Security engineer jobs in Valparaiso, IN

Network & Systems Engineer (IT Generalist & Security Focus) 📍 On-site | New Lenox, IL We're partnering with a well-established organization in the healthcare industry to hire a Network and Systems Engineer - a versatile, hands-on IT professional who can manage and secure the company's full technology environment. This role is 100% on-site at the New Lenox, IL headquarters and requires daily in-person support for users, hardware, and network infrastructure. About the Role As a key member of the IT team, the Network & Systems Engineer will design, maintain, and secure the company's network and server environment while providing Tier 1 and Tier 2 support across all systems. You'll manage everything from network security and database administration to ERP support and e-commerce integrations - perfect for someone who thrives as a technical “jack of all trades.” Key Responsibilities Provide Tier 1 and Tier 2 support for hardware, software, and user devices (desktops, laptops, mobile, peripherals). Administer user accounts, Active Directory/Azure AD, and Windows systems. Design, implement, and maintain LAN/WAN/Wi-Fi networks for performance and security. Configure and manage firewalls, VPNs, IDS/IPS, and security policies. Conduct network security audits, vulnerability assessments, and incident response. Support and maintain the ERP system (Prophet 21 by Epicor) including reporting, data integrity, and performance. Manage SQL Server and Microsoft Access databases - backups, tuning, and security hardening. Develop and maintain reports using SAP Crystal Reports and SQL queries. Assist with API integrations and reporting automation. Support the technical and connectivity aspects of the BigCommerce e-commerce platform. Oversee IT asset management, inventory, and hardware lifecycle. Required Skills & Experience Proven experience as a Network Engineer, Systems Engineer, or IT Generalist with a cybersecurity focus. Strong knowledge of networking (TCP/IP, routing, switching, VLANs, VPNs, firewalls). Hands-on experience with Windows OS (desktop and server) and Active Directory/Azure AD. Proficiency in SQL and Microsoft Access for database management. Experience with Prophet 21 (P21) and SAP Crystal Reports is required. Familiarity with API integrations and e-commerce platforms (BigCommerce preferred). Excellent troubleshooting, communication, and documentation skills. Must be available to work fully on-site in New Lenox, IL. Preferred Qualifications Experience with Linux systems. Familiarity with Power BI or Tableau for business intelligence. Certifications such as CompTIA Network+, Security+, CCNA, or CISSP. Knowledge of cloud networking (AWS, Azure, GCP). Scripting experience with PowerShell or Python. 💡 Why Apply? This is an exciting opportunity for a technically curious and self-driven IT professional who enjoys variety, autonomy, and making a direct impact. You'll play a vital role in maintaining secure, efficient, and modern systems that power critical operations every day.

Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorganChase within the Cybersecurity and Technology Controls line of business, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. **Job responsibilities** + Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs + Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability + Be responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events + Adds to team culture of diversity, opportunity, inclusion, and respect **Required qualifications, capabilities, and skills** + Formal training or certification on security engineering concepts and 5+ years applied experience + This is a software engineering role that requires hands-on coding experience + Skilled in planning, designing, and implementing enterprise-level security solutions + Advanced in one or more programming languages + Advanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.) + Extensive experience with threat modeling, discovery, vulnerability, and penetration testing + Ability to tackle design and functionality problems independently with little to no oversight + Practical cloud native experience **Preferred qualifications, capabilities, and skills** + 3+ years experience in software engineering, and 1+ year experience in product security + Experience working with either SCA, SAST, or DAST tooling + Experience building security in CI/CD workflows **\#CTC** JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management. We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process. We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation. JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans **Base Pay/Salary** Chicago,IL $147,250.00 - $225,000.00 / year

Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Addison, Texas; Jersey City, New Jersey; Boston, Massachusetts; Charlotte, North Carolina; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (*********************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the security resilience of the bank's applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. These individuals are expected to perform application security-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated source code. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior. + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing to identify high-value vulnerabilities/chained attacks. + Developing Proof-of-concepts for exploitation. + Perform assessments of the security, effectiveness, and practicality of multiple technology systems. + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications. + Provide clear and practical advice regarding managing risks. + Learn and develop advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills. + Respond to security incidents and provide technical assistance to leadership across the Information Security organization. Required Skills: + Minimum of 5+ years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment + Detailed technical knowledge in at least 5 of the following areas: + security engineering + application architecture + authentication and security protocols + application session management + applied cryptography + common communication protocols + mobile frameworks + single sign-on technologies + exploit automation platforms + Web APIs + Cloud environments + LLM security + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with DAST and SAST tools to identify vulnerabilities + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques. + Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction + Threat Analysis, threat modelling and SBOM analysis + Innovative thinking, threat actor simulation + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/All Practitioner Certs [Port Swigger BSP Academy]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester Academy] + Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

