Fulltime Information Security Analyst openings in Chicago, United States on September 05, 2022

Analyst – IT Cyber Security at United Airlines

Location: Chicago

Description-ExternalWe have a wide variety of career opportunities around the world come find yours.

Technology/ITThe United IT team designs, develops and maintains massively scaling technology solutions that are brought to life with innovative architectures, data analytics and digital solutions.

Job overview and responsibilitiesThe Cybersecurity Incident Response & Threat Hunting function within Uniteds Cybersecurity & Digital Risk (CDR) group is responsible for all aspects of incident response and monitoring of application, and network security.

The Incident Response & Threat Hunting Analyst will be responsible for conducting data analysis of cybersecurity threat monitoring software resources to detect and identify cyber-risk activities.

In addition, you will be required to complete investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with other IT experts.
Additional tasks may include:
• Completing written reports in compliance with current reporting procedures and policies
• Must have the ability to write detailed, concise, and accurate reports
• Managing high risk information security incidents by working in conjunction with response partners and other CDR teams, utilizing next generation tools and technology to conduct deep behavioral analytics assessments/ investigations with a focus on mitigating information security related cybersecurity threats
• Providing on-call duties and support which may include after-hours support and coordination among CDR response teams
• Analyze data and evaluate relevance to a specific incident under investigation, document each stage of the investigation and maintain a focus on case logs and details and present findings via written reports and orally to key stakeholders in clear and concise language
• Ability to interact with and lead discussions with business executives across different functions and lines of business
• Ability to navigate and work effectively across a complex organization that is geographically dispersed
• Maintain an awareness of industry challenges and advancements to add value to existing technologies and processes used within the team
• Effectively communicates investigative findings to non-technical audiences
Required:
• 1 Years of security experience in Incident Response
• 2 Years of IT Experience
• Working knowledge of cybersecurity monitoring tools
• Working knowledge of security incident and event monitoring (SIEM)
• Working knowledge of end-point security tools
• Must be legally authorized to work in the United States without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the positionPreferred BS Degree in a relevant field to IT or Cybersecurity
• Working knowledge of Active Directory
• Working knowledge network & infrastructure operations
• One or more industry certifications_Equal Opportunity Employer Minorities/Women/Veterans/Disabled/LGBT_Division:47 Technology/ITFunction:Information Technology
Equal Opportunity Employer Minorities/Women/Veterans/Disabled
Apply Here
For Remote Analyst – IT Cyber Security roles, visit Remote Analyst – IT Cyber Security Roles

********

Lead Information Security Analyst at Wells Fargo

Location: Chicago

About this role:
Wells Fargo is seeking a Lead Information Security Analyst with experience in maturing, transforming, and driving program initiatives for our organization’s security monitoring, application and software development, incident response, threat hunting, and other cyber security initiatives. The candidate will support large-scale enterprise technical projects with high visibility and will help automate activities between teams. This position will also be enlisted at times to assist incident responders to determine the risk and impact of a security threat, and possible mitigation strategies. A key component of this position will be to provide crucial metrics associated with our ability to discover and react to security threats, develop reports for senior leadership, and participate in strategic planning. The role will assist in all regulatory / compliance matters, support the team’s internal audit, engagement with first and second line of defense, assist in documenting validation, providing evidence for closure and assist in any questions or outstanding tasks for closure of any risk items. This position will also help track technology Audits and Corrective Actions to determine efficiencies across technology implementations from monitoring. Supports acquisitions including coordination with third party risk, vendor management, and supply chain. Partners with vendor management and supply chain to issue and evaluate RFPs and to ensure successful implementation of enterprise agreements and acts as focal point for coordinating sourcing efforts across business entities. This role will also interface with internal teams within Information Cyber Security and develop tactical and strategic plans and processes to integrate research and data collected into actionable activities and reports.
In this role, you will:
• Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation
• Direct information security risk assessment and research, and recommend remediation plans and strategies
• Influence stakeholders on net new or on material changes to an asset to influence control decisions
• Provide consulting on security risk assessment and research, and recommend remediation plans and strategies
• Act as more experienced lead to the organization to develop security risk awareness and mitigating actions
• Consult the organization on complex security issues and findings
• Manage the most complex and critical information assets
• Evaluate and interpret internal and companywide information security policies, processes, standards, and participate with more experienced leaders in decision making on information security
• Serve as information security lead to advise on the development and delivery of Information Security Education and Awareness
• Collaborate and consult with peers, colleagues, and mid-level to more experienced managers to resolve issues and achieve goals
• Lead projects and teams
• Coordinate with vendor manager on third party assets to manage information security risks
• Serve as a mentor to less experienced staff

