200 for Sr Manager, Cyber Technical New York, NY: $245,900 - $280,600 for Sr Manager, Cyber Technical Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).

Our client operates worldwide and stands at the forefront of developing innovative solutions for the government, municipal, and industrial industries. They provide everything from state-of-the-art emergency vehicles to effective street sweepers, significantly improving our daily experiences and the cleanliness of our cities. Focused on advanced public safety and communication systems, they guarantee the swift delivery of essential alerts to the appropriate parties. The Network Engineer will be responsible for maintaining and administering our company's computer Wide Area and Local networks. Primary duties will include maintenance of computer networks, hardware, software, and other related systems, performing disaster recovery operations, protecting data, software, and hardware from attacks, and replacing faulty network hardware components when necessary. They will also be working closely with the users of our network to identify potential issues and resolve existing problems. Candidates will need to have a strong understanding of network infrastructure and network hardware. Will also need to be able to implement, administer, and troubleshoot network devices including WAPs, firewalls, routers, switches, and controllers. A deep knowledge of application transport and network infrastructure protocols is highly desired. Position Summary Maintaining and administering computer networks and related computing environments including systems software, applications software, hardware, and configurations. Performing disaster recovery operations and data backups when required. Protecting data, software, and hardware by coordinating, planning and implementing network security measures. Troubleshooting, diagnosing and resolving hardware, software, and other network and system problems. Replacing faulty network hardware components when required. Maintaining, configuring, and monitoring virus protection software and email applications. Monitoring network performance to determine if adjustments need to be made. Conferring with network users about solving existing system problems. Operating master consoles to monitor the performance of networks and computer systems. Coordinating computer network access and use. Designing, configuring, and testing networking software, computer hardware, and operating system software. Some Travel required. Lead/Manage Network team. Minimum Experience Bachelor's degree in information technology or equivalent experience in a related field with a network engineering focus. Strong understanding of network infrastructure and network hardware. Ability to think through problems and visualize solutions. Ability to implement, administer, and troubleshoot network infrastructure devices, including wireless access points, firewall, routers, switches, controllers. Knowledge of application transport and network infrastructure protocols. Ability to create accurate network diagrams and documentation for design and planning network communication systems. Provides specific detailed information for hardware and software selection. Ability to quickly learn new or unfamiliar technology and products using documentation and internet resources. Ability to work with all levels of staff within and outside of IT and outside the organization. A self-starter able to work independently but comfortable working in a team environment. Good analytical and problem-solving skills. Dependable and flexible when necessary. Network security experience. LAN and WAN experience. Comp $115,000 - $125,000 MMD Services Inc. is an equal opportunity employer. All applicants are considered for all positions without regard to race, religion, color, sex, gender, sexual orientation, pregnancy, age, national origin, ancestry, physical/mental disability, medical condition, military/veteran status, genetic information, marital status, ethnicity, alienage, or any other protected classification, in accordance with applicable federal, state, and local laws.

W2 only role Remote Role No development in this role/ candidate must have knowledge of the fundamentals of Service Now/ Scripting knowledge is nice-to-have especially Java scripting/ must know various platforms within Service Now (Yokahama, Xanadu, etc.) Top 3 skill sets required for this role: 1. Understanding of basic platform administration (roles, ACL's, script includes, business rules, CMDB, etc) 2. Know how to debug in the ServiceNow environment using out-of-box tools 3. Javascript, XML, JSON Nice to have skills or certifications: 1. Knowledge of REST API's and how to debug them 2. Performance analytics experience 3. Certified System Administrator Responsibilities Configure and customize core ServiceNow applications (ITSM, CMDB, Change, Problem, Incident, etc.). Collaborate with business analysts, administrators, and other stakeholders to translate requirements into technical solutions. Build and maintain integrations between ServiceNow and external systems using REST, SOAP, or other methods. Develop and maintain client scripts, business rules, UI policies, and flow designer flows. Participate in platform upgrades and ensure customizations are compatible with new versions. Conduct unit and integration testing and support UAT activities. Write and maintain clear technical documentation. Identify areas for improvement in platform performance, user experience, and workflow efficiency. Provide support and troubleshooting for application issues and user inquiries. Help solution new ideas to improve existing and future business processes Work to uphold best practice and the integrity of the ServiceNow platform Education & Certification B.S. in IT related field OR degree and equivalent work experience ServiceNow Certifications - preferred ITSM, ITAM, CMDB, SAM, HAM, FSM TIL Certification - preferred Experience 2+ years IT experience, 1+ years working on ServiceNow Xanadu+ - preferred Portal, HR, ITSM, Customer Service, Catalog, MID Servers, Discovery Probes, Notify, Integrations, Scrum, ATF (automated-test framework), Transform Maps, JavaScript, XML, JSON, REST, SOAP

