Security engineer jobs in Gurnee, IL

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: SAPTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. We are seeking capable, talented, and motivated team-contributors at our Northrop Grumman Rolling Meadows site. Our products range from advanced sensing technologies to state-of-the-art targeting and tracking systems that are deployed in Electro-Optical Infrared (EOIR) and Radio Frequency Electronic Warfare (RFEW) systems. These systems are designed, developed, built, integrated, and tested by the capable folks at our company to protect the lives of US and Allied warfighters in present and future conflicts. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world's biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today. If you are interested in consideration to be included as a part of this team, we would invite you to apply. We are looking for a Principal / Senior Principal Systems Security Engineer to join our team in Rolling Meadows, IL. This position requires 100% onsite work. What You Will Get to Do: As an integral part of our Systems Security Engineering team you will be responsible for providing hands-on experience in the development of sensor payloads and mission security solutions supporting our hardware and software security solutions. Roles & Responsibilities: Demonstrate full life cycle development experience encompassing architecture design, trade studies, Anti-Tamper / Cybersecurity requirements formulation, detailed design, unit testing, system testing, and validation and verification practices. Support the development and implementation of hardware and software Anti-Tamper / CyberSecurity techniques and countermeasures to protect assets and enhance operational integrity and reliability. Implement and ensure compliance with government policies (e.g., JSIG, DAAPM, NIST 800-53, CNSSI 1253, DODI 5200.39, etc.) by reviewing process tailoring needs and approving documented procedures. Conduct thorough analyses to validate existing security requirements and develop additional safeguards as necessary to enhance system security. Collaborate with the US Government and program teams to negotiate and develop Anti-Tamper / CyberSecurity solutions for international export markets, ensuring compliance with Tri-Service Committee and Red Team requirements for US-deployed and exported military systems. Utilize reverse engineering techniques to architect and validate effective Anti-Tamper / CyberSecurity solutions. Conduct Technical Release Analyses in accordance with US Government security governance, service policies, and licensing precedents. Prepare, assess, and certify Controlled Unclassified Information and higher information and Critical Program Information determinations for licensing. Coordinate Technology Release efforts with program personnel by engaging relevant stakeholders and Subject Matter Experts (SMEs) to ensure successful outcomes, to include development and delivery of training on Technology Release processes to program personnel. Manage and communicate the necessary analyses and modifications for system, subsystem, or sensor exportability, ensuring compliance with international standards. Apply intermediate understanding of cryptographic security protocols to safeguard sensitive information. Support formal Security Test and Evaluation (ST&E) processes mandated by government authorities through comprehensive pre-test preparations, active participation in testing, result analysis, and the preparation of required reports. Document findings from Assessment and Authorization activities, as well as technical and coordination efforts, while preparing and maintaining the system Security Plans and updating the Plan of Actions and Milestones (POA&M). Support strategic planning for Anti-Tamper / CyberSecurity technology development that aligns with global strategic priorities and influences current and future policies. Collaborate effectively with program teams and global Business Development stakeholders to incorporate international requirements and features into design processes and drive product line initiatives for global market success. Actively participate in communities of practice to enhance domain knowledge and foster continuous professional development throughout the organization. This position can be filled at the Principal Systems Security Engineer or Sr. Principal Systems Security Engineer level based on specific requirements. This position will be full-time, on-site at our Rolling Meadows, IL location. This position is contingent upon Funding/Contract award, special access program and acquiring and maintaining the necessary US Government security clearance per customers' requirements prior to start. Basic Qualifications for Principal Systems Security Engineer: Bachelor's degree in a Science, Technology, Engineering, or Mathematics (STEM) field with 5+ years of related experience, a Master's degree in a STEM field with 3+ years of related experience or a PhD in a STEM field with +1 year of related experience. Two (2) years of Systems Engineering experience with DoD based Platforms, Sensors and/or Sub-systems. Including but not limited to: EO/IR, Embedded Software or Cryptography, Satellite, Architecture development, Hardware design, RF, Radar and Undersea Sensors, etc. Two (2) years of experience with requirements development, derivation, system integration & test and validation and verification. Two (2) years of experience with Anti-Tamper / Cyber Security, Reverse Engineering and/or Cyber Security Risk Management Framework / Cyber Resiliency Ability to obtain and maintain a minimum of a Secret Clearance with additional customer specified clearance prior to start. Basic Qualifications for Senior Principal Systems Security Engineer: Bachelor's degree in a Science, Technology, Engineering, or Mathematics field with 8+ years of related experience, a Master's degree with 6+ years of related experience, or a PhD with 4+ years of related experience. Two (2) years of Systems Engineering experience with DoD based Platforms, Sensors and/or Sub-systems. Including but not limited to: EO/IR, Embedded Software or Cryptography, Satellite, Architecture development, Hardware design, RF, Radar and Undersea Sensors, etc. Two (2) years of experience with requirements development, derivation, system integration & test and validation and verification Two (2) years of experience with Anti-Tamper / Cyber Security, Reverse Engineering and/or Risk Management Framework / Cyber Resiliency Ability to obtain and maintain a minimum of a Secret Clearance with additional customer specified clearance prior to start. Preferred Qualifications: Advanced degrees in Science, Technology, Engineering or Mathematics or related technical fields. Active Secret or Top Secret clearance Experience with Hardware (Firmware) Assurance, Software Attack Surface Analysis Report, Select Software/Firmware Encryption, and Secure Key Handling Experience with identifying and mitigating software assurance vulnerabilities and performing integration testing of mitigation/resolution Experience with contributing to and/or making technical presentations to internal and external customers Primary Level Salary Range: $105,400.00 - $158,000.00Secondary Level Salary Range: $131,100.00 - $196,700.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Job Description: Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the vulnerability of the bank's applications to malicious hacking activity. This intermediate technical role is responsible for performing application security assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include performing research, understanding the bank's security policies, working with the appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. Key Responsibilities in order of importance: * Perform assigned analysis of internal and external threats on information systems and predict future threat behavior * Incorporate threat actors' tactics, techniques, and procedures into offensive security testing * Perform assessments of the security, effectiveness, and practicality of multiple technology systems * Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. * Prepare and present detailed technical information for various media including documents, reports, and notifications * Provide clear and practical advice regarding managed risks * Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills Required Skills: * Minimum of 4 years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment * Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services * SQL injection/XSS attack without the use of tools * Experience performing manual code reviews for security relevant issues * Experience working with SAST tools to identify vulnerabilities * Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings * Experience performing manual web application assessments i.e., must be able to simulate a * Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) * Experience with vulnerability assessment tools and penetration testing techniques * Solid programming/debugging skills * Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map * Threat Analysis * Innovative Thinking * Technology Systems Assessment * Technical Documentation * Advisory Desired: * CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar * Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Arete Technologies, Inc. offers set of innovative Consulting and Outsourcing services, bridging the gap between requirements and outputs of various dexterous and facile companies worldwide. The thrust of providing global deliverables with focus on providing paramount and unsurpassed services combined with cost saving solutions to the clients We understand the business requirements in the present day corporate scenario and aspire to provide world-class services enabling the organization to burgeon and flourish while keeping the work-life balance intact. The Global delivery mechanism followed at Arete Technologies, Inc. saddles proficient schemas and unconventional channels to provide one-stop solutions for all your workforce needs. our Team is an exquisite amalgamation of vast experiences of over 30 years in IT Consulting and Staffing industry. Connoisseurs in the field of staff augmentation for IT, we operate on 24 by 7 model with an aim of providing affordable and adept professionals with an assurance of satisfaction for both Consultants and Clients. We are pre-eminent service providers in the field of staff augmentation, IT Consultancy, Software development, Web Development providing unexcelled services and focusing on both the employers and employees. Job Description • Must have 4+ years' experience with Sourcefire IPS • Must have experience in IPS placement and installation • Must have planned and upgraded the Sourcefire appliances • Must have team management and customer interaction skills • Must have experience in managing vendor relationships • Must have exposure in defining SLAs • Must have expertise in defining Standard Operating Procedures • Must have expertise in Remote Infrastructure management for network and information security Qualifications ***citizen or green card only**** Additional Information Best Regards Alka Bhatia