Required Qualifications, US:
• 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 2+ years of technical project coordinator experience
• 2 + years of experience in one or a combination of the following: strategic planning, initiative management or project management

Desired Qualifications:
• Knowledge and understanding of customer information systems development and implementation
• Knowledge and understanding of full life cycle software and application development
• Ability to manage projects or programs following a Standard Software Development Lifecycle (SDLC) approach, with scheduled release code deployments
• Vendor management experience
• Knowledge and understanding of banking or financial services industry
• Experience monitoring industry, technology, and regulatory trends to determine business impacts
• Relationship management experience delivering technology services between one or more internal technology organizations large internal lines of business
• Proven success in participating in multi-disciplinary teams with direct or matrixed management responsibilities to design and develop multi-channel threat mitigation strategies to including modeling/analysis, data analytics and visualization
• Ability to provide subject matter expertise on actual or perceived events as well as emerging technologies and tools and other line of business leaders
• Proven success in utilizing multiple methodologies to monitor key indicators for emerging threat trends.
• Proven success in participating in multi-disciplinary teams with direct or matrixed management responsibilities
• Ability to deal with ambiguity and drive decisions often based on limited information
• Industry recognized cyber security certifications such as SANS

Job Expectations:
• Ability to travel up to 10% of the time

We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
Apply Here
For Remote Lead Information Security Analyst roles, visit Remote Lead Information Security Analyst Roles

********

IT Security Analyst at Pareto Intelligence

Location: Chicago

The IT Security Analyst monitors and reports on security status using various security tools combined with analytic methods that correlate across systems to provide actionable information to IT and executive management on status and emerging threats. The position also contributes to the information security policy maintenance; assists with design of security policy education, training, and awareness activities; monitors compliance with Company security policies, regulatory requirements, and applicable laws; coordinates assessment, investigation, and reporting of security incidents. The position will work collaboratively with IT security custodians, Support Services, Application Development, Compliance Office, Facilities, Human Resources, Operations, and Client resources to monitor, assess, and fine-tune business continuity and disaster recovery programs; coordinate and assess risk assessments of third party vendors, coordinate and assess network and application penetration tests, vulnerability and risk assessment reviews to maintain, SOX, HITRUST, HIPAA Security Rule, and PCI compliance.
Essential Duties and Responsibilities
• Responsible for administering risk management, threat management, and security monitoring tools.
• Monitor and consult on information security issues related to Company and 3 rd parties, and workflow to ensure security controls are appropriate and operating as intended.
• Lead and oversee execution of IT security projects for the Company.
• Participate in internal SOX, SOC, HIPAA, PCI, ISO, and HITRUST risk assessments.
• Coordinate and manage responses to information security incidents.
• Assist in the development and upkeep of Information Security policies, procedures, standards and guidelines based on research, knowledge of best practices and compliance requirements.
• Conduct data classification assessment and security audits, and manage remediation plans.
• Perform security management functions by taking actions to mitigate risks, recommending security strategies, and ensuring controls are implemented and functional.
• Provide security governance by serving as oversight to ensure risks are adequately mitigated, and by aligning security strategies with business objectives and regulatory requirements.
• Interact with IT, Compliance, Facilities, HR and Operations management, legal counsel, safety and security, and law enforcement agencies to manage security vulnerabilities.
• Promote user security awareness.
• Conduct security research in keeping abreast of latest security issues, technologies, and trends.
• Prepare security documentation, including Company notifications and Intranet web content; contribute to Information Security Bulletin on Pulse community website
• Contribute to weekly Security dashboard and management report to include the Company risk register, threat detections, compliance gaps, vulnerability exposures, and remediation activity tracker.
• Conduct periodic client-specific and enterprise service continuity/recovery testing.
• Actively participate in security and information protection communities, groups, and networks.

Other Duties and Responsibilities
• Responsible for compliance with all federal, state and local laws, rules and regulations affecting Company.
• Responsible for participating in quality assurance, compliance and in-service and continuing education activities as requested by Company.
• Responsible for performing other duties and responsibilities as required.