Arete Technologies, Inc. offers set of innovative Consulting and Outsourcing services, bridging the gap between requirements and outputs of various dexterous and facile companies worldwide. The thrust of providing global deliverables with focus on providing paramount and unsurpassed services combined with cost saving solutions to the clients We understand the business requirements in the present day corporate scenario and aspire to provide world-class services enabling the organization to burgeon and flourish while keeping the work-life balance intact. The Global delivery mechanism followed at Arete Technologies, Inc. saddles proficient schemas and unconventional channels to provide one-stop solutions for all your workforce needs. our Team is an exquisite amalgamation of vast experiences of over 30 years in IT Consulting and Staffing industry. Connoisseurs in the field of staff augmentation for IT, we operate on 24 by 7 model with an aim of providing affordable and adept professionals with an assurance of satisfaction for both Consultants and Clients. We are pre-eminent service providers in the field of staff augmentation, IT Consultancy, Software development, Web Development providing unexcelled services and focusing on both the employers and employees. Job Description • Must have 4+ years' experience with Sourcefire IPS • Must have experience in IPS placement and installation • Must have planned and upgraded the Sourcefire appliances • Must have team management and customer interaction skills • Must have experience in managing vendor relationships • Must have exposure in defining SLAs • Must have expertise in defining Standard Operating Procedures • Must have expertise in Remote Infrastructure management for network and information security Qualifications ***citizen or green card only**** Additional Information Best Regards Alka Bhatia

About the role: We are seeking a Lead Security Engineer to help drive our security detection and response efforts. In this role, you will be responsible for designing, implementing, and improving security monitoring, automation, and response capabilities. You will work closely with security engineers, analysts, and cross-functional teams to strengthen our security posture. This position is based in our Chicago office. We follow a hybrid policy of at least 4 days onsite. Morningstar's hybrid work environment gives you the opportunity to collaborate in-person each week as we've found that we're at our best when we're purposely together on a regular basis. In most of our locations, our hybrid work model is four days in-office each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues. Key Responsibilities Lead security detection and response initiatives, ensuring effective threat monitoring, investigation, and mitigation. Develop and maintain security detections across SIEM, SOAR, and EDR platforms. Architect and optimize security automation workflows to enhance threat response efficiency. Collaborate with our in-house SOC and IT teams to refine detection and preventative capabilities and reduce false positives. Research and implement new security technologies and best practices to enhance monitoring and response effectiveness. Perform security assessments, tuning detection rules, and developing playbooks for security incidents. Mentor junior engineers and contribute to security strategy and roadmap planning. Requirements 5+ years of hands-on experience in security engineering, threat detection, and response. Strong expertise with SIEM, SOAR, and EDR. Experience developing and tuning detections using logs, telemetry, and threat intelligence. Proficiency in scripting and automation (Python, PowerShell, Bash, etc.). Strong understanding of attack techniques (MITRE ATT&CK framework) and incident response methodologies. Ability to analyze security telemetry, investigate threats, and develop effective mitigation strategies. Excellent communication skills and ability to collaborate across teams. Preferred Qualifications Experience with cloud security monitoring (AWS, Azure, GCP). Familiarity with security frameworks (NIST, CIS, ISO 27001). Certifications such as GIAC (GCDA, GCIH, GCFA), OSCP, CISSP, or relevant credentials. If you are passionate about security, automation, and detection engineering, we'd love to hear from you! Apply today to be a part of our growing security team. Compensation and Benefits At Morningstar we believe people are at their best when they are at their healthiest. That's why we champion your wellness through a wide-range of programs that support all stages of your personal and professional life. Here are some examples of the offerings we provide: Financial Health 75% 401k match up to 7% Stock Ownership Potential Company provided life insurance - 1x salary + commission Physical Health Comprehensive health benefits (medical/dental/vision) including potential premium discounts and company-provided HSA contributions (up to $500-$2,000 annually) for specific plans and coverages Additional medical Wellness Incentives - up to $300-$600 annual Company-provided long- and short-term disability insurance Emotional Health Trust-Based Time Off 6-week Paid Sabbatical Program 6-Week Paid Family Caregiving Leave Competitive 8-24 Week Paid Parental Bonding Leave Adoption Assistance Leadership Coaching & Formal Mentorship Opportunities Annual Education Stipend Tuition Reimbursement Social Health Charitable Matching Gifts program Dollars for Doers volunteer program Paid volunteering days 15+ Employee Resource & Affinity Groups Total Cash Compensation Range $114,100.00 - 193,975.00 USD Annual Inclusive of annual base salary and target incentive Morningstar's hybrid work environment gives you the opportunity to collaborate in-person each week as we've found that we're at our best when we're purposely together on a regular basis. In most of our locations, our hybrid work model is four days in-office each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues. 100_MstarResCanad Morningstar Research, Inc. (Canada) Legal Entity