The Role We are seeking a hands-on, outcome-driven Information Security Engineer who thrives at the intersection of technical execution and security operations mentorship. You will design, deploy, and maintain security technologies, lead incident response alongside our analysts, and serve as a force multiplier for the security program. This role requires a builder mindset-you won't just keep the lights on, you'll create repeatable processes, automation, and measurable improvements. You'll also be expected to mentor our analysts, helping them grow while raising the overall maturity of our SOC. This role will be reporting to the Information Security Operations Manager. This role is based in Chicago. The role is primarily remote but you must live within the Chicagoland area to come into the office as needed. Responsibilities Operational Excellence Lead incident response cases, ensuring timely containment, eradication, and recovery. Oversee daily system operations, tuning, and health of security tools (SIEM, EDR, email security, vulnerability management, DLP, DNS protection). Own the vulnerability management cycle: identification, prioritization, and remediation tracking against defined SLAs. Provide Tier 3 escalation support and guidance for SOC and analyst team. Engineering & Architecture Design and implement security controls across network, endpoint, application, and cloud environments. Drive automation and SOAR integrations to reduce analyst fatigue and increase response speed. Build and maintain playbooks, standard operating procedures, and evidence packs for compliance frameworks (NIST 2.0, SOC 2, HIPAA). Conduct penetration testing and application security assessments, validating remediation. Mentorship & Enablement Act as point of contact for incident escalations, providing calm, clear direction. Mentor security analysts and guide them in investigative techniques, root cause analysis, and threat hunting. Represent InfoSec in change advisory board (CAB) and project management meetings, ensuring security-by-design. Translate technical risks into business impact for stakeholders across retail, cultivation, and HQ operations. Qualifications Bachelor's degree or higher in Information Security, or at least 6 years' experience in Information Technology, or 4 years in Information Security. ISC(2) CISSP, ISC(2) CCSP, CCNA-S, or similar certifications can help you stand out, but not required. Experience in executing security solutions from concept through deployment. Experience in Incident Response. Strong understanding of Information Security technologies, design, and architecture. Proven track record of training or mentoring fellow colleagues. Demonstrated ability to self-direct tasks with minimal supervision to achieve goals. Strong written and oral communication skills. Deep knowledge of network, endpoint, application, and cloud security. Foundational knowledge of CIS, COBIT, NIST, MITRE, OWASP, or other common security frameworks or control schemes. Foundational knowledge of risk management and disaster recovery planning / management. Foundational knowledge of compliance standards like SOX, SOC2 and ISO 27001 or regulations like GDPR, PCI, CCPA, HIPAA. Strong problem-solving skills with well-organized and structured work habits. Ability to keep calm in high-stress or emergency situations. Ability to think abstractly and critically to consider potential concerns and determine their validity. Ability to discuss highly technical situations in terms that non-technical stakeholders can effectively understand. An insatiable intellectual curiosity and the ability to learn quickly in a complex space. Additional Requirements Must pass any and all required background checks Must be and remain compliant with all legal or company regulations for working in the industry Must be a minimum of 21 years of age #LI-HYBRID The pay range is competitive and based on experience, qualifications, and/or location of the role. Positions may be eligible for a discretionary annual incentive program driven by organization and individual performance. Green Thumb Pay Range$110,000-$140,000 USD