How to Apply:
Interested in applying? Please contact Nathan DuBow directly at
Requirements
Knowledge, Skills, and Abilities:
• Specific systems knowledge :
• Microsoft operating systems, Active Directory security
• Linux/Unix operating systems
• Centralized anti-malware protection and system hardening
• Cisco networking products (routers, switches, firewalls, UCS)
• Data extraction and analytics, Excel formulas and pivot tables, CSV file manipulation
• Database security controls: MS SQL, MySQL, Oracle, Informix, and/or Postgresql
• Cloud security controls for Azure and Amazon Web Services
• General subject knowledge:
• ITIL framework (change, incident, problem, configuration, asset, and service level management)
• Project management methodologies
• Information security standards and frameworks, rules and regulations related to information security and data protection (e.g. HIPAA, SOX, PCI, NIST, ISO, COBIT, etc.);
• Principles for risk identification and analysis of desktops, servers, applications, databases, networks, and facilities.
• IT Security skills:
• Secure application coding practices, IIS web technology
• Ethical hacking practices
• Remote access technology
• Encryption best practices
• Security Incident and Event Management
• Intrusion detection and prevention
• File Integrity Monitoring
• Data Loss Prevention
• Computer forensic investigation practices
• VoIP security
• Endpoint Detection and Response
• Essential abilities:
• Strong analytical and problem solving capabilities.
• Excellent communication (oral, written, presentation), interpersonal and consultative skills.
Apply Here
For Remote IT Security Analyst roles, visit Remote IT Security Analyst Roles

********

Staff Information Security Analyst at Fortinet

Location: Chicago

Fortinet is looking for an Information Security Analyst to join a global Security Operations Center (SOC). This is a highly technical role, monitoring security events, identifying threats, assessing risks, providing incidence response, and working with leaders across Fortinet offices in the region to continue maturing Fortinet security posture and compliance. Fortinet SOC operates based on a follow the sun approach 24*7*365. Working hours for this position includes 5 days/40 hours per week, including Saturdays and Sundays and 3 weekdays of the candidate choice.

Description for Internal Candidates

Job Responsibilities:
• As a member of the Global Security Operations team, you will monitor logs, review alerts and investigate events and security incidents leveraging SIEM, SOAR and other tools
• Develop SOC processes and playbooks, and implement alerts, reports and dashboards to identify threats and incidents.
• Collect, review, and analyze security logs, identify abnormalities and violations.
• Coach and assist system administrators, product and application developers and users to ensure that appropriate controls are implemented and operating effectively in accordance with policies.
• Ensure compliance to required standards, procedures, guidelines and processes.

Skills and Qualifications:
• 3+ years of experience in Information Technology or Information Security role.
• SOC/NOC experience desired. Excellent verbal, written and interpersonal communication skills as well as attention to detail.
• Knowledge of Internet threat landscape and attacker motivations (phishing, malware, APT, DoS, etc.)
• Previous experience in an information systems or network administration role.
• Previous experience of at least one scripting language (e.g. Python, Groovy, Perl, Ruby, Shell scripting, etc.).
• Knowledge and experience working with various information security frameworks (ISO/IEC 27001, NIST 800-53, COBIT, etc) and regulatory frameworks (SOX, PCI-DSS 3.2, HIPAA, GDPR, etc.)
• Working knowledge of information security control technologies including access control, cryptography, vulnerability management, SIEM/log management, ID/IPS, and penetration test.
• Working knowledge on information technologies including Linux, Windows, VMWare, MySQL, MSSQL, Oracle, etc.
• Working knowledge of network protocols, DNS, and networking devices – routers, VPNs, proxies, firewalls.
• Demonstrate ability to engage and collaborate with employees, presenting a friendly, approachable demeanor to leverage security to help others succeed.
• Proficient in English verbal and written. Proficiency in regional languages, a plus.

Educational & Certification Requirements:
• Bachelor’s degree in Computer Science, Information Security or related field;
• A certification in one or more of the following desirable:
• CISSP, CCSP, CISA, CISM, CRISC, CCNA
• GIAC GCFE, GCFA, GCIH would be a plus

#LI-NK1
#GD
Apply Here
For Remote Staff Information Security Analyst roles, visit Remote Staff Information Security Analyst Roles

********

Information Security Risk and Compliance Analyst at Avant

Location: Chicago

The Information Security Risk and Compliance Analyst is responsible for supporting Avant’s security strategy within new and existing information security frameworks. The position requires both an understanding of compliance frameworks and is responsible for the planning and design of policies and process maintenance in addition to evaluation of internal and external partners against Avant’s control framework.

The ideal candidate is technical and possesses at least three years of experience in security,

compliance or risk management. The role oversees the business’ security requirements and

obligations mandated by standards and regulations such as the Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX) and Payment Card Industry Data Security Standard (PCI DSS) among other financial industry frameworks. In tandem with security leadership, the Information Security Risk and Compliance analyst consistently assesses and validates the assurance of the security program. As a primary point of contact for internal and external auditors, the Information Security Risk and Compliance analyst monitors progress and enforces remediation of outstanding issues that may lead to non-compliance or unacceptable risks to the business. As a key member of the security team, the Information Security Risk and Compliance analyst must focus on holistic risk management and not be driven solely by compliance.