The Role We are seeking a hands-on, outcome-driven Information Security Engineer who thrives at the intersection of technical execution and security operations mentorship. You will design, deploy, and maintain security technologies, lead incident response alongside our analysts, and serve as a force multiplier for the security program. This role requires a builder mindset-you won't just keep the lights on, you'll create repeatable processes, automation, and measurable improvements. You'll also be expected to mentor our analysts, helping them grow while raising the overall maturity of our SOC. This role will be reporting to the Information Security Operations Manager. This role is based in Chicago. The role is primarily remote but you must live within the Chicagoland area to come into the office as needed. Responsibilities Operational Excellence Lead incident response cases, ensuring timely containment, eradication, and recovery. Oversee daily system operations, tuning, and health of security tools (SIEM, EDR, email security, vulnerability management, DLP, DNS protection). Own the vulnerability management cycle: identification, prioritization, and remediation tracking against defined SLAs. Provide Tier 3 escalation support and guidance for SOC and analyst team. Engineering & Architecture Design and implement security controls across network, endpoint, application, and cloud environments. Drive automation and SOAR integrations to reduce analyst fatigue and increase response speed. Build and maintain playbooks, standard operating procedures, and evidence packs for compliance frameworks (NIST 2.0, SOC 2, HIPAA). Conduct penetration testing and application security assessments, validating remediation. Mentorship & Enablement Act as point of contact for incident escalations, providing calm, clear direction. Mentor security analysts and guide them in investigative techniques, root cause analysis, and threat hunting. Represent InfoSec in change advisory board (CAB) and project management meetings, ensuring security-by-design. Translate technical risks into business impact for stakeholders across retail, cultivation, and HQ operations. Qualifications Bachelor's degree or higher in Information Security, or at least 6 years' experience in Information Technology, or 4 years in Information Security. ISC(2) CISSP, ISC(2) CCSP, CCNA-S, or similar certifications can help you stand out, but not required. Experience in executing security solutions from concept through deployment. Experience in Incident Response. Strong understanding of Information Security technologies, design, and architecture. Proven track record of training or mentoring fellow colleagues. Demonstrated ability to self-direct tasks with minimal supervision to achieve goals. Strong written and oral communication skills. Deep knowledge of network, endpoint, application, and cloud security. Foundational knowledge of CIS, COBIT, NIST, MITRE, OWASP, or other common security frameworks or control schemes. Foundational knowledge of risk management and disaster recovery planning / management. Foundational knowledge of compliance standards like SOX, SOC2 and ISO 27001 or regulations like GDPR, PCI, CCPA, HIPAA. Strong problem-solving skills with well-organized and structured work habits. Ability to keep calm in high-stress or emergency situations. Ability to think abstractly and critically to consider potential concerns and determine their validity. Ability to discuss highly technical situations in terms that non-technical stakeholders can effectively understand. An insatiable intellectual curiosity and the ability to learn quickly in a complex space. Additional Requirements Must pass any and all required background checks Must be and remain compliant with all legal or company regulations for working in the industry Must be a minimum of 21 years of age #LI-HYBRID The pay range is competitive and based on experience, qualifications, and/or location of the role. Positions may be eligible for a discretionary annual incentive program driven by organization and individual performance. Green Thumb Pay Range$110,000-$140,000 USD