The Cloud Security Engineer is primarily responsible for designing, implementing, and supporting secure Microsoft Azure cloud environments for the Firm. This individual will ensure that cloud-based development platforms, APIs, and applications follow best practices, regulatory requirements, and Firm-specific policies to protect sensitive Client and Firm data. The Cloud Security Engineer acts as a subject matter expert, collaborating with cross-functional teams to establish secure coding, deployment, and data management processes. This role also participates in security incident response activities related to cloud infrastructure and applications, ensuring timely detection, containment, and remediation of potential threats. This person will also contribute to our overall Cloud Security Strategy. Duties and Responsibilities Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Familiarity with AWS and Google cloud needed as well. Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring. Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management. Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing. Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production. Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows. Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices. Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes. Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions. Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA). Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem. Salaries vary by location and are based on numerous factors, including, but not limited to, the relevant market, skills, experience, and education of the selected candidate. If an estimated salary range for this role is available, it will be provided in our Target Salary Range section. Our compensation package also includes bonus eligibility and a comprehensive benefits program. Benefits information can be found at Sidley.com/Benefits. Target Salary Range $127,000 - $147,000 if located in Illinois Qualifications To perform this job successfully, an individual must be able to perform the Duties and Responsibilities (Duties) above satisfactorily and meet the requirements below. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the job. If you need such an accommodation, please email ************************** (current employees should contact Human Resources). Education and/or Experience: Required: Bachelor's degree with a preference for those with a degree in Computer Science, Information Security, Technology or a related field. Minimum of 3 years of experience in cloud security engineering, with a strong focus on Microsoft Azure. Hands-on experience with Azure security services (e.g., Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management). Experience designing and managing secure DevSecOps pipelines using Azure DevOps or equivalent tools. Strong understanding of cloud-based network security, encryption, and identity management best practices. Demonstrated ability to assess, troubleshoot, and remediate security issues in cloud environments. Preferred: Relevant cloud and security certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+). Experience in the legal, financial, or other highly regulated industries. Relevant certifications (e.g. CISSP, Security+, etc.) Familiarity with AWS and Google a plus. Other Skills and Abilities: The following will also be required of the successful candidate: Strong organizational skills Strong attention to detail Good judgment Strong interpersonal communication skills Strong analytical and problem-solving skills Able to work harmoniously and effectively with others Able to preserve confidentiality and exercise discretion Able to work under pressure Able to manage multiple projects with competing deadlines and priorities Sidley Austin LLP is an Equal Opportunity Employer #LI-Hybrid #LI-HM1

We have and exciting Embedded Security Systems Engineer/Technician opportunity with well-known client in The River North section of Chicago. Position is with a well-run integrator that is growing aggressively in both Illinois and also Nationally. If you enjoy learning and deploying new technology, this will be right up your alley! This position will require you to work in their office 2-3 days per week and you can also work remote 2-3 days/week. We are looking for a high-level Commercial/Industrial Security Technician (No wire pulling!!!!) with good programming, networking, and communication skills. Position will be a combination of programming, routine service, and basic systems admin tasks. *All applicants must be Lenel certified and/or highly proficient in programming Lenel. Milestone experience is also preferred. Basic database and networking skills also are required. There will be a TON of room to grow. Company is well run and values their employee's insights. They are small enough where your voice will be heard but big enough to play with the big boys (Siemens, JCI, Convergint etc….). If you are interested in discussing confidentially, please send an updated resume as a PDF or Word attachment. Keywords: KEYWORDS: IP Video, CCTV, Access Control, Card Access, Alarm, Biometrics, DVR, Systems Integration, Electronic Security Design Engineer, Lenel, Software House, SW House, Casi-Rusco, S2, IP Video, Honeywell Prowatch, AMAG, Genetec, CCure 9000, C-Cure 9000, Avigilon, Security Systems Technician, Security Systems Engineer, Security Technician, Security Installation Technician, Security Service Technician, Security Designer, Electronic Security Engineer, Physical Security Engineer, Security Systems Design, Security Applications Engineer, Security Pre Sales, Security Estimator, Electronic Security Estimator, Electronic Security Programmer, Access Control Programmer, Brad Culp Sr. Technical Recruiter/Partner Solution Staffing, Inc. 207 Amy Court North Wales, PA 19454 Ph: (267) 222-8760 Brad@Solutionstaffing.net www.solutionstaffing.net