What you will do at Avant:

● Conduct enterprise-wide, ongoing risk analysis in tandem with compliance and internal

audit.

● Maintain risk register and evidence archive in the Avant GRC platform.

● Document, formulate and enforce remediation activities that balance risk with business

operations and do not diminish efficiencies or innovation in the business.

● Partner with vendor management in oversight of third parties and business partners to

safeguard against undue risk presented by external entities.

● Analyze assessment findings, document, recommend and report remediation plans to

security leadership.

● Act as a key participant in incident response to track occurrence and resolution, with

strict documentation and reporting.

● Work in tandem with security engineering, internal audit and risk management

leadership to perform ongoing security program assessments .

● Attend and fully engage in change management meetings.

● Liaison with auditors, both internal and external, to attest and implement controls for

compliance and privacy laws.

● Perform other duties as assigned.

Why you are a fit for Avant:

● At least 3+ years’ experience in information security as a practitioner and with at least 2+

years exposure with various security frameworks.

● Knowledge of security technology skills for well-rounded proficiency, as well as proven

ability to align with security practices and compliance responsibilities.

● Experience and understanding of various regulatory requirements and laws, including

but not limited to PCI, GLBA, and NIST Security and Privacy Frameworks. Additional

experience in one or more of the following is a plus: ISO 27001/2, ITIL or FFIEC, FDIC

Regulatory Frameworks

● Exceptional written and verbal communication skills, and proven ability to translate

security and risk to business language.

● Working knowledge of technologies such as cloud computing, DevOps and

understanding of application security best practices as required.

● Up-to-date understanding of a wide-range of incident response, system configuration,

vulnerability management and hardening guidelines.

● Track record of acting with integrity, taking pride in work, seeking to excel, being curious

and adaptable, and communicating effectively.

● Preferred experience with cloud environments such Amazon Web Services (AWS),

Google Cloud and Microsoft Azure.

● Prior experience operating in a GRC system.

● Demonstrated problem-solving capabilities, and ability to manage complex local and

international security requirements.

● Self-motivated, directed and well-organized, with the anticipation to position controls in

anticipation of threats.

● Successful track record of managing relationships with external entities’ and mitigating

risks in business development opportunities.

● Familiarity with state, federal and international privacy laws.

● Highly trustworthy; leads by example.

● Bachelor’s degree in computer science, information assurance, MIS or related field, or

equivalent industry experience

● Hold or working toward one or more of the following a plus: CISSP, CRISC, or CISA,

CGRC

Check out our Avant Blog

We believe that a diverse set of backgrounds and experiences helps us create the most innovative solutions for our customers. We invite you to apply to our positions even if you do not meet 100% of the qualifications listed in the description. If you’re passionate about our mission and aligned to our values, we hope you’ll come contribute to our awesome culture.

Why Avant is the place for you:

At Avant, we believe our values make a difference:

Authenticity. We show up to work as our whole selves and make sure others can too.

Collaboration. We can only succeed when we do so as a team.

Problem-Solving. The harder the problem, the more satisfying the solution.

Customer. We are all owners of the customer experience.

Initiative. Plan. Adapt. Get Sht Done.

We believe that great ideas come from anyone and anywhere, that everyone is an owner who drives change, and that we have more fun when we work together. We’re problem solvers who love collaborating with intelligent and highly-motivated people to reshape the face of digital banking. Avant offers terrific perks and benefits, fun social events with employees who actually like hanging out together, and a flexible growth environment where trying your hand at new projects and being the active owner of your career path is encouraged and supported.

Some of our benefits include:
• Choice of great Medical, Dental, and Vision Insurance Plan options
• 401(k) Match
• Unlimited Paid Time Off
• Flexible Work Environment
• Generous Paid Parental Leave
• Lunch Allowance (Fooda) and In-office Snacks
• WFH Stipends for our Remote Employees
• Access to LinkedIn Learning for Professional Development
• No Meeting Wednesdays – (a.k.a. planned time to Get Sht Done)
• Summer Fridays
• Fun In-Office and Virtual Social Events
• And who doesn’t love the swag

This position may require you to be fully vaccinated against COVID-19. If required, you’ll be asked to provide proof that you’re fully vaccinated upon your start date or before working in or visiting our Chicago office. You’re considered fully vaccinated two weeks after you receive the second dose of a two-dose vaccine series (e.g., Pfizer or Moderna) or two weeks after a single-dose vaccine (e.g., Johnson & Johnson/Janssen). Failure to provide proof of vaccination may result in termination. Subject to applicable law and requests for accommodation.
Apply Here
For Remote Information Security Risk and Compliance Analyst roles, visit Remote Information Security Risk and Compliance Analyst Roles

