• Compliance & Audit Leadership: Support the maintenance of our compliance frameworks, specifically ISO 27001 and SOC2 Type II. You will need to be comfortable being a primary point of contact for external auditors. • Client Assurance: Own the end-to-end process for Client Audits and Security RFIs, translating our complex technical controls into clear, professional, and digestible responses for stakeholders. • Cloud Governance: Apply a GRC lens to our cloud environment, ensuring that our AWS infrastructure aligns with best practices (CIS benchmarks) and triage alerts in line with our internal risk appetite. • Incident Management & Triage: Monitor security tools and act as a first-to-second responder for alert triage. You’ll manage the lifecycle of security incidents, from discovery to post-mortem. • Third-Party Risk Management: Conduct thorough due diligence on suppliers, integrations , ensuring our supply chain meets our rigorous security standards. • Risk-Based Decision Making: Conduct risk assessments across the business, providing actionable advice that balances security requirements with operational efficiency. • Security Automation: Identify opportunities to automate manual GRC and SecOps tasks to increase the team's velocity.

Job Description Join one of the nation’s most comprehensive academic medical centers, UChicago Medicine as an Epic MyChart Analyst - Intermediate for the IT Clinical Applications department. This is a remote, work from home opportunity and you may be based outside of the greater Chicagoland area. The MyChart Analyst - Intermediate formulates and defines systems scope and objectives through research and fact-finding combined with an understanding of applicable business applications and industry requirements. With this knowledge, develops, configures, or modifies moderately complex information applications. Includes analysis of business and user needs, documenting requirements, and revising existing logic as necessary. Guides and collaborates with other Application Analysts. Contributes to application analysis and considers the business implication of the application of technology to the current business environment. Essential Job Functions - Evaluate business implications of technology on the current business environment - Analyze business and user needs, formulates and defines application requirement scope and objectives - Document Requirements in the BRD (Business Requirement Document) - Revise existing (problematic) application configuration or builds new application configuration - Unit test configuration and other application set up - Mentor less experienced Application Analysts Required Qualifications - Associate or bachelor’s degree or equivalent training or work experience - Epic MyChart certification is required - Minimum of 2 years of experience with information system software solutions - Working knowledge of multiple software applications, systems analysis/design, Integration/design, or web applications/design - Ability and commitment to meet deadlines and to operate in a fast-paced environment - Capable of working well in a diverse, multi-disciplinary team and successfully interacting with others at all levels of the organization, including remote teams - Beginning skills in documenting and analyzing business processes - General understanding of business, functional, and technical requirements - General understanding of underlying technologies: hardware, networking, applications - Excellent interpersonal, written, and oral communication skills, and effective presentation skills - Experience developing presentations for project work - Ability to plan and facilitate meetings with diverse participants - Ability to maintain a professional attitude and demeanor in both normal and pressure situations - Proven skills in problem solving Position Details - Job Type/FTE: Full Time (1.0 FTE) - Shift: Day - Location: Remote - Unit/Department: IT Clinical Applications - CBA Code: Non-Union Why Join Us We’ve been at the forefront of medicine since 1899. We provide superior healthcare with compassion, always mindful that each patient is a person, an individual. To accomplish this, we need employees with passion, talent and commitment… with patients and with each other. We’re in this together: working to advance medical innovation, serve the health needs of the community, and move our collective knowledge forward. If you’d like to add enriching human life to your profile, UChicago Medicine is for you. Here at the forefront, we’re doing work that really matters. Join us. Bring your passion. UChicago Medicine is growing; discover how you can be a part of this pursuit of excellence at: UChicago Medicine Career Opportunities UChicago Medicine is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, ethnicity, ancestry, sex, sexual orientation, gender identity, marital status, civil union status, parental status, religion, national origin, age, disability, veteran status and other legally protected characteristics. As a condition of employment, all employees are required to complete a pre-employment physical, background check, drug screening, and comply with the flu vaccination requirements prior to hire. Medical and religious exemptions will be considered for flu vaccination consistent with applicable law. Compensation & Benefits Overview UChicago Medicine is committed to transparency in compensation and benefits. The pay range provided reflects the anticipated wage or salary reasonably expected to be offered for the position. The pay range is based on a full-time equivalent (1.0 FTE) and is reflective of current market data, reviewed on an annual basis. Compensation offered at the time of hire will vary based on candidate qualifications and experience and organizational considerations, such as internal equity. Pay ranges for employees subject to Collective Bargaining Agreements are negotiated by the medical center and their respective union. Review the full complement of benefit options for eligible roles at Benefits - UChicago Medicine.

An inclusive work environment is an empowering one. At Cutover, we lead with empathy and enable others to succeed through curiosity, kindness, and self-expression. Location: US, remote (CST or EST time zone), willing to travel to New York office for audits as required We regret that we are unable to provide work visa sponsorship at this time. Cutover provides enterprise technology operations teams with an AI-powered SaaS solution that automates and streamlines complex processes with intelligent runbooks. The Cutover solution enables teams to respond to incidents quickly, recover from IT outages, and manage cloud migrations with precision and efficiency. Cutover is used in many of the world's largest financial institutions to support their critical technology operations, including 5 out of the top 6 largest asset managers and 3 out of the top 5 US banks. What does this role mean to us? We are looking for a versatile, proactive mid-Level Security Analyst to join our lean but high-impact security team. This “generalist” role offers a 360-degree view of Information Security and is designed for someone who thrives on variety—one day you’ll be leading a SOC 2 audit, and the next you’ll be triaging a security alert or refining our AWS security posture. As a key member of a small team, you won’t just be following a playbook; you’ll be writing it. You will have significant autonomy and the power to influence our global security strategy directly. What will you be doing as our Information Security Analyst? - Compliance & Audit Leadership: Support the maintenance of our compliance frameworks, specifically ISO 27001 and SOC2 Type II. You will need to be comfortable being a primary point of contact for external auditors. - Client Assurance: Own the end-to-end process for Client Audits and Security RFIs, translating our complex technical controls into clear, professional, and digestible responses for stakeholders. - Cloud Governance: Apply a GRC lens to our cloud environment, ensuring that our AWS infrastructure aligns with best practices (CIS benchmarks) and triage alerts in line with our internal risk appetite. - Incident Management & Triage: Monitor security tools and act as a first-to-second responder for alert triage. You’ll manage the lifecycle of security incidents, from discovery to post-mortem. - Third-Party Risk Management: Conduct thorough due diligence on suppliers, integrations , ensuring our supply chain meets our rigorous security standards. - Risk-Based Decision Making: Conduct risk assessments across the business, providing actionable advice that balances security requirements with operational efficiency. - Security Automation: Identify opportunities to automate manual GRC and SecOps tasks to increase the team's velocity. What we’d like you to bring to the table… - 3-5 years experience in Information Security, with a proven track record in a ‘full stack’ security or GRC role - Experience triaging alerts (CSPM/SIEM/EDR), incident management and a foundational understanding of cloud native security tools - You enjoy creating processes where none exist and can move from "problem identified" to "solution implemented" independently. - You’ve led SOC2 or ISO27001 audits and know how to manage evidence collection, auditor expectations and communicate to stakeholders effectively. - Relevant certifications are a plus (CISA, CISSP), but we value functional experience and the ability to apply security principles to real-world business problems above all else. The good stuff… - We're excited to offer Share Options as part of our compensation package. - 20 days of PTO per year + public holidays, and we want you to take all of them! - 3 volunteer days to use for any charitable/voluntary cause you would like. - A top-tier private health insurance package. - 401k contribution plan - Work from home stipends - A personal learning and development budget through Learnerbly. You’ll be supported in your quest for knowledge, whatever that looks like to you. - If you’re thinking of starting or growing your family, then you’ll be in great company - more than half of our team are parents and we’ve built a globally consistent parental leave approach that we’re proud of. - Employee Referral Scheme. - Safeguarding the mental health of our teams is paramount for us. If you’d like to, then you’ll be able to avail yourself of multiple Cutover mental health initiatives, from fully subsidized therapy sessions to subscriptions to leading wellbeing platforms. Target compensation package: $145,000-155,000 base salary + stock options + benefits The final offer may vary from the target compensation package, taking into consideration factors such as your experience level and skill set. If we aren't aligned on salary at this stage, we’d still love to hear from you to better understand if there are more suitable opportunities at Cutover. Diversity Statement - Empowering Our Teams We encourage our team to bring their authentic selves to work, which we have found has strengthened workplace relationships and fostered a genuine sense of community. If you are excited by this role, we invite you to apply! Even if your profile doesn’t check all the boxes, please don't simply scroll past! We recognize that talent lies everywhere and that some demographic groups are more likely to apply for a "stretch role" than others. We are always open to different perspectives and professional backgrounds to keep Cutover's culture evolving and to ensure that we never stop learning. Cutover is an Equal Opportunity Employer. Maintaining an equitable hiring process is imperative to our mission. All applicants are considered without regard to race, ethnicity, national origin, religion, sex, gender identity, sexual orientation, age, mental or physical disability, marital status, protected veteran or parental status. Learn more about Life at Cutover, our Guiding Principles, and our latest news on Twitter and LinkedIn