The JFG Information Security Engineering & Operations Analyst plays a key role in supporting JFG's Identity & Access Management (IAM), Cyber Threat Management, and Vulnerability Management services. This role helps support IAM services to provision, deprovision, and certify access to JFG systems. It also helps detect, analyze, hunt for, and report on cybersecurity events related to malware, network intrusion, and data loss protection and insider threat incidents. This role is also responsible for finding and reporting on internal and external vulnerabilities on JFG systems. This role will be supported by a Managed Detection & Response (MDR) services and Identity & Access Management Managed services. Occasional off-hour and weekend work will be expected. Very little (less than 5%) business travel is expected in this role. This role will be located in Racine, Wisconsin. Ability to come in-office would be required (working a hybrid schedule.) KEY RESPONSIBILITIES: * Detect, analyze, contain, and remediate threats and vulnerabilities across the JFG environment. * Operate and support vulnerability management, data loss protection, cybersecurity monitoring, cybersecurity incident response, intrusion analysis, root-cause-analysis (digital forensics), cyber-threat intelligence, and malware analysis technologies. * Lead and report on incidents involving malware, network intrusion, insider-threat, internal investigations and litigation support activities. * Incorporate Cyber Threat Intelligence into operational signal intelligence and reporting. * Proactively investigate JFG environment for threats based on Cyber Threat Intelligence and known threat methods and patterns (aka Threat Hunting). * Operate and support Identity Governance and Administration technologies to support timely on/off-boarding of people and regular access governance reviews to ensure appropriate access. * Support weekly/monthly/quarterly/annual operational metrics, reports and dashboards. * Assist with maintaining the Cybersecurity Incident Response Plan. * Collaborate on the continuous improvement of Information Security Operations processes, workflows, and procedures (e.g. RunBooks). * Automate repetitive tasks and drive efficiencies with measurable benchmarks to show progress. JOB REQUIREMENTS: * Associates degree in Information Security, Cybersecurity preferred * 0-2 years' experience * Types of certification preferred: Security+, CEH, SSCP * Experience with Python and PowerShell scripting languages for automation preferred * Good report writing and communication skills * Has a basic understanding of the Information Security platforms at JFG, common Information Security controls and frameworks, networking concepts and technologies, as well as Windows and Linux environments Come as you are. Johnson Financial Group supports and is committed to the principle of equal employment opportunity. We make all employment-related decisions without regard for an individual's race, color, religion, sex, sexual orientation, age, national origin, citizenship, disability, veteran status, or any other protected status as required by law.