********

Security Analyst at John Deere

Location: Chicago

There are over 7 billion people on this planet. And by 2050, there will be 2 billion more… many moving into urban centers at an unprecedented rate. Making sure there is enough food, fiber and infrastructure for our rapidly growing world is what we’re all about at John Deere. And it’s why we’re investing in our people and our technology like never before Here the world’s brightest minds are tackling the world’s biggest challenges. If you believe one person can make the world a better place, we’ll put you to work. RIGHT NOW.
John Deere is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to, among other things, race, religion, color, national origin, sex, age, sexual orientation, gender identify or expression, status as a protected veteran, or status as a qualified individual with disability.
Primary Location: United States (US) – Illinois – Moline
Secondary Location: Illinois, Chicago
Function: Technology (CA)
Title: Security Analyst – 87519
Onsite/Remote: Partial Remote Position
Visa sponsorship is AVAILABLE for this position
Your Responsibilities
As an IT Security Analyst in the Cyber Security Defense Center you will participate as a member of a highly-collaborative team responsible for identifying and remediating cyber security threat incidents. This role is designed to be an entry point to a career in IT Cyber Security at John Deere, it will perform initial triage and investigation of John Deere specific security events. A successful candidate will have the opportunity for career advancement in the areas of Advanced Incident Response, Threat Intelligence, Forensics and Tools. In addition, you will:
• Act as the central Command Center and escalate Cyber Security alerts to the appropriate response team.
• Correlate information from multiple sources to triage and investigate Cyber Security incidents.
• Participate in the Phishing monitoring and response process for company targeted email hacking campaigns.
• Understand the current Cyber Security threat landscape and apply best practices to existing incident processes.
• Document new and existing response processes according to incident lessons learned activities.
What Skills You Need
• Working knowledge of network, server/storage or system management practices
• Ability to participate in an on-call 24/7 support/remediation center and support the business off-hours as needed.
• Knowledge of application development practices
What Makes You Stand Out
• 2+ years of experience of security event triage and investigations, malware analysis methodologies, and related best practices.
• 3+ years of experience with managing various security tools involved in intrusion detection/prevention, forensics, virus control, vulnerability management
• Experience in security log monitoring tools including Security Information and Event Management (SIEM) systems
• Experience of working in a Security Operations Center (SOC) environment.
Education
• Ideally, you will have a bachelor’s degree in Information Technology discipline or equivalent work experience
What You’ll Get
At John Deere, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. Here, you’ll enjoy the freedom to explore new projects, the support to think outside the box and the advanced tools and technology that foster innovation and achievement. Additionally, we offer a comprehensive reward package to help you get started on your new career path, including:
• Flexible work arrangements
• Highly competitive base pay and performance bonuses
• Savings & Retirement benefits (401K and Defined Benefit Pension)
• Healthcare benefits with a generous company contribution in the Health Savings Account
• Adoption assistance
• Employee Assistance Programs
• Tuition assistance
• Fitness subsidies and on-site gyms at specific Deere locations
• Charitable contribution match
• Employee Purchase Plan & numerous discount programs for personal use
Click Here to find out more about our Total Rewards Package.
The information contained herein is not intended to be an exhaustive list of all responsibilities and qualifications required of individuals performing the job. The qualifications detailed in this job description are not considered the minimum requirements necessary to perform the job, but rather as guidelines.
The terms of the applicable benefit plans, and all company actions administering or interpreting these plans, continue to control. Deere & Company reserves the right to suspend, amend, modify, or terminate the Plan(s) in any manner at any time, including the right to modify or eliminate any cost-sharing between the company and participants. Changes, which can be made at any time, are made by action of the company’s board of directors, or to the extend authorized by resolution of its board of directors, or by the Deere & Company Compensation Committee. In the event of a conflict between the language of the official Plan Documents and this document, the language of the official Plan Documents will control.
ACA Section 1557 Nondiscrimination Notice
The John Deere Health Benefit Plans for Salaried and Wage Employees comply with applicable Federal civil rights laws and do not discriminate on the basis of race, color, national origin, age, disability, or sex.
Apply Here
For Remote Security Analyst roles, visit Remote Security Analyst Roles

********

Lead Information Security Analyst at Wells Fargo

Location: Chicago

• * About this role:
• * Wells Fargo is seeking a Lead Information Security Analyst with experience in maturing, transforming, and driving program initiatives for our organization’s security monitoring, application and software development, incident response, threat hunting, and other cyber security initiatives. The candidate will support large-scale enterprise technical projects with high visibility and will help automate activities between teams. This position will also be enlisted at times to assist incident responders to determine the risk and impact of a security threat, and possible mitigation strategies.