Microsoft 365 Engineer Onsite Daily Locals Preferred This is a Full time, permanent position and is not open to sponsorship, 3rd party representation or H1B transfer at this time. I am looking for a hands-on Microsoft 365 Engineer to own, administer, and continuously improve our enterprise M365 environment. This is a great opportunity for someone who wants full ownership of a modern collaboration platform, enjoys solving complex technical challenges, and thrives in an onsite team environment. You'll manage daily operations, lead platform enhancements, and drive adoption across the business. Your work will directly impact company productivity, data security, and collaboration effectiveness. OVERVIEW OF RESPONSIBILITIES Microsoft 365 Administration Manage user identities, groups, licensing, and security settings in Entra ID (Azure AD). Administer Exchange Online (mail flow, hybrid connectivity, retention policies). Maintain and optimize Teams, SharePoint Online, OneDrive, Outlook, and collaboration workflows. Implement backup and recovery procedures for M365 email and files. Security & Compliance Enforce Conditional Access, MFA, and identity protection protocols. Configure retention/sensitivity labels and compliance policies via Microsoft Purview. Perform periodic security audits and resolve vulnerabilities. Support hybrid identity integration between AD and Azure AD. Monitoring & Troubleshooting Use PowerShell, Graph API, M365 Admin Center, and Defender portal to monitor performance and security. Quickly resolve complex issues related to email flow, Teams meetings, SharePoint access, and identity authentication. Build automation scripts, runbooks, and dashboards. Support & Collaboration Partner with the Service Desk and app teams to improve processes and ensure change control. Provide user training, communications, and documentation. Participate in on-call rotation and off-hours upgrades. Windows Server Management Maintain and support on-prem Windows Server infrastructure. Install, upgrade, patch, and troubleshoot server systems to ensure reliability. QUALIFICATIONS 5+ years in IT; 3+ years administering Microsoft 365 / Azure environments. Strong experience with Exchange Online, Teams, Intune, SharePoint Online, and Entra ID. Azure experience, including VMs, AKS, SQL managed instances, and Azure firewall. Strong PowerShell automation expertise. Experience with backup/disaster recovery and security protocols. Excellent communication and problem-solving ability. Microsoft or Azure certifications are a plus (Azure Admin, Azure Architect, M365, CCNA). Overview: Sterling Engineering / Staffing has a rich history of delivering top talent to our clients. We are a nationwide Staffing Firm that has been in business for over 56 years. With over 200 currently active clients, Sterling works within the Automation, Energy, Facilities, Information Technology, Food, Logistics / Supply Chain, Manufacturing, Packaging, Life Sciences, Pharmaceuticals, Engineering and R&D industries. Qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or genetic information.

Role: Network Engineer Job Type: Full Time About the role We are seeking a highly skilled and motivated Network Engineer with hands-on experience in routing and swtiching. The ideal candidate will provide direct, on-site ("hands-on") support, troubleshoot complex network issues, and be an expert in routing and switching protocols. Key responsibilities Provide on-site, "hands-and-feet" support for network infrastructure, including physical racking, stacking, cabling, and hardware replacement for Arista switches and routers. Configure, install, and support network hardware and software, ensuring seamless integration with our existing infrastructure. Monitor network performance and proactively identify and resolve issues related to routing and switching. Travel to other location when required for hands and feet support. ( 10%) Serve as the primary on-site resource for network-related incidents, performing advanced troubleshooting and resolving critical issues with minimal downtime. Knowledge of network routing protocols (e.g., OSPF, BGP) and advanced switching technologies (e.g., VXLAN, EVPN). Plan and execute network maintenance, upgrades, and expansion projects with a focus on data center and campus environments. Develop and maintain comprehensive technical documentation, including network diagrams, configurations, and standard operating procedures. Collaborate with cross-functional IT teams and vendors to deliver new solutions, resolve issues, and ensure compliance with network standards. Participate in an on-call rotation to provide 24/7 support for critical network issues. Qualifications Experience: 5+ years of hands-on experience in network engineering, with specific and in-depth experience configuring and troubleshooting routing and switching hardware and software Knowledge of L2/L3 networking protocols, including BGP, OSPF, VLANs, and Spanning Tree. Hands-On Skills: Proven experience with physical infrastructure tasks, such as server racking, cable management (copper and fiber), and hardware replacement. Problem-Solving: Excellent analytical and troubleshooting skills, with the ability to diagnose and resolve complex network issues. Disclaimer HCL is an equal opportunity employer, committed to providing equal employment opportunities to all applicants and employees regardless of race, religion, sex, color, age, national origin, pregnancy, sexual orientation, physical disability or genetic information, military or veteran status, or any other protected classification, in accordance with federal, state, and/or local law. Should any applicant have concerns about discrimination in the hiring process, they should provide a detailed report of those concerns to ****************** for investigation. Compensation and Benefits A candidate's pay within the range will depend on their work location, skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, this role is eligible for the following benefits subject to company policies: medical, dental, vision, pharmacy, life, accidental death & dismemberment, and disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year); and 10 paid holidays per year.