At Children's Wisconsin, we believe kids deserve the best. Children's Wisconsin is a nationally recognized health system dedicated solely to the health and well-being of children. We provide primary care, specialty care, urgent care, emergency care, community health services, foster and adoption services, child and family counseling, child advocacy services and family resource centers. Our reputation draws patients and families from around the country. We offer a wide variety of rewarding career opportunities and are seeking individuals dedicated to helping us achieve our vision of the healthiest kids in the country. If you want to work for an organization that makes a difference for children and families, and encourages you to be at your best every day, please apply today. Please follow this link for a closer look at what it's like to work at Children's Wisconsin: *********************************** Children's Wisconsin is seeking a Senior Information Epic Security Analyst- to join our team! Location: Remote but must be local to Milwaukee What you will do: The IS Security Analyst-Epic will perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Ensures that user community understands and adheres to necessary procedures to maintain security. Must be able to weigh business needs against security concerns and articulate issues to management. Primary EPIC security lead on Enterprise Information Security team responsible for management of Epic user records (EMP users, including background users) which includes the life cycle management of the records (creation, modification, inactivation) and auditing as appropriate. Collaborates with app analysts teams who manage the templates and sub templates. Participates in the development of workflows, system configuration, change documentation, optimization and support related to Epic security, while working with application teams to deploy functionality changes, new modules or departments, update security classes, modify provider records, conduct user analysis, and implement security enhancements. Leads and assists in the development of department and organization wide policies and procedures, while effectively communicating policies and procedures impacting Identity and Access management to end users, leadership, and peers to ensure compliant practices. Provides guidance on optimizing security build based on appropriate minimum necessary standards. Responsible for the on-going maintenance, testing, support and optimization of Epic user security and provider management, with focus on role based access. Epic certification is a requirement. Excellent organizational skills and ability to manage work load while assigned to multiple simultaneous projects with minimal supervision. Thorough understanding of user account administration in a network environment. Thorough understanding of security auditing principles. Familiarity with current common paradigms for violating system integrity. Top-tier security performance tuning skills and trouble-shooting required. Works closely with all levels of the organization to ensure that security is consistent with organizational security standards, information access requirements and business strategies. Coordinates with IS entities regarding technical considerations (user rights/privileges, system access) to ensure proper implementation and provides on-going support for all security operations. Works collaboratively with Internal Audit, Corporate Compliance, Human Resources and other departments on security related issues and projects. Works with cross-functional teams to perform reviews and tests of IS internal controls to ensure existing systems are operating as designed and contain adequate controls. Monitors and analyzes technology security and recommends appropriate IS policies, procedures and practices to strengthen security operations. Provides consultation regarding audit, regulatory and security management activities across IS functional areas. Coordinates the IS component of both internal and external audits, federal and state examinations. ESSENTIAL FUNCTIONS: Demonstrates behaviors outlined in the Core Competencies the Blue Kids Way to provide service excellence as a committed partner to children, families and co-workers. Recommends and maintains policies and procedures related to information security. Monitors the organization's overall security fabric. Assesses security needs and capabilities of the organization. Makes regular reports to management concerning security measures. Makes recommendations for improvement as required. Identifies and provides information security awareness training as appropriate. Identifies appropriate courses to enhance security capabilities and competencies of the organization. Works with management to perform and maintain risk assessments. Ensures organization compliance with the security sections of Federal and State statutes, including HIPAA, as well as regulatory requirements. Coordinates investigations into potential security infractions. Determines and designs appropriate tests for all aspects of information security. Activities may include attempted “cracking” of system security, review of audit trails and attempted theft of devices. Evaluates system effectiveness and makes change recommendations as necessary. Coordinates periodic reviews of system security by outside consultants, including vulnerability assessments, penetration tests, HIPAA reviews and PCI compliance. Works with IS teams to implement recommendations as appropriate. Monitors, evaluates and makes recommendations regarding perimeter security including prevention against attack, viruses, and other forms of malicious software. Monitors, evaluates and makes recommendations regarding email and Internet content filtering. Evaluates and makes recommendations regarding requested changes to perimeter security. Recommends policies and procedures for controlling remote access by employees, non-employees and vendors. Reviews and makes recommendations regarding security oriented software applications and workstation security, including patch management, user rights management, and operating system configuration. Keeps current on security issues through seminars, publications and self-education on an on-going basis. MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED: Requires bachelor's degree in computer science or related technology field. Master's degree preferred. Requires 7 years of relevant computer systems experience, preferably in a hospital or healthcare setting. Significant experience in IS security administration including compliance, audit, and information security management. Epic Security certification is a requirement. Professional certification (e.g. CISA, CISM or CISSP) preferred. Thorough understanding of risk analysis, disaster recovery and audit tracking. Familiarity with current common paradigms for violating system integrity. Must have excellent interpersonal skills to effectively communicate with all levels of hospital personnel, vendors and IS personnel. Must possess the ability to deliver clear, concise communications and presentations. Must be able to train others on key IS security concepts. Children's Wisconsin is an equal opportunity / affirmative action employer. We are committed to creating a diverse and inclusive environment for all employees. We treat everyone with dignity, respect, and fairness. We do not discriminate against any person on the basis of race, color, religion, sex, gender, gender identity and/or expression, sexual orientation, national origin, age, disability, veteran status, or any other status or condition protected by the law. Certifications/Licenses:

AYR Global IT Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations by providing proven and experienced consultants to our clients. Our competitive, transparent pricing model and industry experience make us a top choice of Global System Integrators and enterprise customers with federal and commercial projects supported nationwide. Job Role: Data and System Security Engineer Location: Lincolnshire, IL Duration: 6+ Months Qualifications Job Description: Data and System Security engineer Experience with data encryption management solutions, such as Vormteric and CloudLink Experience with PKI management solutions, such as ADCS and External providers Investigative and analytical problem solving skills Customer service/support experience Additional Skills:PKI Knowledge of encryption management technologies, such as Vormetric, CloudLink. Additional Information If anyone might be intersted please send resumes to kmarsh@ayrglobal (dot) com or you can reach me direct at **************

Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. It's a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too. Foley & Lardner LLP is currently seeking a Senior Security Engineer to join the Architecture team in our Information Security department. The Senior Security Engineer is responsible for engineering and implementing solutions to enhance the Firm's security infrastructure, collaborating with the Information Security team, internal IT, and business units. This role focuses on securing cloud-based environments through initiatives such as Cloud Security Posture Management (CSPM), DevSecOps practices (e.g., automated security testing in CI/CD pipelines), Identity and Access Management (IAM/IDM) administration, and participation in Information Security Architecture reviews. Key responsibilities include implementing and maintaining robust security controls for technology infrastructure and cloud platforms, while ensuring secure integration of emerging technologies, including AI systems. The role also serves as an escalation resource for the Information Security Operations team, providing advanced expertise and support. As part of a small team, you will provide security guidance for the technology environment, aiming to mature the security control framework, develop tailored solutions for cloud workloads, and enhance overall security posture. You will act as a security advocate, advising key stakeholders on technology risk management and balancing security with business needs through effective mitigation strategies, ensuring safe adoption of cloud and related technologies. Responsibilities * Work in active partnership with key stakeholders to perform security architecture risk reviews * Develop and implement advanced-level Cloud Security solutions * Support and advance the overall Information Security technology roadmap * Provide recommendations for advancing the Information Security program, security policies, and security control standards to enhance operational practices * Create and maintain Information Security standards applicable to all technologies in the portfolio * Provide requirement, guidance, and vision to the vendor community to cultivate the appropriate combination of technology and feature capabilities to meet current and future security requirements * Execute on infrastructure threat and vulnerability management processes * Ensure security systems are upgraded by monitoring security environment, identifying security gaps and evaluating and implementing enhancements * Define, develop and maintain metrics and measurements for information security controls and processes * Respond to security-related issues, problems, crises, and critical situations to support resolution and minimize downtime * Act as a senior-level point of contact for incident investigations and minor security events (e.g., unauthorized access, non-compliance with Firm policies, fraud, service disruptions, etc.) to determine malfunctions, breaches, and remediation steps * Responsible for Information Security technology selection process to include requirements consolidation into RFI/RFP/RFQ, testing, POC, selection and deployment * Support audits against internal and industry process, quality, and security standards; drive initiatives and remediation efforts to correct non-conformance * Provide Information Security consulting on security related issues * Collaborate with peers to identify and implement improvement initiatives across the Firm, processes and toolsets * Manage multiple, parallel projects using formal project planning techniques * Ability to work evening and weekend hours as needed or directed. Some travel may be required Qualifications * Associate's Degree required; Bachelor's Degree preferably in Engineering, Information Technology, Computer Science, or similar strongly preferred * At least one of the following certifications required: CISSP, Microsoft Azure AZ-104 & AZ-500, CCSP, CCSK, CPT/CEH * Minimum of five (5) years in a professional technical Information Technology role required * Minimum of three (3) years of hands-on experience in Information Security with Cloud Security exposure required * Specialized Cloud Security certification(s) desired * SailPoint Identity and Access Management (IAM/IDM) vendor-specific certification(s) desired #LI-Hybrid In support of transparency and equity in the workplace, Foley provides salary ranges for all positions. The figures below represent the full compensation range of this position. The actual offered amount will be between the range minimum and midpoint based on the following factors: education, experience, geographic market, and internal pay equity at Foley.Chicago - $111,500 to $167,300

Job Description Support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

Title: Security Operations Center (SOC) - Information Security Analyst Company: Award-Winning, $50B Publicly Traded Company Type: Full-Time Location: Hybrid - Chicagoland Area (Onsite 3-4 Days/Week) Travel: None Job Overview Join an award-winning, publicly traded company and be part of a fast-paced, cutting-edge security team! This newly developed SOC Analyst role offers an exciting and dynamic environment where no two days are the same. You'll have the opportunity to work with leading security tools like Splunk, CrowdStrike, Digital Shadows, and Proofpoint, while collaborating with a skilled and supportive security engineering team. You'll be part of a tight-knit, communicative team that values collaboration, knowledge-sharing, and professional growth. If you thrive in fast-paced security operations and enjoy hands-on problem-solving, this is an excellent opportunity to make an impact. Key Responsibilities: Manage the Phish Alert mailbox. Perform QA on tickets for a service provider. Handle tier 2 escalated inquiries. Support security operations through log aggregation and analysis. Leadership & Team Culture The leadership team is known for holistically supporting its team members, ensuring that growth, learning, and well-being remain top priorities. They provide ongoing career development opportunities, mentorship, and hands-on training to help employees expand their expertise and advance their careers. Beyond technical growth, leadership fosters a culture of inclusivity and collaboration, ensuring that every team member is heard, valued, and supported. Open communication, continuous learning, and a strong sense of community define the workplace, empowering individuals to contribute, innovate, and succeed. Requirements 3+ years of experience in cybersecurity or a related field. Proficiency with at least some of the following tools: CrowdStrike, Proofpoint, Digital Shadows, or Splunk Experience working in a Security Operations Center (SOC) environment is a plus, but not required. Compensation & Benefits Base Salary: $70,000 - $90,000 (dependent on qualifications, skills, and experience). Bonus Eligible. Comprehensive Benefits Package Includes: Medical, Dental, Vision, and Life Insurance Traditional and Roth 401(k) with company match Employee Stock Purchase Plan (ESPP) And much more! Apply Today!

Job Title: SAP Security Architect Duration for Contract: 5 Months + - ECC 6.0 Security design / architecture is the base requirement for the role. - 7+ years of experience in application or SAP ECC, BI, HR, portal and CRM security architecture, design and administration. Summary: Provide solutions architecture oversight for new development projects specific to SAP according to timelines and budget, while following accepted programming, testing and change control standards, and accepted business intelligence technology best practices. Job Responsibilities: • Define and document the structure, connections and relationships of business processes, organizational work groups, SAP data models, SAP applications, user interfaces, applications interfaces, SAP infrastructure and network topology. • Provide standards, guidelines and statements of direction for IT system architectures, establishing a framework that constrains the design of systems for the purpose of integration of systems and accessibility of data supporting various business processes and functions. • Define, design and develop the SAP enterprise systems information architecture to enable cross functional operational reporting and performance optimization. • Identify strategic opportunities and drive cross-business and cross-functional change. Skills: • Knowledge of ITIL and SDLC. • Experience in business system application design, development and installation. • Experience in planning/architecture development and support. • Experience designing and implementing advanced SAP application architectures. Education/Experience: • Bachelor's degree in Computer Science or a related field. • Master's degree in Business or Management Information Systems preferred. • 8-10 years of SAP functional systems experience. • SAP Certification preferred. Additional Information All your information will be kept confidential according to EEO guidelines.