The Aspen Group (TAG) is one of the largest and most trusted retail healthcare business support organizations in the U.S. and has supported over 20,000 healthcare professionals and team members with close to 1,500 health and wellness offices across 48 states in four distinct categories: dental care, urgent care, medical aesthetics, and animal health. Working in partnership with independent practice owners and clinicians, the team is united with a single purpose: to prove that healthcare can be better and smarter for everyone. TAG provides a comprehensive suite of centralized business support services that power the impact of five consumer-facing businesses: Aspen Dental, ClearChoice Dental Implant Centers, WellNow Urgent Care, Chapter Aesthetic Studio, and Lovet. Each brand has access to a deep community of experts, tools and resources to grow their practices, and an unwavering commitment to delivering high-quality consumer healthcare experiences at scale. As a reflection of our current needs and planned growth we are very pleased to offer a new opportunity to join our dedicated team as a AI Security Engineer. Job Overview: An AI security engineer designs and implements security controls for AI systems, protecting models, data, and infrastructure from threats like adversarial attacks and prompt injection. Key responsibilities include performing technical security assessments, developing AI-specific defenses, integrating security into the AI/ML lifecycle, and creating automated security tools for tasks like threat detection and compliance. This role requires a combination of cybersecurity fundamentals and AI-specific knowledge, including secure coding for AI and understanding AI-related vulnerabilities. Essential Job Duties Collaboratively develop agent RBAC (role-based access control) to ensure AI agents operate under permissions aligned to firm roles, enforcing least-privilege access Design integrations for AI systems with corporate IAM/SSO (Entra, Okta, etc.) to manage persona- and role-based access across the enterprise Design Data Loss Prevention (DLP) and redaction pipelines to prevent confidential, regulated, or proprietary data from being sent to external LLM endpoints Provide technical advice, direction, and hands-on support to design and develop safe, compliant, and resilient AI workflows Evaluate existing and proposed AI/ML architectures for bias, fairness, drift, hallucination, and security risks; recommend controls aligned with NIST AI RMF, EU AI Act, ISO/IEC 42001, CIS Collaborate with Information Security, Cloud, Governance, and Engineering teams to implement standardized AI safety and compliance practices Actively contribute to the development of AI security standards, playbooks, and architectural patterns Automate guardrails, compliance checks, and AI gateway protections for scale and efficiency Build and maintain initiative-level artifacts, including AI policy-as-code configs (YAML), architectural diagrams, and risk assessments Monitor, log, and audit AI activity for policy violations, compliance tracking, and security event correlation. YAML-based guardrails, architectural diagrams, and AI risk assessments Design and build systems to detect and prevent AI abuse, such as anti-abuse agents. Perform technical security assessments, code reviews, and penetration testing on AI products and systems. Integrate security controls throughout the AI/ML lifecycle, from data handling and model training to deployment and monitoring. Develop and implement AI-driven automation for tasks like real-time alert enrichment, log analysis, and incident triage using tools like Security Copilot and other AI-assisted platforms. Research and reproduce vulnerabilities in AI systems, develop mitigation strategies, and work with engineering teams to improve security. Contribute to creating and implementing governance policies, security standards, and privacy frameworks for AI systems. Develop AI-specific incident response plans and playbooks. Stay up-to-date on emerging AI security threats, such as adversarial attacks, prompt injection, and data leakage. Skills and Experience At least 5+ years' experience in cybersecurity, including compliance and risk management with a system and network security engineering background. Strong background in traditional cybersecurity, including networking, web-based protocols, and security systems. Experience in secure software development, including secure coding for AI-powered applications. Familiarity with AI concepts, machine learning, and the AI/ML lifecycle. Experience with implementing security controls like encryption, access controls, and authentication for AI systems. Experience with security tools and platforms like Chronicle & Orca/Wiz, and familiarity with concepts like SAST/DAST. Excellent problem-solving, communication, and leadership skills. Experience with dynamic and static analysis tools. Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively. Additional Qualifications Experience with applications hosted in Google Cloud Platform (GCP), Amazon Web Services (AWS) or Microsoft Azure. Experience with cryptography controls and measures to secure applications and data. Proficiency with scripting in Python, JavaScript, PowerShell, PHP or Ruby. Proficiency with Terraform, Python, and cloud automation Prior experience in cloud security, data protection, and SIEM/logging for AI traffic Experience with one or more of the following: ISO 27001, NIST, PCI Data Security Standard (PCI DSS), HIPAA, Health Information Technology for Economic and Clinical Health (HITECH) Act, SOX, the General Data Protection Regulation (GDPR), Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2. Working knowledge of Windows, Linux and Unix. Familiarity with state privacy laws. Highly trustworthy; leads by example. Education Requirements Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent. Experience Requirements 5-7+ years of related experience required Certification Requirements SANS certifications (GWAPT) and others; CISSP (preferred, or CSSLP), OSCP (and related) Annual Salary Range: $130,000-$150,000/year, with a generous benefits package that includes paid time off, health, dental, vision, and 401(k) savings plan with match. If you are an applicant residing in California, please view our privacy policy here: *********************************************************************************

Details: Stefanini Group is looking for Senior Cloud Security Engineer - Cloudflare WAF for a globally recognized company! For interested applicants, click the apply button or you may reach out to Alfher Hidalgo at **************/**************************** for faster processing. Thank you! *****REMOTE ROLE***** Job Title: Cloud Security Engineer - Cloudflare WAF & Bot Management Job Summary: We are seeking an experienced Cloud Security Engineer with expertise in Cloudflare Web Application Firewall (WAF), Bot Management, Content Delivery Network (CDN), and DDoS Protection. This role will be responsible for implementing, configuring, and managing Cloudflare"s security and performance features to protect web applications and ensure high availability. Key Responsibilities: Configure, deploy, and maintain Cloudflare WAF rules and security policies to protect against common vulnerabilities (OWASP Top 10). Enable and manage Cloudflare CDN features to optimize content delivery, reduce latency, and improve user experience. Implement Cloudflare Bot Management to detect, block, or challenge malicious and unwanted automated traffic. Configure and monitor DDoS Protection using Cloudflare to mitigate volumetric, protocol, and application-layer attacks. Analyze traffic patterns and threats using Cloudflare analytics and logs; respond to security incidents as needed. Work with DevOps, development, and infrastructure teams to ensure secure deployment pipelines and integration with CI/CD tools. Evaluate and fine-tune security settings, rate limiting, page rules, access policies, and firewall configurations. Stay current with Cloudflare updates, emerging security threats, and best practices in web application security. Required Skills and Qualifications: 3+ years of experience in network or cloud security with direct hands-on experience in Cloudflare. Proficiency in configuring and managing Cloudflare WAF, Bot Management, Rate Limiting, and Rulesets (Managed & Custom). Experience with DDoS mitigation strategies and real-time incident handling. Familiarity with HTTP/HTTPS, DNS, TLS, and general web technologies. Understanding of CDN concepts and optimization strategies. Scripting skills (e.g., Python, Bash) for automation and monitoring tasks are a plus. Strong analytical and problem-solving abilities. Excellent written and verbal communication skills. Preferred Qualifications: Cloudflare Certified (e.g., Cloudflare Fundamentals or Advanced Security). Experience in DevSecOps, CI/CD pipelines, and security in cloud environments (AWS, GCP, or Azure). Exposure to tools like Terraform or Ansible for infrastructure as code Details: #LI-AH1#LI-REMOTE