A key component of this position will be to provide crucial metrics associated with our ability to discover and react to security threats, develop reports for senior leadership, and participate in strategic planning. The role will assist in all regulatory / compliance matters, support the team’s internal audit, engagement with first and second line of defense, assist in documenting validation, providing evidence for closure and assist in any questions or outstanding tasks for closure of any risk items.

This position will also help track technology Audits and Corrective Actions to determine efficiencies across technology implementations from monitoring. Supports acquisitions including coordination with third party risk, vendor management, and supply chain. Partners with vendor management and supply chain to issue and evaluate RFPs and to ensure successful implementation of enterprise agreements and acts as focal point for coordinating sourcing efforts across business entities.

This role will also interface with internal teams within Information Cyber Security and develop tactical and strategic plans and processes to integrate research and data collected into actionable activities and reports.
• * In this role, you will:**+ Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation+ Direct information security risk assessment and research, and recommend remediation plans and strategies+ Influence stakeholders on net new or on material changes to an asset to influence control decisions+ Provide consulting on security risk assessment and research, and recommend remediation plans and strategies+ Act as more experienced lead to the organization to develop security risk awareness and mitigating actions+ Consult the organization on complex security issues and findings+ Manage the most complex and critical information assets+ Evaluate and interpret internal and company wide information security policies, processes, standards, and participate with more experienced leaders in decision making on information security+ Serve as information security lead to advise on the development and delivery of Information Security

Education and Awareness+ Collaborate and consult with peers, colleagues, and mid-level to more experienced managers to resolve issues and achieve goals+ Lead projects and teams+ Coordinate with vendor manager on third party assets to manage information security risks+ Serve as a mentor to less experienced staff
• * Required

Qualifications , US:**+ 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education+ 2+ years of technical project coordinator experience+ 2 + years of experience in one or a combination of the following: strategic planning, initiative management or project management
• * Desired

Qualifications:
• *+ Knowledge and understanding of customer information systems development and implementation+ Knowledge and understanding of full life cycle software and application development+

Ability to manage projects or programs following a Standard Software Development Lifecycle (SDLC) approach, with scheduled release code deployments+ Vendor management experience+ Knowledge and understanding of banking or financial services industry+ Experience monitoring industry, technology, and regulatory trends to determine business impacts+ Relationship management experience delivering technology services between one nology organizations large internal lines of business+ Proven success in participating in multi-disciplinary teams with direct or matrixed management responsibilities to design and develop multi-channel threat mitigation strategies to including modeling/analysis, data analytics and visualization+

Ability to provide subject matter expertise on actual or perceived events as well as emerging technologies and tools and other line of business leaders+ Proven success in utilizing multiple methodologies to monitor key indicators for emerging threat trends.+ Proven success in participating in multi-disciplinary teams with direct or matrixed management responsibilities+

Ability to deal with ambiguity and drive decisions often based on limited information+ Industry recognized cyber security…
Apply Here
For Remote Lead Information Security Analyst roles, visit Remote Lead Information Security Analyst Roles