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: SAPTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. We are seeking capable, talented, and motivated team-contributors at our Northrop Grumman Rolling Meadows site. Our products range from advanced sensing technologies to state-of-the-art targeting and tracking systems that are deployed in Electro-Optical Infrared (EOIR) and Radio Frequency Electronic Warfare (RFEW) systems. These systems are designed, developed, built, integrated, and tested by the capable folks at our company to protect the lives of US and Allied warfighters in present and future conflicts. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world's biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today. If you are interested in consideration to be included as a part of this team, we would invite you to apply. Northrop Grumman Mission Systems Sector (NGMS) is seeking a Staff Systems Security Engineer to join our Systems Security Engineering team. The Security Engineering team is cross-disciplinary across the security domain; encompassing embedded Systems Engineering, Cybersecurity, Software Security and Anti-Tamper Engineering. Roles & Responsibilities: · Design/develop system architectures and generate system designs to be implemented in a cost-effective manner. Implement and ensure compliance with government policies (e.g., JSIG, DAAPM, NIST 800-53, CNSSI 1253, DODI 5200.39, etc.) by reviewing process tailoring needs and approving documented procedures. Guide and monitor technical documentation/publication to document trades studies, system designs, analysis, and results related to a systems security posture such as identifying Critical Program Information (CPI) and creation of Anti-Tamper Plans Develop an understanding of system interfaces and how to protect them. Assist with the definition of key capabilities and performance requirements. Adapt production and development products to meet unique customer needs and support the development of system security functions. Collaborate with security engineering team(s), across a portfolio of programs, through the duration of program execution to solve issues and to prepare for requirements sell off. Support technical work products developed by the larger engineering team in support of major milestone deliveries (e.g.: SRR, SVR, PDR, CDR, TRR, PRR). Authoring technical documentation such as white papers, proposal technical volumes, and program milestone briefings. Collaborate with security engineering team(s), across a portfolio of programs, through the duration of program execution to solve issues and to prepare for requirements sell off. Other duties may include technical leadership, business capture activities, interfacing with industry partners and the USG. This position will be full-time, on-site at our Rolling Meadows, IL location. This position is contingent upon Funding/Contract award, special access program and acquiring and maintaining the necessary US Government security clearance per customers' requirements prior to start. Basic Qualifications for a Staff Systems Security Engineer: Bachelor's degree in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 12+years of related experience, a Master's degree in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 10+ years of related experience or a PhD in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields with 7+ years of related experience. 3 years of cumulative experience on DoD based platforms and/or systems regarding the application of Cybersecurity RMF or Anti-Tamper with competencies in security threat analysis, systems architecture, engineering design, requirements derivation, validation, and verification. Must have demonstrated experience in leading teams to solve technical problems, including decomposition, root cause analysis, solution development, implementation and monitoring Experience contributing to and/or making technical presentations to internal and external customers. Ability to obtain and maintain a minimum of a Secret Clearance with additional customer specified clearance prior to start. Preferred Qualifications for a Staff Systems Security Engineer: Advanced degrees in Electrical Engineering, Software Engineering, Computer Engineering, Computer Science, Cybersecurity, or related technical fields. Experience with design verification testing, reverse engineering, embedded software development, Cybersecurity, or Anti-Tamper Possess a DoD 8140 certification, e.g. CompTIA Security+, CISSP, or similar. Experience with proposals and creating basis of estimates (BOEs) Primary Level Salary Range: $163,200.00 - $244,800.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Job Description: Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the security resilience of the bank's applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. These individuals are expected to perform application security-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated source code. Key Responsibilities in order of importance: * Perform assigned analysis of internal and external threats on information systems and predict future threat behavior. * Incorporate threat actors' tactics, techniques, and procedures into offensive security testing to identify high-value vulnerabilities/chained attacks. * Developing Proof-of-concepts for exploitation. * Perform assessments of the security, effectiveness, and practicality of multiple technology systems. * Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. * Prepare and present detailed technical information for various media including documents, reports, and notifications. * Provide clear and practical advice regarding managing risks. * Learn and develop advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills. * Respond to security incidents and provide technical assistance to leadership across the Information Security organization. Required Skills: * Minimum of 5+ years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment * Detailed technical knowledge in at least 5 of the following areas: * security engineering * application architecture * authentication and security protocols * application session management * applied cryptography * common communication protocols * mobile frameworks * single sign-on technologies * exploit automation platforms * Web APIs * Cloud environments * LLM security * Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings * Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools * Experience performing manual code reviews for security relevant issues * Experience working with DAST and SAST tools to identify vulnerabilities * Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) * Experience with vulnerability assessment tools and penetration testing techniques. * Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction * Threat Analysis, threat modelling and SBOM analysis * Innovative thinking, threat actor simulation * Technology Systems Assessment * Technical Documentation * Advisory Desired: * CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/All Practitioner Certs [Port Swigger BSP Academy]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester Academy] * Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40