The Cloud Security Engineer is primarily responsible for designing, implementing, and supporting secure Microsoft Azure cloud environments for the Firm. This individual will ensure that cloud-based development platforms, APIs, and applications follow best practices, regulatory requirements, and Firm-specific policies to protect sensitive Client and Firm data. The Cloud Security Engineer acts as a subject matter expert, collaborating with cross-functional teams to establish secure coding, deployment, and data management processes. This role also participates in security incident response activities related to cloud infrastructure and applications, ensuring timely detection, containment, and remediation of potential threats. This person will also contribute to our overall Cloud Security Strategy. Duties and Responsibilities Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Familiarity with AWS and Google cloud needed as well. Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring. Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management. Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing. Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production. Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows. Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices. Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes. Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions. Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA). Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem. Salaries vary by location and are based on numerous factors, including, but not limited to, the relevant market, skills, experience, and education of the selected candidate. If an estimated salary range for this role is available, it will be provided in our Target Salary Range section. Our compensation package also includes bonus eligibility and a comprehensive benefits program. Benefits information can be found at Sidley.com/Benefits. Target Salary Range $127,000 - $147,000 if located in Illinois Qualifications To perform this job successfully, an individual must be able to perform the Duties and Responsibilities (Duties) above satisfactorily and meet the requirements below. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the job. If you need such an accommodation, please email ************************** (current employees should contact Human Resources). Education and/or Experience: Required: Bachelor's degree with a preference for those with a degree in Computer Science, Information Security, Technology or a related field. Minimum of 3 years of experience in cloud security engineering, with a strong focus on Microsoft Azure. Hands-on experience with Azure security services (e.g., Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management). Experience designing and managing secure DevSecOps pipelines using Azure DevOps or equivalent tools. Strong understanding of cloud-based network security, encryption, and identity management best practices. Demonstrated ability to assess, troubleshoot, and remediate security issues in cloud environments. Preferred: Relevant cloud and security certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+). Experience in the legal, financial, or other highly regulated industries. Relevant certifications (e.g. CISSP, Security+, etc.) Familiarity with AWS and Google a plus. Other Skills and Abilities: The following will also be required of the successful candidate: Strong organizational skills Strong attention to detail Good judgment Strong interpersonal communication skills Strong analytical and problem-solving skills Able to work harmoniously and effectively with others Able to preserve confidentiality and exercise discretion Able to work under pressure Able to manage multiple projects with competing deadlines and priorities Sidley Austin LLP is an Equal Opportunity Employer #LI-Hybrid #LI-HM1

We have and exciting Embedded Security Systems Engineer/Technician opportunity with well-known client in The River North section of Chicago. Position is with a well-run integrator that is growing aggressively in both Illinois and also Nationally. If you enjoy learning and deploying new technology, this will be right up your alley! This position will require you to work in their office 2-3 days per week and you can also work remote 2-3 days/week. We are looking for a high-level Commercial/Industrial Security Technician (No wire pulling!!!!) with good programming, networking, and communication skills. Position will be a combination of programming, routine service, and basic systems admin tasks. *All applicants must be Lenel certified and/or highly proficient in programming Lenel. Milestone experience is also preferred. Basic database and networking skills also are required. There will be a TON of room to grow. Company is well run and values their employee's insights. They are small enough where your voice will be heard but big enough to play with the big boys (Siemens, JCI, Convergint etc….). If you are interested in discussing confidentially, please send an updated resume as a PDF or Word attachment. Keywords: KEYWORDS: IP Video, CCTV, Access Control, Card Access, Alarm, Biometrics, DVR, Systems Integration, Electronic Security Design Engineer, Lenel, Software House, SW House, Casi-Rusco, S2, IP Video, Honeywell Prowatch, AMAG, Genetec, CCure 9000, C-Cure 9000, Avigilon, Security Systems Technician, Security Systems Engineer, Security Technician, Security Installation Technician, Security Service Technician, Security Designer, Electronic Security Engineer, Physical Security Engineer, Security Systems Design, Security Applications Engineer, Security Pre Sales, Security Estimator, Electronic Security Estimator, Electronic Security Programmer, Access Control Programmer, Brad Culp Sr. Technical Recruiter/Partner Solution Staffing, Inc. 207 Amy Court North Wales, PA 19454 Ph: (267) 222-8760 Brad@Solutionstaffing.net www.solutionstaffing.net

Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. It's a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too. Foley & Lardner LLP is currently seeking a Senior Security Engineer to join the Architecture team in our Information Security department. The Senior Security Engineer is responsible for engineering and implementing solutions to enhance the Firm's security infrastructure, collaborating with the Information Security team, internal IT, and business units. This role focuses on securing cloud-based environments through initiatives such as Cloud Security Posture Management (CSPM), DevSecOps practices (e.g., automated security testing in CI/CD pipelines), Identity and Access Management (IAM/IDM) administration, and participation in Information Security Architecture reviews. Key responsibilities include implementing and maintaining robust security controls for technology infrastructure and cloud platforms, while ensuring secure integration of emerging technologies, including AI systems. The role also serves as an escalation resource for the Information Security Operations team, providing advanced expertise and support. As part of a small team, you will provide security guidance for the technology environment, aiming to mature the security control framework, develop tailored solutions for cloud workloads, and enhance overall security posture. You will act as a security advocate, advising key stakeholders on technology risk management and balancing security with business needs through effective mitigation strategies, ensuring safe adoption of cloud and related technologies. Responsibilities * Work in active partnership with key stakeholders to perform security architecture risk reviews * Develop and implement advanced-level Cloud Security solutions * Support and advance the overall Information Security technology roadmap * Provide recommendations for advancing the Information Security program, security policies, and security control standards to enhance operational practices * Create and maintain Information Security standards applicable to all technologies in the portfolio * Provide requirement, guidance, and vision to the vendor community to cultivate the appropriate combination of technology and feature capabilities to meet current and future security requirements * Execute on infrastructure threat and vulnerability management processes * Ensure security systems are upgraded by monitoring security environment, identifying security gaps and evaluating and implementing enhancements * Define, develop and maintain metrics and measurements for information security controls and processes * Respond to security-related issues, problems, crises, and critical situations to support resolution and minimize downtime * Act as a senior-level point of contact for incident investigations and minor security events (e.g., unauthorized access, non-compliance with Firm policies, fraud, service disruptions, etc.) to determine malfunctions, breaches, and remediation steps * Responsible for Information Security technology selection process to include requirements consolidation into RFI/RFP/RFQ, testing, POC, selection and deployment * Support audits against internal and industry process, quality, and security standards; drive initiatives and remediation efforts to correct non-conformance * Provide Information Security consulting on security related issues * Collaborate with peers to identify and implement improvement initiatives across the Firm, processes and toolsets * Manage multiple, parallel projects using formal project planning techniques * Ability to work evening and weekend hours as needed or directed. Some travel may be required Qualifications * Associate's Degree required; Bachelor's Degree preferably in Engineering, Information Technology, Computer Science, or similar strongly preferred * At least one of the following certifications required: CISSP, Microsoft Azure AZ-104 & AZ-500, CCSP, CCSK, CPT/CEH * Minimum of five (5) years in a professional technical Information Technology role required * Minimum of three (3) years of hands-on experience in Information Security with Cloud Security exposure required * Specialized Cloud Security certification(s) desired * SailPoint Identity and Access Management (IAM/IDM) vendor-specific certification(s) desired #LI-Hybrid In support of transparency and equity in the workplace, Foley provides salary ranges for all positions. The figures below represent the full compensation range of this position. The actual offered amount will be between the range minimum and midpoint based on the following factors: education, experience, geographic market, and internal pay equity at Foley.Chicago - $111,500 to $167,300

Job Description Support the Information security governance, risk management and compliance program, focusing on compliance and assurance. Facilitate the compliance and assurance program, by performing assurance assessments to ensure Alliant Credit Union (ACU) is compliant with regulatory and legal obligations. Help maintain the technical control library ensure assessments align securing ACU. Facilitate IT issue management by working with employees on scheduling calls and going over the issue and resolution. Essential Responsibilities Responsible to facilitate the compliance and assurance assessments and issue management via a GRC tool Conduct assurance assessment, including control test of design (ToD) and test of operating effectiveness (TOE) activities Provide recommendations on improving compliance-related processes and/or procedures and identify opportunities for ITGC/security compliance control automation Facilitate group and individual meetings, ensure that each meeting is organized and aligned and schedule walkthrough agenda addressing any issue that arise and and guiding towards actionable outcomes Assist internal and external audit teams to address inquiries Participate in InfoSec projects as assigned by management such as the review of documents Education Minimum- 4 Year Bachelors Degree in Computer Science, Information Security or Related Years of Experience Minimum - 2 Years Governance, Risk Management, Compliance within a financial institution or Security Compliance or Related In Lieu of Education 5 Years Governance, Risk Management, Compliance within a financial institution License/Certifications/Training Preferred: Compliance, Risk Management, or Governance certifications: CRISC, CISM or CISA Compensation & Benefits: Typical hiring range: $57,500 - $89,500 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge. Additional Compensation: Annual performance bonus Benefits: Alliant provides a benefits package including health care, vision, dental, and 401k with employer match. Additional Benefits: Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement *Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment. Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice.