Network Engineer (On-site, Chicago, IL) Type: Full-time, Direct Hire Compensation: $115,000 base salary + discretionary bonus (2-6%) Benefits: Medical, Dental, Vision; HSA/FSA; 401(k) with 6% match; 2% profit sharing; Life & Disability insurance; Paid Time Off; Paid Holidays This an exciting full time, permanent opportunity with tremendous stability and growth potential! Join an iconic U.S. manufacturer and help modernize mission-critical network infrastructure that powers production, distribution, and enterprise operations. As a Network Engineer, you'll design, build, secure, and optimize LAN/WAN environments, strengthen perimeter and endpoint defenses, and collaborate across IT and business teams to keep the organization fast, resilient, and safe. What You'll Do Design, implement, and support scalable LAN/WAN/intranet architectures across plants, offices, and cloud endpoints Administer and harden network gear-firewalls, routers, switches, wireless APs, VPN-with defense-in-depth practices Monitor performance & security, triage incidents, document fixes, and drive preventive improvements Plan capacity & growth by analyzing traffic and forecasting future needs Partner with cross-functional teams to architect network solutions for new apps, SaaS, and datacenter/cloud workloads Stay current on emerging networking/cybersecurity tech and recommend pragmatic enhancements What You'll Bring Bachelor's in Computer Science, IT, or related field (Master's preferred) Proven success designing and supporting enterprise network architectures Hands-on mastery of TCP/IP, DNS, DHCP, VLANs, VPNs, and routing protocols Strong understanding of network security (firewalls, IDS/IPS, encryption, zero-trust concepts) Experience configuring/managing routers, switches, firewalls, VPNs, and voice Problem-solving mindset with crisp documentation and communication Experience leading upgrades/migrations and multi-stakeholder implementations Pay Transparency (Illinois) Base salary: up to $115,000 Discretionary bonus: 2-6% of base salary Benefits: Medical, Dental, Vision; HSA/FSA; 401(k) with 6% match; 2% profit sharing; Life & Disability; PTO; Holidays Equal Opportunity We are committed to equal employment opportunity. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic.