The Cloud Security Engineer is primarily responsible for designing, implementing, and supporting secure Microsoft Azure cloud environments for the Firm. This individual will ensure that cloud-based development platforms, APIs, and applications follow best practices, regulatory requirements, and Firm-specific policies to protect sensitive Client and Firm data. The Cloud Security Engineer acts as a subject matter expert, collaborating with cross-functional teams to establish secure coding, deployment, and data management processes. This role also participates in security incident response activities related to cloud infrastructure and applications, ensuring timely detection, containment, and remediation of potential threats. This person will also contribute to our overall Cloud Security Strategy. Duties and Responsibilities Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Familiarity with AWS and Google cloud needed as well. Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring. Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management. Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing. Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production. Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows. Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices. Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes. Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions. Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA). Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem. Salaries vary by location and are based on numerous factors, including, but not limited to, the relevant market, skills, experience, and education of the selected candidate. If an estimated salary range for this role is available, it will be provided in our Target Salary Range section. Our compensation package also includes bonus eligibility and a comprehensive benefits program. Benefits information can be found at Sidley.com/Benefits. Target Salary Range $127,000 - $147,000 if located in Illinois Qualifications To perform this job successfully, an individual must be able to perform the Duties and Responsibilities (Duties) above satisfactorily and meet the requirements below. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the job. If you need such an accommodation, please email ************************** (current employees should contact Human Resources). Education and/or Experience: Required: Bachelor's degree with a preference for those with a degree in Computer Science, Information Security, Technology or a related field. Minimum of 3 years of experience in cloud security engineering, with a strong focus on Microsoft Azure. Hands-on experience with Azure security services (e.g., Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management). Experience designing and managing secure DevSecOps pipelines using Azure DevOps or equivalent tools. Strong understanding of cloud-based network security, encryption, and identity management best practices. Demonstrated ability to assess, troubleshoot, and remediate security issues in cloud environments. Preferred: Relevant cloud and security certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+). Experience in the legal, financial, or other highly regulated industries. Relevant certifications (e.g. CISSP, Security+, etc.) Familiarity with AWS and Google a plus. Other Skills and Abilities: The following will also be required of the successful candidate: Strong organizational skills Strong attention to detail Good judgment Strong interpersonal communication skills Strong analytical and problem-solving skills Able to work harmoniously and effectively with others Able to preserve confidentiality and exercise discretion Able to work under pressure Able to manage multiple projects with competing deadlines and priorities Sidley Austin LLP is an Equal Opportunity Employer #LI-Hybrid #LI-HM1

AYR Global IT Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations by providing proven and experienced consultants to our clients. Our competitive, transparent pricing model and industry experience make us a top choice of Global System Integrators and enterprise customers with federal and commercial projects supported nationwide. Job Role: Data and System Security Engineer Location: Lincolnshire, IL Duration: 6+ Months Qualifications Job Description: Data and System Security engineer Experience with data encryption management solutions, such as Vormteric and CloudLink Experience with PKI management solutions, such as ADCS and External providers Investigative and analytical problem solving skills Customer service/support experience Additional Skills:PKI Knowledge of encryption management technologies, such as Vormetric, CloudLink. Additional Information If anyone might be intersted please send resumes to kmarsh@ayrglobal (dot) com or you can reach me direct at **************

Job Description Job Title: SAP Security Architect Duration for Contract: 5 Months + - ECC 6.0 Security design / architecture is the base requirement for the role. - 7+ years of experience in application or SAP ECC, BI, HR, portal and CRM security architecture, design and administration. Summary: Provide solutions architecture oversight for new development projects specific to SAP according to timelines and budget, while following accepted programming, testing and change control standards, and accepted business intelligence technology best practices. Job Responsibilities: • Define and document the structure, connections and relationships of business processes, organizational work groups, SAP data models, SAP applications, user interfaces, applications interfaces, SAP infrastructure and network topology. • Provide standards, guidelines and statements of direction for IT system architectures, establishing a framework that constrains the design of systems for the purpose of integration of systems and accessibility of data supporting various business processes and functions. • Define, design and develop the SAP enterprise systems information architecture to enable cross functional operational reporting and performance optimization. • Identify strategic opportunities and drive cross-business and cross-functional change. Skills: • Knowledge of ITIL and SDLC. • Experience in business system application design, development and installation. • Experience in planning/architecture development and support. • Experience designing and implementing advanced SAP application architectures. Education/Experience: • Bachelor's degree in Computer Science or a related field. • Master's degree in Business or Management Information Systems preferred. • 8-10 years of SAP functional systems experience. • SAP Certification preferred. Additional InformationAll your information will be kept confidential according to EEO guidelines.