Job Title: SAP Security Architect Duration for Contract: 5 Months + - ECC 6.0 Security design / architecture is the base requirement for the role. - 7+ years of experience in application or SAP ECC, BI, HR, portal and CRM security architecture, design and administration. Summary: Provide solutions architecture oversight for new development projects specific to SAP according to timelines and budget, while following accepted programming, testing and change control standards, and accepted business intelligence technology best practices. Job Responsibilities: • Define and document the structure, connections and relationships of business processes, organizational work groups, SAP data models, SAP applications, user interfaces, applications interfaces, SAP infrastructure and network topology. • Provide standards, guidelines and statements of direction for IT system architectures, establishing a framework that constrains the design of systems for the purpose of integration of systems and accessibility of data supporting various business processes and functions. • Define, design and develop the SAP enterprise systems information architecture to enable cross functional operational reporting and performance optimization. • Identify strategic opportunities and drive cross-business and cross-functional change. Skills: • Knowledge of ITIL and SDLC. • Experience in business system application design, development and installation. • Experience in planning/architecture development and support. • Experience designing and implementing advanced SAP application architectures. Education/Experience: • Bachelor's degree in Computer Science or a related field. • Master's degree in Business or Management Information Systems preferred. • 8-10 years of SAP functional systems experience. • SAP Certification preferred. Additional Information All your information will be kept confidential according to EEO guidelines.

Build your best future with the Johnson Controls team As a global leader in smart, healthy and sustainable buildings, our mission is to reimagine the performance of buildings to serve people, places and the planet. Join a winning team that enables you to build your best future! Our teams are uniquely positioned to support a multitude of industries across the globe. You will have the opportunity to develop yourself through meaningful work projects and learning opportunities. We strive to provide our employees with an experience, focused on supporting their physical, financial, and emotional wellbeing. Become a member of the Johnson Controls family and thrive in an empowering company culture where your voice and ideas will be heard - your next great opportunity is just a few clicks away! What we offer Paid vacation/holidays/sick time - 15 days of vacation first year Comprehensive benefits package including 401K, medical, dental, and vision care - Available day one Extensive product and on the job/cross training opportunities with outstanding resources Encouraging and collaborative team environment Dedication to safety through our Zero Harm policy Check us Out: A Day in a Life at Johnson Controls: What you will do Under specific direction, assists in the design, configuration, and operation of building systems including security, fire, and other low voltage control sub-systems (i.e. lighting, nurse call, data networks, etc.) to meet the intent of the project requirements. Assists in the development of software programs, commissioning and troubleshooting to ensure proper operations of the building control system. Provides detailed information and submittals to communicate design and operation to customers, consultants, Johnson Controls field installation team and subcontractors. How you will do it Design and configure technically complex Security & Fire systems as defined by the contract documents. Create flow diagrams, sequence of operations and bill of material, network layouts and electrical schematics as required. Develop and test software programs necessary to operate the system per the intent of the project requirements. Use your ability to integrate different Security subsystems with each other. Coordinate and create the necessary drawings and equipment schedules for submittals and installation. Select, order, and track the delivery of materials for assigned projects. Coordinate factory-mounting processes to meet factory and project schedule. Assist in the loading and commissioning of all system and network-level controllers as required. Assist in validation of complete system functionality and troubleshoot problems with subcontractors and other trades to ensure proper operation. Provide field change information to the project team for the creation of as-built drawings and software. Keep management and JCI contractor or customer informed of job progress and issues. Assist in performing site-specific training for owner / operator on the total building control system. Participate in release meeting with project field team. Perform value engineering to provide cost effective results while maintaining customer satisfaction. Adhere to safety standards. Operate with a high degree of regard to employee and subcontractor safety. What we look for: Required Experience in setting up application deployment (Installation, Configuration, Integration with other components) on Cloud environment based on underlying Application Architecture Experience in Disaster Recovery setup Administration, Maintenance and support of the Application instances on Reference, Validation and Customer environments Identify any known incident resolutions using a knowledge management system Apply identified resolutions to the incident and interact with the customer to ensure the incident has been properly resolved Antivirus - Symantec (Installation, updates and remediation's of antivirus client for servers and computers Off-shift support for machine moves quarterly maintenance Deployment of physical and virtual server deployment, troubleshooting and maintenance Ability to learn security software programs (I.E. C-cure9000, Milestone, Genetec) Strong technical skills in the domain of Windows Server 2008/2012, Microsoft Hyper-V and SCCM/SCOM/SCVMM is essential Basic MS SQL database and scripting skills is an asset Basic MS SQL database and scripting skills is an asset HIRING SALARY RANGE: $85,000 - $106,000 Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at ***************************************** #LI - AD2 #LI - DS1 Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.

