Aon sp. z o.o. IT Risk & Governance Manager Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organization, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed. What the day will look like - Policy & Standards Management - Create, maintain, and govern technology policies, standards, and procedures in partnership with stakeholders. - Ensure documentation is current, consistent, and aligned to organizational risk appetite and regulatory requirements. - Drive periodic policy reviews, approvals, and communication across impacted teams. - Provide guidance and interpretation of policies and standards to technology and business teams. - Technology Controls & Assurance - Design, implement, and maintain technology control library aligned to policies, frameworks, and regulatory expectations (e.g., access management, change management, incident management, data protection, resilience, etc.) - Ensure critical systems and data are safeguarded, and controls are regularly reviewed for effectiveness and compliance - Partner with Technology and Cybersecurity teams to remediate control gaps and strengthen the control environment. - Coordinate and support internal/external audits, control testing, and assurance activities - Track issues, findings, and remediation plans to timely closure, escalating when necessary - Technology Risk Management - Identify, assess, and monitor technology risks across applications, infrastructure, and services. - Develop and maintain technology risk registers, ensuring risks are clearly documented, assessed, and tracked to remediation. - Provide risk guidance for new initiatives, technology changes, and vendor engagements. - Support the definition and monitoring of risk appetite, key risk indicators (KRIs), and metrics. - Regulatory Governance & Compliance - Monitor relevant regulatory requirements, industry standards, and best practices related to technology risk (e.g., cybersecurity, operational resilience, data protection). - Support regulatory exams, inquiries, and responses for technology-related topics. - Translate regulatory expectations into practical control and process requirements for technology teams. - Prepare and deliver governance materials and risk reporting for senior management and governance forums/committees. - Stakeholder Engagement & Governance Forums - Partner with Technology, Cybersecurity, Compliance, Internal Audit, and Business stakeholders to align on risk priorities and remediation plans. - Prepare clear, concise reporting on technology risk posture, key issues, and trends for leadership. - Promote a risk-aware culture by providing training and guidance on technology risk, controls, and governance. Skills and experience that will lead to success Required: - Bachelor’s degree in Information Technology, Information Security, Risk Management, Business, or related field (or equivalent experience). - Demonstrated experience (e.g., 4–8+ years) in technology risk management, IT audit, information security, technology controls, or related governance roles. - Strong understanding of technology risk concepts and common frameworks (e.g., ISO 27001, NIST, COBIT, ITIL, or similar). - Experience with technology control design, implementation, and testing. - Knowledge of regulatory and compliance requirements related to technology and data (e.g., operational risk, data protection/privacy, cybersecurity, financial services regulations as applicable). - Proven ability to develop and manage policies, standards, and procedures. - Strong analytical, problem-solving, and documentation skills with attention to detail. - Excellent communication skills, with the ability to explain complex risk and control topics to both technical and non-technical stakeholders. - Ability to work independently and collaboratively in a fast-paced, matrixed environment. Preferred (nice to have): - Professional certifications such as CRISC, CISA, CISSP, CGEIT, or similar. - Experience in a regulated industry (e.g., financial services, healthcare, utilities). - Experience with GRC tools/platforms for risk, control, and issue management. - Background supporting large-scale technology programs or transformation initiatives. How we support our colleagues In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognise that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace. Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com Please attach CV in English only. #technologyandsecurity #LI-MK1 #LI-REMOTE 2573728

Title: Vulnerability Assessment Analyst Clearance: Active TS Required, Q Clearance preferred Education: Bachelor’s degree preferred Years Experience: all levels available Location: fully remote Compensation: DOE ($50K-$130K/yr.) Overview: A Vulnerability Assessment Analyst is responsible for identifying, analyzing, and mitigating security vulnerabilities within an organization’s systems and networks. They play a crucial role in safeguarding digital assets by conducting assessments, preparing reports, and recommending solutions to enhance security posture. The role of a Vulnerability Assessment Analyst is increasingly critical in today's cybersecurity landscape, as organizations face a growing number of cyber threats. By proactively identifying and mitigating vulnerabilities, these analysts help protect sensitive information and maintain the integrity of IT infrastructure. In this role you will: Perform assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable programs, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Key Responsibilities - Conduct Vulnerability Assessments: Perform assessments of systems and networks to identify vulnerabilities and deviations from acceptable configurations and policies. This includes both technical evaluations (technology) and non-technical evaluations (people and operations). - Prepare Audit Reports: Document findings from assessments, including technical and procedural issues, and provide recommended remediation strategies to address identified vulnerabilities. - Maintain Cyber Defense Tools: Utilize and maintain specialized cyber defense audit toolkits and software to support vulnerability assessments and audits. - Analyze Cyber Defense Policies: Evaluate the organization's cyber defense policies and configurations to ensure compliance with regulations and organizational directives. - Conduct Penetration Testing: Support or conduct authorized penetration testing on enterprise network assets to identify potential security weaknesses. - Stay Updated on Threats: Keep abreast of the latest cybersecurity threats, vulnerabilities, and compliance requirements to effectively safeguard organizational assets. - Collaborate with IT Teams: Work closely with IT and security teams to implement security measures and improve the overall security posture of the organization. Skills and Knowledge Required - Technical Proficiency: Knowledge of network security architecture, application vulnerabilities, and penetration testing principles is essential. - Analytical Skills: Ability to analyze complex systems and identify potential security risks. - Communication Skills: Strong written and verbal communication skills to prepare reports and present findings to stakeholders. - Certifications: Relevant certifications such as CompTIA CySA+, CompTIA Security+, and others can enhance job prospects and demonstrate expertise in the field. Note This job description in no way states or implies that these are the only duties to be performed by the employee(s) of this position. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and responsibilities are essential functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. Who we are...  August Schell offers 30 years of experience in providing our customers innovative solutions and engineering services to their most challenging needs. We thrive on navigating complex IT difficulties and are driven to find the best solutions for our customers. Our team delivers expert knowledge in cyber security, big data, endpoint security and cloud solutions. Our ability to serve our customers with continued excellence is a direct reflection of our dedicated and exceptional people. At August Schell, we are not only a team, we are a family. Equal Employment Opportunity August Schell Enterprises Inc. is an Equal Employment Opportunity Employer. We are committed to providing a workplace that is free from discrimination and harassment based on race, color, religion, sex (including pregnancy, sexual orientation or gender identity), national origin, age, marital status, disability, protected veteran status or any other characteristic protected by applicable law. Accommodations If you are an individual with a disability and would like to request a reasonable accommodation during the application or hiring process, please contact Human Resources at hr@augustschell.com

• Assist with Epic Configuration: Support customization and configuration of Epic applications to meet organizational needs. • Workflow Analysis: Observe and document clinical and administrative workflows to understand system requirements. • Testing & Validation: Participate in testing new builds, upgrades, and patches to ensure accuracy and functionality. • End-User Support: Help troubleshoot basic issues and escalate complex problems to experienced analysts. • Training Support: Assist in creating user guides and training materials for member staff. • Documentation: Maintain detailed records of system changes, workflows, and troubleshooting steps. • Collaboration: Work closely with experienced analysts and clinical teams to learn best practices in healthcare IT.

Position Overview At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. PNC is an in-office company that fosters a supportive culture where employees can thrive and achieve balance. We encourage candidates to connect with their recruiter and hiring manager to understand workplace expectations and ensure the role aligns with their goals. As a Detection & Investigation Analyst Lead within PNC's FDO Zelle Fraud organization, you will be based in Pittsburgh, PA, Birmingham, AL, Strongsville, OH. This is a remote position. Work may be performed from a quiet, confidential space in a home location, approved by PNC. This position may not be available in all geographic locations. *Outbound Zelle Team* Friday - Monday: 9:30 am - 8:00 pm ET Are you curious? If you are given enough data, are you able to extrapolate what future data would likely indicate? Are you comfortable with new technology, and willing to continually learn? If you are watching a mystery movie, are you bothered when the criminals get away with their crime? If so, this may be the position for you! Systems Used & Experience Preferred: • Actimize • Service Browser • BlueZone (Mainframe/COR) • EDGE • Excel • Google • ZAP • Avaya • Innovis • Web Browsers • WebView • Verint Attributes: • Curious • Analyze • Detect Patterns • Foresight - given enough data, are able to anticipate what future data would likely indicate. • Adaptable to change, new technology, and willing to continually learn • Have a passion for stopping the criminals. Responsibilities of this position includes: • Outbound Zelle fraud support • Analyzing cases generated from the enterprise fraud detection systems • Talking with customers whose transactions are suspicious of potential fraud. • Card Free ATM fraud support • Analyzing cases generated from the enterprise fraud detection systems • Reporting of suspected fraud • As requested, tasks to help sustain and improve department processes and procedures. This position may be eligible for remote work in select geographic locations, subject to approval by PNC. If approved, work must be conducted from a quiet, secure, and confidential home-based workspace. Occasional in-office participation may be required based on business needs. PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position. Job Description - Reviews and investigates customer cases, reports and work for potential and actual loss. Minimizes fraud, Anti-Money Laundering and/or organizational risk. Performs early detection of suspicious activity. Controls and prevents losses. May lead the work of and/or train detection and investigation staff. - Researches and analyzes bank activities and reports to detect and prevent possible fraudulent and suspicious activities. Recommends disposition. Identifies gaps and control enhancements. - Uses defined research procedures to identify and resolve issues. Identifies trends and escalates as appropriate. - Follows standards and practices to mitigate fraud, Anti-Money Laundering and other risk exposure and loss. Shares best practices among the team and/or service partners. - Prepares and maintains appropriate documentation of analysis performed and coordinates with internal or external stakeholders as appropriate. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: - Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions. - Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework. Qualifications Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position. Preferred Skills Analytical Thinking, Customer Solutions, Decision Making, Operational Risks, Problem Resolution, Researching, Risk Mitigation Strategies Competencies Anti-money Laundering/Sanctions Policies and Procedures, Business Ethics, Business Process Improvement, Decision Making and Critical Thinking, Effective Communications, Fraud Detection and Prevention, Information Capture, Operational Risk, Problem Solving, Standard Operating Procedures Work Experience Roles at this level typically require a university / college degree with < 1 year of professional experience and/or successful completion of a formal development program. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered. Education Bachelors Certifications No Required Certification(s) Licenses No Required License(s) Pay Transparency Base Salary: $37,440.00 – $61,000.00 Salaries may vary based on geographic location, market data and on individual skills, experience, and education. Application Window Generally, this opening is expected to be posted for two business days from 03/16/2026, although it may be longer with business discretion. Benefits PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives. In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service. To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com. Disability Accommodations Statement If an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com. Please include “accommodation request” in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call 877-968-7762 and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. At PNC we foster an inclusive and accessible workplace. We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions. Equal Employment Opportunity (EEO) PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law. This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history. California Residents Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.