********

Lead Information Security Analyst – IAM Controls at Wells Fargo

Location: Chicago

About this role:
Wells Fargo is seeking a Lead Information Security Analyst. This role is an individual contributor position that’s part of a team responsible for the assessment and adoption of Information Security Identity and Access Management (IAM) controls. The IAM organization owns and operates manual and automated controls to manage enterprise risk and reduce inappropriate access for organizational users. Frequent changes and updates to leveraged technology requires regular review of controls to confirm effectiveness as well as relevancy. Keeping abreast of changing risk, internal policy and regulatory landscape is critical to this role as well. Engaging with internal lines of defense, key business and technology stakeholders, and control owners/operators is part of the daily routine for this position. As a Lead Information Security Analyst – IAM Controls resource, you will be responsible for the assessment, adoption and oversight of IAM operated controls related to IAM products and services. You must be able to demonstrate in-depth knowledge of IAM controls and supported processes/procedures, risk assessment and controls testing methodologies across 3 lines of defense, and compliance and operational processes which includes successfully facilitating and completing associated deliverables. Knowledge of IT/IS control frameworks such as COSO, CoBIT, FFIEC and NIST is strongly encouraged as part of the benchmarking process that must also be supported by this role. This role is also responsible for the identification and escalation of emerging risks resulting from controls test findings, including providing input to control design/execution along with control administration changes. Partnership and collaboration with enterprise Risk and Control System (SHRP) administrators is necessary to ensure that controls are kept up-to-date, testing results are recorded and any findings are validated and have requisite remediation action plans. Familiarity with Risk and Control Self-Assessment (RCSA) processes and practices is foundational to ensure that IAM Controls resource has thorough understanding of how operational risks and the effectiveness of controls are assessed and examined.
In this role, you will:
• Maintain an advanced awareness of bank security policies and government regulations pertaining to information security
• Formulate and implement information security solutions and controls
• make decisions and resolve issues regarding changes to information security policy, standards, and procedures as needed for systems, applications and tool
• Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation
• Direct information security risk assessment and research, and recommend remediation plans and strategies
• Influence stakeholders on net new or on material changes to an asset to influence control decisions
• Provide consulting on security risk assessment and research, and recommend remediation plans and strategies
• Act as more experienced lead to the organization to develop security risk awareness and mitigating actions
• Consult the organization on complex security issues and findings
• Manage the most complex and critical information assets
• Evaluate and interpret internal and companywide information security policies, processes, standards, and participate with more experienced leaders in decision making on information security
• Serve as information security lead to advise on the development and delivery of Information Security Education and Awareness
• Collaborate and consult with peers, colleagues, and mid-level to more experienced managers to resolve issues and achieve goals
• Lead projects and teams
• Coordinate with vendor manager on third party assets to manage information security risks
• Serve as a mentor to less experienced staff

Required Qualifications, US:
• 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of IAM (Identity and Access Management) experience
• 2+ years of process improvement experience

Desired Qualifications:
• 3+ years of Microsoft office suite experience such as PowerPoint, Excel, Outlook and Word
• 5+ years of experience working with information security controls and deployments in a production environment
• 3+ years of IAM (Identity and Access Management) experience with application on-boarding, certifications or role management.
• 1+ years of information security architectural design and consulting experience
• Experience communicating and presenting complex information to multiple levels of the organization
• Strong time management skills and ability to meet deadlines
• Ability to work effectively, as well as independently, in a team environment
• Experience with synthesizing data from multiple sources and presenting it in appropriate formats
• Knowledge and understanding of information security management, audit, compliance and risk.
• Knowledge and understanding of financial services industry: compliance, risk management or audit operations
• Knowledge Information Security Frameworks and standards (FFIEC, NIST, ISO) experience
@RWF22
We Value Diversity
At Wells Fargo, we believe in diversity, equity and inclusion in the workplace; accordingly, we welcome applications for employment from all qualified candidates, regardless of race, color, gender, national origin, religion, age, sexual orientation, gender identity, gender expression, genetic information, individuals with disabilities, pregnancy, marital status, status as a protected veteran or any other status protected by applicable law.
Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
Candidates applying to job openings posted in US: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Candidates applying to job openings posted in Canada: Applications for employment are encouraged from all qualified candidates, including women, persons with disabilities, aboriginal peoples and visible minorities. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process.
Apply Here
For Remote Lead Information Security Analyst – IAM Controls roles, visit Remote Lead Information Security Analyst – IAM Controls Roles