Denver, Colorado;Seattle, Washington; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Charlotte, North Carolina; Jacksonville, Florida; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (****************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the vulnerability of the bank's applications to malicious hacking activity. This intermediate technical role is responsible for performing application security assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include performing research, understanding the bank's security policies, working with the appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing + Perform assessments of the security, effectiveness, and practicality of multiple technology systems + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications + Provide clear and practical advice regarding managed risks + Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills Required Skills: + Minimum of 4 years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment + Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services + SQL injection/XSS attack without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with SAST tools to identify vulnerabilities + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques + Solid programming/debugging skills + Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map + Threat Analysis + Innovative Thinking + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar + Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

The Cloud Security Engineer is primarily responsible for designing, implementing, and supporting secure Microsoft Azure cloud environments for the Firm. This individual will ensure that cloud-based development platforms, APIs, and applications follow best practices, regulatory requirements, and Firm-specific policies to protect sensitive Client and Firm data. The Cloud Security Engineer acts as a subject matter expert, collaborating with cross-functional teams to establish secure coding, deployment, and data management processes. This role also participates in security incident response activities related to cloud infrastructure and applications, ensuring timely detection, containment, and remediation of potential threats. This person will also contribute to our overall Cloud Security Strategy. Duties and Responsibilities * Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Familiarity with AWS and Google cloud needed as well. * Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring. * Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management. * Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing. * Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production. * Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows. * Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices. * Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes. * Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions. * Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA). * Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem. Salaries vary by location and are based on numerous factors, including, but not limited to, the relevant market, skills, experience, and education of the selected candidate. If an estimated salary range for this role is available, it will be provided in our Target Salary Range section. Our compensation package also includes bonus eligibility and a comprehensive benefits program. Benefits information can be found at Sidley.com/Benefits. Target Salary Range $127,000 - $147,000 if located in Illinois Qualifications To perform this job successfully, an individual must be able to perform the Duties and Responsibilities (Duties) above satisfactorily and meet the requirements below. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the job. If you need such an accommodation, please email ************************** (current employees should contact Human Resources). Education and/or Experience: Required: * Bachelor's degree with a preference for those with a degree in Computer Science, Information Security, Technology or a related field. * Minimum of 3 years of experience in cloud security engineering, with a strong focus on Microsoft Azure. * Hands-on experience with Azure security services (e.g., Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management). * Experience designing and managing secure DevSecOps pipelines using Azure DevOps or equivalent tools. * Strong understanding of cloud-based network security, encryption, and identity management best practices. * Demonstrated ability to assess, troubleshoot, and remediate security issues in cloud environments. Preferred: * Relevant cloud and security certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+). * Experience in the legal, financial, or other highly regulated industries. * Relevant certifications (e.g. CISSP, Security+, etc.) * Familiarity with AWS and Google a plus. Other Skills and Abilities: The following will also be required of the successful candidate: * Strong organizational skills * Strong attention to detail * Good judgment * Strong interpersonal communication skills * Strong analytical and problem-solving skills * Able to work harmoniously and effectively with others * Able to preserve confidentiality and exercise discretion * Able to work under pressure * Able to manage multiple projects with competing deadlines and priorities Sidley Austin LLP is an Equal Opportunity Employer #LI-Hybrid #LI-HM1

Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorganChase within the Cybersecurity and Technology Controls line of business, you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. Job responsibilities Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability Be responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events Adds to team culture of diversity, opportunity, inclusion, and respect Required qualifications, capabilities, and skills Formal training or certification on security engineering concepts and 5+ years applied experience This is a software engineering role that requires hands-on coding experience Skilled in planning, designing, and implementing enterprise-level security solutions Advanced in one or more programming languages Advanced knowledge of software application development and technical processes with considerable in-depth knowledge in one or more technical disciplines (e.g., cloud, artificial intelligence, machine learning, mobile, etc.) Extensive experience with threat modeling, discovery, vulnerability, and penetration testing Ability to tackle design and functionality problems independently with little to no oversight Practical cloud native experience Preferred qualifications, capabilities, and skills 3+ years experience in software engineering, and 1+ year experience in product security Experience working with either SCA, SAST, or DAST tooling Experience building security in CI/CD workflows #CTC

Job Description Job Title: SAP Security Architect Duration for Contract: 5 Months + - ECC 6.0 Security design / architecture is the base requirement for the role. - 7+ years of experience in application or SAP ECC, BI, HR, portal and CRM security architecture, design and administration. Summary: Provide solutions architecture oversight for new development projects specific to SAP according to timelines and budget, while following accepted programming, testing and change control standards, and accepted business intelligence technology best practices. Job Responsibilities: • Define and document the structure, connections and relationships of business processes, organizational work groups, SAP data models, SAP applications, user interfaces, applications interfaces, SAP infrastructure and network topology. • Provide standards, guidelines and statements of direction for IT system architectures, establishing a framework that constrains the design of systems for the purpose of integration of systems and accessibility of data supporting various business processes and functions. • Define, design and develop the SAP enterprise systems information architecture to enable cross functional operational reporting and performance optimization. • Identify strategic opportunities and drive cross-business and cross-functional change. Skills: • Knowledge of ITIL and SDLC. • Experience in business system application design, development and installation. • Experience in planning/architecture development and support. • Experience designing and implementing advanced SAP application architectures. Education/Experience: • Bachelor's degree in Computer Science or a related field. • Master's degree in Business or Management Information Systems preferred. • 8-10 years of SAP functional systems experience. • SAP Certification preferred. Additional InformationAll your information will be kept confidential according to EEO guidelines.