As a key member of the network engineering team, you will have strong experience with routing and switching in an ISP setting, including SD-WAN, network monitoring, infrastructure, as well as general network troubleshooting skills. This position is a hybrid with onsite presence required in our Schaumburg, IL office. Responsibilities: Work directly with customers to design, implement, and operate solutions that are resilient, high-performing, and maintainable. Ensure accuracy of backend systems and documentation. Perform root cause analysis and determine corrective actions. Design, provision, maintain, and troubleshoot services for clients including SD-WAN, SASE, MPLS, DIA, SIP, and UCaaS. Assist with infrastructure design, maintenance, and operation, including SNMP, Netflow, Syslog, Prometheus, Grafana, Solarwinds, Netscout, Netbox, and Veeam. Part of your role will be to support Coeo's network and infrastructure in addition to customer networks. Participate in trouble ticket resolution and troubleshoot advanced issues escalated from Tier 1 support. May require some travel. Qualifications: Experience working on ISP data networks at all layers or experience working at an MSP with a wide range of technologies. Experience troubleshooting at the packet layer, capturing, and analyzing traffic, and working with Wireshark. Experience with layer three routing protocols in an ISP environment. (e.g. IS-IS, OSPF, BGP and BGP traffic engineering). Understanding of metro ethernet design including EVCs, UNIs, and NNIs. Understanding of network design and deployment of routers and switches, e.g. Juniper, Cisco, ALU, Ciena, Fortinet, Mikrotik, etc. Experience with SD-WAN and SSE technologies, deployment, and use-case evaluation (i.e., Versa, Broadcom/VeloCloud, Client/Silver Peak). Understanding of resiliency and redundancy in network design, protocols involved, and hardware options for high availability Vendor certifications a plus, Cisco, Juniper, Palo Alto, Fortinet, etc. Excellent communications skills. Desire to take on new opportunities and work independently. Ability to work effectively as part of the Network team. Strong desire to learn and demonstrated commitment to professional development. Prior experience with any of the following would be a plus: Firewall configuration and management. Scripting and automation in PowerShell, Python, Go, etc. Voice network architecture, Clients, hosted PBX, SIP Phones, ATAs. Windows and Linux server administration. Azure, GCP, or AWS cloud configuration and management. Virtualization management experience with VMware, KVM, OpenStack, Docker, Kubernetes, or others.

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: SAPTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. We are seeking capable, talented, and motivated team-contributors at our Northrop Grumman Rolling Meadows site. Our products range from advanced sensing technologies to state-of-the-art targeting and tracking systems that are deployed in Electro-Optical Infrared (EOIR) and Radio Frequency Electronic Warfare (RFEW) systems. These systems are designed, developed, built, integrated, and tested by the capable folks at our company to protect the lives of US and Allied warfighters in present and future conflicts. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world's biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today. If you are interested in consideration to be included as a part of this team, we would invite you to apply. Northrop Grumman Mission Systems Sector (NGMS) is seeking a Staff Systems Security Engineer to join our Systems Security Engineering team. The Security Engineering team is cross-disciplinary across the security domain; encompassing embedded Systems Engineering, Cybersecurity, Software Security and Anti-Tamper Engineering. Roles & Responsibilities: · Design/develop system architectures and generate system designs to be implemented in a cost-effective manner. Implement and ensure compliance with government policies (e.g., JSIG, DAAPM, NIST 800-53, CNSSI 1253, DODI 5200.39, etc.) by reviewing process tailoring needs and approving documented procedures. Guide and monitor technical documentation/publication to document trades studies, system designs, analysis, and results related to a systems security posture such as identifying Critical Program Information (CPI) and creation of Anti-Tamper Plans Develop an understanding of system interfaces and how to protect them. Assist with the definition of key capabilities and performance requirements. Adapt production and development products to meet unique customer needs and support the development of system security functions. Collaborate with security engineering team(s), across a portfolio of programs, through the duration of program execution to solve issues and to prepare for requirements sell off. Support technical work products developed by the larger engineering team in support of major milestone deliveries (e.g.: SRR, SVR, PDR, CDR, TRR, PRR). Authoring technical documentation such as white papers, proposal technical volumes, and program milestone briefings. Collaborate with security engineering team(s), across a portfolio of programs, through the duration of program execution to solve issues and to prepare for requirements sell off. Other duties may include technical leadership, business capture activities, interfacing with industry partners and the USG. This position will be full-time, on-site at our Rolling Meadows, IL location. This position is contingent upon Funding/Contract award, special access program and acquiring and maintaining the necessary US Government security clearance per customers' requirements prior to start. Basic Qualifications for a Staff Systems Security Engineer: Bachelor's degree in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 12+years of related experience, a Master's degree in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 10+ years of related experience or a PhD in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 7+ years of related experience. 3 years of cumulative experience on DoD based platforms and/or systems regarding the application of Cybersecurity RMF or Anti-Tamper with competencies in security threat analysis, systems architecture, engineering design, requirements derivation, validation, and verification. Must have demonstrated experience in leading teams to solve technical problems, including decomposition, root cause analysis, solution development, implementation and monitoring Experience contributing to and/or making technical presentations to internal and external customers. Ability to obtain and maintain a minimum of a Secret Clearance with additional customer specified clearance prior to start. Preferred Qualifications for a Staff Systems Security Engineer: Advanced degrees in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields. Experience with design verification testing, reverse engineering, embedded software development, Cybersecurity, or Anti-Tamper Possess a DoD 8140 certification, e.g. CompTIA Security+, CISSP, or similar. Experience with proposals and creating basis of estimates (BOEs) Primary Level Salary Range: $163,200.00 - $244,800.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Addison, Texas; Jersey City, New Jersey; Boston, Massachusetts; Charlotte, North Carolina; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (*********************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the security resilience of the bank's applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. These individuals are expected to perform application security-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated source code. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior. + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing to identify high-value vulnerabilities/chained attacks. + Developing Proof-of-concepts for exploitation. + Perform assessments of the security, effectiveness, and practicality of multiple technology systems. + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications. + Provide clear and practical advice regarding managing risks. + Learn and develop advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills. + Respond to security incidents and provide technical assistance to leadership across the Information Security organization. Required Skills: + Minimum of 5+ years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment + Detailed technical knowledge in at least 5 of the following areas: + security engineering + application architecture + authentication and security protocols + application session management + applied cryptography + common communication protocols + mobile frameworks + single sign-on technologies + exploit automation platforms + Web APIs + Cloud environments + LLM security + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with DAST and SAST tools to identify vulnerabilities + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques. + Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction + Threat Analysis, threat modelling and SBOM analysis + Innovative thinking, threat actor simulation + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/All Practitioner Certs [Port Swigger BSP Academy]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester Academy] + Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