********

Cyber Security Development Program at John Deere

Location: Chicago

There are 7 billion people on this planet. And by 2050, there will be 2 billion more… many moving into urban centers at an unprecedented rate. Making sure there is enough food, fiber and infrastructure for our rapidly growing world is what we’re all about at John Deere. And it’s why we’re investing in our people and our technology like never before in our 175-year history. Here the world’s brightest minds are tackling the world’s biggest challenges. If you believe one person can make the world a better place, we’ll put you to work. RIGHT NOW.
Primary Location: United States (US) – Moline, Illinois or Ames, IA
Function: Information Technology
Title: Cyber Security Development Program 2023a – 88397
Major Purpose
The new John Deere Smart Industrial strategy focuses on being a clear technology leader, so it is critical that our enterprise has the digital-ready skills to support this ambition. The Cyber Security Development Program is a 2-year program consisting of 12-month rotations through which new or recent college graduates build cyber security skills that are essential to future business growth and needs. As the primary entrance point for entry-level positions into our cyber security teams at John Deere, we emphasize building a solid foundation of knowledge and skills, providing development program employees with meaningful rotations, challenging work, and opportunities to meet and work with leadership in your area. Listed below are the Current rotational opportunities in the program:
• Cloud Controls (Ames, IA)
• Cybersecurity Defense Center (Moline, IL and Ames, IA)
• Internal Identity (Moline, IL)
• Security by Design (Moline, IL)
• Vulnerability Management (Ames, IA)
pment
What Skills You Need:
• A Bachelor’s or Master’s degree in Software Engineering, Computer Engineering, Cyber Security/Information Assurance, Computer Science, or Management Information Systems.
• Exposure to one or more programming languages; Python, Java, NodeJS, or scripting like Perl.
• Minimum cumulative GPA required of 2.8 on a 4.0 scale.
What Makes You Stand Out (Desired Skills or Experiences):
• Participation in Cyber Security Competitions, such as Capture the Flag.
• Background in networking, infrastructure, general cloud exposure, and experience with security concepts.
• Exposure to cloud concepts and AWS/Azure services.
• Knowledge of security concepts: vulnerabilities, ethical hacking, secure design.
Work Statement:
• US Visa sponsorship is not available for this position.
Must be able to relocate domestically. Assignments will either be in the Quad Cities area (Moline, IL/Davenport, IA) or Ames, IA area.
What You’ll Get
At John Deere, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. Here, you’ll enjoy the freedom to explore new projects, the support to think outside the box and the advanced tools and technology that foster innovation and achievement. Interns receive competitive compensation and are eligible for many of the benefits offered to full-time employees, including:

• Flexible work arrangements
• Highly competitive base pay
• Savings & retirement benefits (401k and Defined Benefit Pension)
• Healthcare benefits
• Employee Assistance Programs
• Tuition assistance
• Fitness subsidies and on-site gyms at specific Deere locations
• Charitable contribution match
• Employee Purchase Plan & numerous discount programs for personal use
Click here to find out more about our Total Rewards Package.
Apply Here
For Remote Cyber Security Development Program roles, visit Remote Cyber Security Development Program Roles

********

Security Analyst at DRW

Location: Chicago

Our formula for success is to hire exceptional people, encourage their ideas and reward their results.
Our global Security Engineering team is looking for a talented Security Analyst to join the team in our Chicago office. To flourish in this role, you will need a strong drive to learn and improve. When it comes to new technology, you’ll enjoy researching and evaluating new solutions using custom and commercial testing tools. You will be given the freedom and resources while being mentored by industry-leading engineers, all to provide you with the best possible environment to succeed at DRW.
How you will make an impact…
• Handle incident response for security alerts generated from various sources (IPS, Web Security, Endpoint Protection, Event Logs)
• Analyze and respond to global security events
• Perform SIEM product administration for event correlation and detection
• Perform SOAR playbook management and product administration
• Perform periodic vulnerability scans and associated remediation
• Reverse engineering Malware and identifying Indicators of Compromise (IoC)
• Drive automated detection, response and configuration through various scripting and programming languages.
• Evaluate commercial and open-source tools
• Attend security conferences, seminars and regular training to stay ahead of the ever-changing security landscape.
• Assess security risks as they relate to new projects and initiatives
• Collaborate with internal Infosec peers to continuously improve security posture
• Educate users on security best practices

What you bring to the team…
• A bachelor’s or master’s degree in computer science, electrical engineering, systems security or related discipline graduating between December 2022 and June 2023
• Interest in computer forensics and physical security
• A passion for security
• Knowledge of Windows, MacOS, and Linux operating systems
• Knowledge of core networking concepts
• Experience with Security Information and Event Management (SIEM) products
• Experience with data analysis of even data in security related sources such as IPS, Web Security, Endpoint Protection, Event Logs
• Experience with an interpreted language such Python, Ruby, or Perl
• Excellent verbal and written communication skills

DRW is a diversified trading firm with over 3 decades of experience bringing sophisticated technology and exceptional people together to operate in markets around the world. We value autonomy and the ability to quickly pivot to capture opportunities, so we operate using our own capital and trading at our own risk.

Headquartered in Chicago with offices throughout the U.S., Canada, Europe, and Asia, we trade a variety of asset classes including Fixed Income, ETFs, Equities, FX, Commodities and Energy across all major global markets. We have also leveraged our expertise and technology to expand into three non-traditional strategies: real estate, venture capital and cryptoassets.

We operate with respect, curiosity and open minds. The people who thrive here share our belief that it’s not just what we do that matters–it’s how we do it. DRW is a place of high expectations, integrity, innovation and a willingness to challenge consensus.

For more information about DRW’s processing activities and our use of job applicants’ data, please view our Privacy Notice at

California residents, please review the California Privacy Notice for information about certain legal rights at
Apply Here
For Remote Security Analyst roles, visit Remote Security Analyst Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo