Title: Senior Engineer, Security Location: Chicago / United States Job Description: About Reverb Reverb is the largest online marketplace dedicated to buying and selling new, used, and vintage musical instruments. Since launching in 2013, Reverb has grown into a vibrant community of buyers and sellers all over the world. By focusing on inspiring content, price transparency, musician-focused e-commerce tools, a music-savvy customer service team, and more, Reverb has created an online destination where the global music community can connect over the perfect piece of music gear. We love working at Reverb because we're making the world more musical-through our marketplace and through Reverb Gives, which provides musical instruments to youth music education programs. We were named a "Best Place to Work" by Built in Chicago and a "Top Workplace'' by the Chicago Tribune. About the role We are looking for a security professional to join our enthusiastic team of security engineers. We are a team who value collaboration, authenticity, feedback, creative problem-solving, humility, and trust. Our team works with multiple security domains including application, cloud, and corporate security. Engineers on our team get the opportunity to explore multiple different security areas and grow themselves into areas they may not have worked in before. By taking a broad approach to security, our team ensures that every aspect of Reverb's business is safeguarded against potential breaches and vulnerabilities. As a member of our team, you will play a pivotal role in safeguarding our systems, code, networks, and customers from potential security threats. Your expertise in crafting, implementing, and managing security solutions will be essential in maintaining the integrity and availability of our services. You will work with teams across Reverb to build thoughtful solutions that balance our operational needs, customer experience and security requirements. We care deeply about encouraging an environment that promotes fulfilling and impactful work. You'll play an active role in selecting the projects and initiatives that are both exciting to you as well as meaningful to our company security posture. This is a full-time, hybrid position reporting to the Senior Director, Infrastructure Engineering. Our hybrid team members work from our Chicago office once a week [on Tuesdays]. Local candidates are preferred; however, we are open to fully remote candidates within the US for the right fit. Responsibilities - Lead the design, implementation, and maintenance of comprehensive security strategies and solutions to protect our networks, systems, and applications. - Conduct detailed security assessments to identify vulnerabilities and weaknesses in our infrastructure and applications. - Develop and enforce security policies and standards across the organization. - Collaborate with development and operations teams to integrate security practices into the software development lifecycle (SDLC). - Keep up with emerging security threats, vulnerabilities, and industry trends to ensure proactive defense mechanisms. - Lead incident response efforts, conduct post-incident analysis, and implement corrective actions to prevent future occurrences. - Mentor and guide junior security team members, fostering their professional growth and skills development. - Engage peer teams in collaboration efforts to address security concerns and provide recommendations for risk reduction. - Evaluate and select security technologies and tools to enhance the organization's security posture. Requirements - Extensive experience in any relevant security domain and deep knowledge of at least one of the following areas - - Cloud Security - Application Security - DevSecOps - Corporate Security - Familiarity with frameworks such as OWASP Top 10, CIS Controls, and NIST CSF - Hands-on experience with security tools such as EDR/XDR, WAF, SIEM, SAST/DAST, DLP, PAM, SOAR, CASB, etc. - Proficiency in scripting and programming languages (e.g., Python, Java, Bash, Ruby, Node) to automate security tasks and assess vulnerabilities.. - Excellent problem-solving skills and the ability to think critically under pressure. - Strong communication skills to effectively collaborate with technical and non-technical partners. - Good data gathering skills to connect and triage issues - Proven track record of leading security initiatives and driving projects to successful completion. Nice to Have - Development experience in Ruby, Ruby on Rails, or Node - Experience working with and implementing Terraform - Familiarity with WAF or CDN technologies, including Cloudflare - Hands-on knowledge of AWS Security including: IAM, SecurityHub, Config, etc - Understanding of Kubernetes Additional Information Remote-eligible roles (as indicated in the location header of each job description) are available in all U.S. states except Alaska and Hawaii. Remote roles are currently only available within the U.S. unless otherwise specified in the specific job description. Reverb offers a comprehensive total rewards package that combines base, bonus, and an array of benefits. Some of our key benefits include but are not limited to the following: - 100% paid premiums for medical, dental, and vision coverage for the employee, spouse or domestic partner, and all eligible dependents. Medical coverage includes gender affirming care. - Life, AD&D, and supplemental long-and short-term disability insurance - A matching 401(k) - A generous PTO policy that includes vacation, sick/mental health days plus 11 paid holidays and two floating holidays - Professional development and continued learning opportunities through access to mentoring, 1:1 coaching, and platforms like Skillsoft - 18 weeks of gender-neutral parental leave for the birth or adoption of a child - Up to $25,000 reimbursement of adoption and/or surrogacy related expenses - Paid sabbatical program - Annual work/life stipend - Ways to give back to your community through volunteer time off At Reverb, we believe that an equitable and inclusive workplace where people from all backgrounds can come, stay and thrive makes us a more relevant and resilient company. Reverb is an equal opportunity employer. We do not discriminate on the basis of race, color, ancestry, religion, national origin, sexual orientation, age, citizenship, marital or family status, disability, gender identity or expression, veteran status, or any other legally protected status. We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.

Job Title: Global Process Owner Location: Chicago, IL Job Description: Job Duties: As the Global Process Owner, Talent & Culture, you will be responsible for developing and implementing the vision, mission, governance and functional strategy for Morningstar's Talent & Culture processes, with an initial focus on driving global consistency with key processes and expanding Global Shared Services work. This role will drive effective documentation, governance controls, and technology use for key processes in Talent & Culture in addition to leading, supporting, and advising on the successful execution of key transformation and automation of operations programs and processes. This role is a close partner of the Global Operations team to drive operational success and deliver consistent experience across T&C. Develop and translate strategy into operational goals, objectives, and process transformation roadmap. Drive global deployment and adoption of Talent & Culture business processes with regional and local customization as needed. Develop standards that are consistently implemented by the operations team. Prioritize, design and communicate the global strategy for each end-to-end business process. Work closely with Global Operations team leader in execution plan of designed processes. Establish key service level agreements (SLAs) and metrics in partnership with Regional Leaders and Global Shared Services team. Build and foster a team to facilitate the execution of the global Talent & Culture business process strategies. Partner with Talent & Culture leaders to establish best in class strategy and practices for delivering employee programs. Collaborate with other functions, upstream and downstream, to align and leverage cross-process opportunities with a focus on enhancing effectiveness and efficiency. Act as a key stakeholder to foster an employee centric culture; continuously monitor the needs of the business. Remote work requests will be considered consistent with company policy. Job Requirements: This position requires Bachelor's degree in Human Resources Management, Business Management, Public Management, Operations Management, Business Analytics, or related field, or foreign equivalent and 5 years of relevant human resources experience in Global Leader, Talent Acquisition Programs, HR Operations & GSS Manager, HR Business Partner or related position required. This position requires Project Management Professional certification. This position also requires 5 years of experience with mentoring and coaching; 5 years of experience in HR data driven works by using PowerBI or TableAU; 5 years of experience in Workday admin, reports, security, and power user experience; 5 years of experience in project management and managing cross-locations projects; 5 years of experience in process governance & enhancement for multi-locations project; 5 years of experience in knowledge management in Confluence and Service Now; 3 years of experience in using Asana as project management board; 3 years of experience in employee service platform implementation in Service Now; 3 years of experience with Microsoft PowerApps automation skill; 2 years of experience in intranet platform implementation experience; 2 years of experience in leading focus groups in business team; and experience with Excel analysis, coaching, and Macro development. Will accept any suitable combination of education, training, and experience. Must possess unrestricted right to work in the U.S. in this position Base Salary Compensation: $156,458 - $170,000 Morningstar is an equal opportunity employer. Compensation and Benefits At Morningstar we believe people are at their best when they are at their healthiest. That's why we champion your wellness through a wide range of programs that support all stages of your personal and professional life. Here are some examples of the offerings we provide: - Financial Health - 100% 401k match up to 6% of salary - Stock Ownership Potential - Company provided life insurance - 1x salary + commission - Physical Health - Comprehensive health benefits (medical/dental/vision) including potential premium discounts and company-provided HSA contributions (up to $500-$2,000 annually) for specific plans and coverages - Additional medical Wellness Incentives - up to $300-$600 annual - Company-provided long- and short-term disability insurance - Emotional Health - Trust-Based Time Off - 6-week Paid Sabbatical Program - 6-Week Paid Family Caregiving Leave - Competitive 8-24 Week Paid Parental Leave - Adoption Assistance - Leadership Coaching & Formal Mentorship Opportunities - Annual Flex Stipend - $1000 annually to cover personal education & well-being expenses - Tuition Reimbursement - Social Health - Charitable Matching Gifts program - Dollars for Doers volunteer program - Paid volunteering days - 15+ Employee Resource & Affinity Groups Morningstar's hybrid work environment gives you the opportunity to collaborate in-person each week as we've found that we're at our best when we're purposely together on a regular basis. In most of our locations, our hybrid work model is four days in-office each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues.