The Network Security Engineer will maintain and help deploy the Company's security platform and solution efforts as well as perform network and host threat assessments to identify, evaluate and mitigate security risks, threats and vulnerabilities. This position will primarily be responsible for the Palo Alto Firewalls, Fortigates, and F5 Load Balancers. The Network Security Engineer will work to develop action plans to mitigate identified vulnerabilities and promote security initiatives. Essential Job Functions: Work at the direction of the Security Manager to improve the security for the Company Administration of all aspects of the Palo Alto Firewalls Administration of all aspects of the FortiGate Firewalls and experience with FortiManager and FortiAnalyzer Administration of all aspects of the F5 Load Balancers Assist with the configuration and administration of security systems and tools Respond to security incidents and report on incident handling and resolution Assist with the enforcement of security policies and procedures by monitoring system activity Review security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls After hours monitoring and on call support will also be required Lead and mentor more junior network security engineers on projects and initiatives Minimum Requirements: Bachelor's Degree in Computer Science, Information Systems, or other related field 7+ years hands-on experience maintaining corporate firewalls (preferably with direct experience on Palo Alto Firewalls), Panorama Experience, Global Protect VPN configuration and management. Hands-on experience maintaining corporate load balancers (preferably with direct experience on F5 load balancers) Detailed knowledge of the OSI model and its application across corporate networks Working knowledge of Windows, Red Hat Linux, and Oracle Linux operating systems Proficient in Microsoft Word, Project, Excel, Access, Visio Ability to manage multiple projects with competing priorities Ability to work as part of a team ** This is a full-time, W2 position with Hub Group - We are NOT able to provide sponsorship at this time ** Salary Range: $110,000 - $165,000/year base salary + bonus eligibility ** This is an estimated range based on the circumstances at the time of posting, however, may change based on a combination of factors, including but not limited to skills, experience, education, market factors, geographical location, budget, and demand** BEWARE OF FRAUD! Hub Group Has Become Aware of Online Recruiting Related Scams in Which Individuals Who Are Not Affiliated with or Authorized by Hub Group Are Using Hub Group's Name in Fraudulent Emails, Job Postings, Or Social Media Messages. In Light of These Scams, Please Bear the Following in Mind Hub Group will never solicit money or credit card information in connection with a Hub Group job application. Hub Group does not communicate with candidates via online chatrooms such as Signal or Discord using email accounts such as Gmail or Hotmail. Hub Group job postings are posted on our career site: ******************************** About Us Hub Group is the premier, customer-centric supply chain company offering comprehensive transportation and logistics management solutions. Keeping our customers' needs in focus, Hub Group designs, continually optimizes and applies industry-leading technology to our customers' supply chains for better service, greater efficiency and total visibility. As an award-winning, publicly traded company (NASDAQ: HUBG) with $5 billion in revenue, our 6,000 employees and drivers across the globe are always in pursuit of "The Way Ahead" - a commitment to service, integrity and innovation. We believe the way you do something is just as important as what you do. For more information, visit ****************