Salary: $90,000-$110,000 Compass Technology is a dedicated internal team for Compass Group delivering enterprise-wide initiatives that support our diverse customer base and enhance our business operations. Our domain encompasses a vast spectrum of opportunities, from hands-on desk support to Cybersecurity, Cloud Engineering, AI, and Modern Application development. We are committed to building robust IT infrastructures, driving digital transformation, and much more. Job Summary The Cyber Security Analyst is a key contributor in the Cybersecurity organization, primarily responsible for designing, administering, and continuously improving Compass Group North America’s phishing simulation and security awareness program. This role focuses on reducing organizational risk from email borne threats—such as phishing, business email compromise (BEC), malware delivery, and credential harvesting—by shaping user behavior through realistic simulations, targeted education, and measurable outcomes. In addition to leading phishing simulation and awareness initiatives, the cyber security analyst provides support for email security alerting and response, including analysis of reported phishing messages and collaboration with Cybersecurity Administration and Incident Response teams when real-world threats are identified. The ideal candidate is detail oriented, metrics driven, and comfortable blending user communication and technical analysis to strengthen Compass’s human layer defenses. Job Responsibilities - Administer the enterprise phishing simulation program, including campaign planning, user segmentation, scheduling, templates, landing pages, and reporting, ensuring simulations reflect current threat trends and business relevant scenarios. - Design and deliver targeted security awareness and training materials, such as microlearning's, job aids, tip sheets, and role or behavior based interventions informed by simulation results and observed attack patterns. - Analyze phishing simulation and awareness metrics, including susceptibility rates, reporting rates, repeat clickers, and false positives, and translate results into actionable insights and recommendations for technical and business stakeholders. - Continuously mature the phishing and awareness program, introducing new attack techniques (e.g., QR phishing, OAuth consent phishing, BEC scenarios) and adjusting cadence, difficulty, and messaging to align with organizational risk priorities. - Partner with Cybersecurity leadership, HR, and Compliance to align phishing simulations and awareness initiatives with policy requirements, training expectations, and broader culture of security objectives. - Serve as a subject matter resource for phishing related education, providing guidance to stakeholders on emerging social engineering trends and prevention strategies. - Monitor email security posture and phishing activity to identify trends and insights that inform awareness content and simulation design. - Coordinate with Incident Response and other cyber teams on confirmed incidents, ensuring lessons learned are fed back into simulations and training content to prevent recurrence. Program and Operational Support - Generate regular metrics for reporting and dashboards covering phishing simulation performance, awareness effectiveness, email threat trends, and communicate results clearly to both technical and nontechnical audiences. - Support tuning and optimization of phishing defense and email security tooling where improvements directly enhance reporting accuracy, user experience, or simulation fidelity. - Document simulations, investigations, and program changes to ensure repeatability, auditability, and continuous improvement. Qualifications & Experience - 3+ years of experience in cybersecurity, security awareness, phishing defense, or a closely related discipline, with hands-on experience supporting phishing simulations and/or user education initiatives. - Practical experience with phishing simulation and email security platforms, ideally including KnowBe4, Abnormal, and/or Proofpoint (or comparable enterprise solutions). - Strong understanding of phishing and social engineering techniques, attacker tradecraft, and how human behavior influences organizational security risk. - Working knowledge of email security fundamentals (message anatomy, headers, URLs, attachments, sender reputation) sufficient to support investigations and accurate training content. - Demonstrated ability to analyze metrics and trends and translate technical data into clear, actionable awareness messaging. Strong written and verbal communication skills, with the ability to engage effectively with technical teams and end users. Experience working with documentation, metrics, and repeatable processes to support program maturity and operational consistency. Apply to Compass Group today! Click here to Learn More about the Compass Story Compass Group is an equal opportunity employer. At Compass, we are committed to treating all Applicants and Associates fairly based on their abilities, achievements, and experience without regard to race, national origin, sex, age, disability, veteran status, sexual orientation, gender identity, or any other classification protected by law. Qualified candidates must be able to perform the essential functions of this position satisfactorily with or without a reasonable accommodation. Disclaimer: this job post is not necessarily an exhaustive list of all essential responsibilities, skills, tasks, or requirements associated with this position. While this is intended to be an accurate reflection of the position posted, the Company reserves the right to modify or change the essential functions of the job based on business necessity. We will consider for employment all qualified applicants, including those with a criminal history (including relevant driving history), in a manner consistent with all applicable federal, state, and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York Fair Chance Act. Compass Technology maintains a drug-free workplace. Applications are accepted on an ongoing basis. Associates at Corporate are offered many fantastic benefits. - Medical - Dental - Vision - Life Insurance/ AD - Disability Insurance - Retirement Plan - Paid Time Off - Holiday Time Off (varies by site/state) - Associate Shopping Program - Health and Wellness Programs - Discount Marketplace - Identity Theft Protection - Pet Insurance - Commuter Benefits - Employee Assistance Program - Flexible Spending Accounts (FSAs) - Paid Parental Leave - Personal Leave Associates may also be eligible for paid and/or unpaid time off benefits in accordance with applicable federal, state, and local laws. For positions in Washington State, Maryland, or to be p formed Remotely, click here or copy/paste the link below for paid time off benefits information. https://www.compass-usa.com/wp-content/uploads/2023/08/2023_WageTransparency_CorpAndFoodbuy.pdf Certain positions may require Florida Level 2 background screening. Details: https://info.flclearinghouse.com/ Req ID: 1514147 Compass Technology MARY DICKSON