Collaborate with a skilled team to test systems using a Whitebox approach, evaluate security controls, and enhance capabilities through shared expertise while focusing on data flow and access control measures.

FMS Defensive Cybersecurity Engineer Location: San Diego United States Job Description: FMS Defensive Cybersecurity Engineer, Mid The Opportunity: Are you looking for an opportunity to advance your experience in cybersecurity that will support international Security Cooperation? As a Cybersecurity Engineer, you will deliver the technical foundation and operational expertise required to modernize allied defense. Your role is to bridge the gap between U.S. standards and partner capabilities by deploying interoperable security stacks and building the workforce skills necessary for independent and joint defense operations. You don't just deliver tools, you deliver the capability for our allies to fight and win in cyberspace. In this role, you'll closely impact international Security Cooperation with U.S. Allies and Partner by delivering modern Cybersecurity capabilities to meet global security requirements. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers. What you'll do Do: - Deploy Interoperable SOC Stacks, and lead the hands-on installation and tuning of SIEM, SOAR, and XDR solutions within partner environments. - Ensure these platforms are optimized for real-time data sharing and seamless integration with U.S. defensive frameworks. - Design and execute technical "train-the-trainer" programs. - Work side-by-side with partner nation engineers to transition advanced skills in threat hunting, incident response, and SOC management, aligned with the NICE Framework. - Architect log ingestion and data integration frameworks that normalize multi-source intelligence. By delivering these pipelines, you enable allies to contribute to a shared, high-fidelity Common Operational Picture (COP). - Build and manage cloud-based virtual cyber ranges and integrated Learning Management Systems (LMS). - Provide the "digital playgrounds" where partner forces can safely simulate adversarial TTPs and validate their tactical proficiency. - Execute the tactical rollout of Zero Trust controls, such as identity and micro-segmentation to enable secure collaboration. You deliver technical architecture that allows partners to access shared mission data without compromising national security. - Spearhead the technical delivery of cyber range solutions for emulated environments, and provide the range infrastructure and real-time technical mentorship that matures partner nation response capabilities under combat-speed conditions. - Technical Advisory for Procurement: Conduct deep-dive evaluations of cyber solutions to ensure partners acquire battle-ready, DoD-compatible technology that fits their specific operational requirements and workforce maturity level. Join us. The world can't wait. You Have: - 3+ years of experience in cybersecurity engineering, including deploying technical solutions in support of DoD or international security cooperation - Experience in configuring SIEM/XDR platforms and managing virtualized lab environments, such as VMware, AWS, or Azure - Ability to translate complex technical concepts into structured training and performance-based evaluations for broad audiences - Secret clearance - Bachelor's degree - Information Assurance Management (IAM), Information Assurance Technical (IAT), or Information Assurance System Architect and Engineer (IASAE) Level I DoD 8570.1M certification Nice If You Have: - Experience working with foreign military cyber units in OCONUS environments - Experience in Python or PowerShell to automate range deployments and data normalization for partner networks - TS/SCI clearance - CISSP, GCIH, or GCIA certification - Completion of specialized training in cyber range orchestration Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $69,300.00 to $158,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Candidate AI Usage Policy AI is a part of our daily work at Booz Allen, and we are committed to the responsible and ethical use of AI tools. However, we want to ensure a fair candidate process based on your own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with responses during interviews (whether in-person or virtual) is prohibited unless permission is explicitly provided. Work Model Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings. - Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility. - Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility. - Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.