***Hybrid, 3 days onsite, 2 days remote*** ***We are unable to sponsor as this is a permanent full-time role*** Responsibilities: Provide 24x7 operational support for the suite of privileged management solutions (e.g., CyberArk, Hashi, PKI), including implementing hot fixes, resolving bugs, troubleshooting issues, performing break-fixes, managing secrets lifecycle, and delivering end-user support. Maintain robust operational integrity of privileged access management infrastructure throughout its lifecycle (e.g., patching, version control, system upgrades, alignment with Security standards, etc.). Provide organizational subject matter expert on secrets management and privileged access management architecture, establishing and enforcing security as code principles throughout the environment. Develop and implement system enhancements to improve platform user experience and automated integrations, while designing long-term solutions to address operational issues through innovative technologies including artificial intelligence for faster detection and remediation of functional and technical problems. Qualifications: Experience in one or more of the following disciplines: security operations, development, engineering, or architecture Experience supporting privileged access management and access controls programs. Professional or personal experience using AI coding agents such as OpenAI Codex, Claude Code, or Gemini CLI. Expertise in providing operational and engineering support for one or more of the following: CyberArk, HashiCorp Vault, Active Directory Certificate Services (ADCS), HSMs, and Public Key Infrastructure (PKI). Expertise in scripting languages and developing in one or more of the following languages GoLang, Bash, Python, PowerShell, Ansible, and/or Terraform. Knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation. Knowledge of application authentication and authorization systems (i.e., Active Directory, oAuth 2.0, OIDC, AWS IAM, App Role, k8s, LDAPS, Kerberos, Certificate) Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines.

Microsoft 365 System Engineer (On-site, Chicago IL - south side of city) Type: Full-time, Direct Hire Compensation: $110,000 base salary + discretionary bonus (2-6%) Benefits: Comprehensive health coverage (medical, dental, vision) Paid Time Off and holidays Generous 401(k) with 6% company match 2% profit sharing, fully vested after 6 years Life & Disability insurance Great work-life balance Ready to take ownership of a critical Microsoft 365 environment? This is your chance to join a stable, well-established organization and make a big impact. As a Microsoft 365 Engineer, you'll be the go-to expert for managing, securing, and optimizing the M365 platform-including Exchange Online, SharePoint, Teams, OneDrive, Purview, and Intune-while enabling productivity and safeguarding compliance. What You'll Do Administer and maintain the Microsoft 365 tenant, including user accounts, licenses, and security settings Manage Exchange Online mailboxes, mail flow rules, hybrid connectivity, and retention policies Configure and secure Microsoft Teams, SharePoint Online, and OneDrive environments Implement compliance and data governance controls using Microsoft Purview Enforce conditional access, MFA, and identity protection policies in Entra ID (Azure AD) Monitor service health, usage, and security alerts via admin center, Defender portal, and PowerShell Troubleshoot complex issues and develop automation scripts (PowerShell, Graph API) Collaborate with IT teams on integrations, change management, and end-user training Manage Windows Server environments for optimal performance and security What You'll Bring Bachelor's in Computer Science, IT, or related field (Master's preferred) Proven experience administering Microsoft 365 environments and related services Strong knowledge of Exchange Online, SharePoint, Teams, Intune, and Purview compliance tools Expertise in Entra ID (Azure AD), identity management, and conditional access policies Proficiency in PowerShell scripting and automation Solid understanding of security best practices and compliance frameworks Pay Transparency (Illinois) Base salary: up to $110,000 Discretionary bonus Benefits: Health coverage, PTO, 401(k) with 6% match, 2% profit sharing, Life & Disability insurance, Holidays Equal Opportunity We are committed to equal employment opportunity. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic.

Denver, Colorado;Seattle, Washington; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Charlotte, North Carolina; Jacksonville, Florida; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (****************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the vulnerability of the bank's applications to malicious hacking activity. This intermediate technical role is responsible for performing application security assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include performing research, understanding the bank's security policies, working with the appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing + Perform assessments of the security, effectiveness, and practicality of multiple technology systems + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications + Provide clear and practical advice regarding managed risks + Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills Required Skills: + Minimum of 4 years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment + Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services + SQL injection/XSS attack without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with SAST tools to identify vulnerabilities + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques + Solid programming/debugging skills + Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map + Threat Analysis + Innovative Thinking + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar + Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.