I am...

Discovery is at the heart of everything we do. Wherever you find us around the world, if you can think of a product, you can probably find it in our stores, which include TJ Maxx, Marshalls, HomeGoods, Sierra, Winners, Homesense, and TK Maxx. With variety comes plenty of happy surprises—our environment is ever-changing, and that’s just how we like it. Every day is an opportunity to discover something new about our business, our partnerships and even something exciting about yourself. Ready to Discover Different?

• Partner with various teams in Cybersecurity and Loss Prevention to evaluate threats and threat actors.
• Research tactics and techniques associated with threat actors.
• Exchange threat information and lead threat hunting activities based on intelligence.
• Ensure TJX Cybersecurity Defense is well-positioned to defend against threats.

Required Qualifications:

• Minimum of 5 years of IT cybersecurity experience, including 1 year in a leadership role.
• Bachelor’s degree or equivalent experience in Cyber Security, Information Technology, Information Assurance, or a related field.
• Broad knowledge of concepts, technologies, and practices across multiple security domains, with an emphasis on cybersecurity threat intelligence.
• Experience in analyzing, gathering intelligence on, and documenting threat group activities; understanding of remediation and countermeasures for cybersecurity threats; knowledge of current adversary tactics and techniques, security analysis techniques, common vulnerability disclosures, and common types of data breach incidents.
• Familiarity with common sources (closed and open), threat information platforms and integration, and threat hunting packages used to develop threat intelligence.
• Familiarity with the NIST Cyber Security Framework (CSF), common security controls and their purposes, and technologies that supply those controls.
• Ability to lead, motivate, and direct a geographically distributed work group; strong performance management skills, including coaching, goal setting, and holding team members accountable for commitments.
• Highly developed verbal and written communication skills, including the ability to brief at multiple levels, from analysts to executives; ability to work up and down the organization and influence others to achieve results through building and maintaining partnerships.
• Ability to work effectively in a fast-paced, demanding, and fluid environment, remaining calm under pressure, and demonstrating excellent conflict management skills.

Preferred Qualifications:

• Master’s degree or equivalent experience in Cyber Security, Information Technology, Information Assurance, or a related field.
• Significant experience with security detection and response technologies (SOAR, SIEM, and sources of security data).
• Experience in participating in intelligence sharing within industry sharing frameworks and centers, such as ISAC organizations.
• Security certifications, especially those focused on threat intelligence and hunting (GCTI, CTIA, CISSP, etc.).
• Direct experience in other operational cybersecurity fields (e.g., leading a Security Operations Center, incident response, and/or other cybersecurity operations practices).

We are seeking a motivated and experienced professional to lead a team of analysts providing critical IT security operational services in Threat Intelligence and Threat Hunting. As an IT Security Manager, you will oversee a team delivering these services with operational excellence, including strategy, planning, budgeting, resourcing, execution, metrics development, reporting, and continuous improvement.

This position has a starting salary range of $122,400 to $159,100 per year. Actual starting pay is determined by a number of factors, including relevant skills, qualifications, and experience. This position is eligible for an annual incentive as well as long-term incentives.

Come Discover Different at TJX. From opportunity and teamwork to growth, we think you’ll find that it’s so much more than a job. When you’re a part of our global TJX family, you have the full support of a diverse, close-knit group of people dedicated to finding great deals and fantastic style. Best of all? They have a lot of fun doing it.

We care about our culture, but we also prioritize the tangible stuff (Competitive salaries: check. Solid benefits: check. Plenty of room for advancement: of course). It’s our way of empowering you to make your career here.

We consider all applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, gender identity and expression, marital or military status. We also provide reasonable accommodations to qualified individuals with disabilities in accordance with the Americans with Disabilities Act and applicable state and local law.

Position Summary:

The Penetration Tester will conduct technical testing which includes but not limited to, vulnerability scanning, penetration testing, and social engineering to identify security risks. Based on the results of the testing, this individual will then make recommendations for improvements through administrative, technical, and physical controls. This position will also assist with incident response investigations and documentation surrounding the incident.

Company Overview:

NA

• Perform vulnerability scanning and penetration testing of Client’s infrastructure, systems, and applications in accordance with best practices and regulatory requirements.
• Communicate identified risks with Heartland’s client and provide recommendations for risk mitigation.
• Perform social engineering assessments such as email phishing, pretexting phone calls, and physical entry, and provide recommendations for risk mitigation.
• Assist Information Security Consultants with review or analysis of technical projects and troubleshooting.
• Assist the Sales Team Member efforts by supporting initial scoping conversations and performing needs analyses to help drive business development efforts. Identify additional opportunities within existing client base and work with client to expand usage of Heartland’s service portfolio.
• Contribute to marketing activities by providing content suggestions and writing blog articles covering technical topics -- and attending trade shows, conferences, and professional association chapter meetings.
• Minimum of 1,350 hours billed per fiscal year prorated based on start date. These charge hour requirements will be balanced against professional development and on the job training.

Required Qualifications:

• 1+ years working with penetration testing, vulnerability scanning/assessments
• This can be on the job or demonstrated knowledge leveraging a platform like TryHackMe or HacktheBox
• Certifications: (eJPT, Certified Ethical Hacker CEH, or GIAC Penetration Tester GPEN, or other current industry standard certifications in areas of security expertise)
• At least one of these will be required within 6 months of employment.
• Ability to work within a team environment.

Preferred Qualifications:

• 1+ years working with the following utilities - (Nessus, Metasploit, BurpSuite)
• 1+ years managing small projects
• Ability to write executive level reports showcasing findings and recommendations
• Professional Certifications Preferred – (e.g., CISSP, CCNA, CCNP, O365, Azure, eJPT)

Equal Opportunity Employer - Including Disabled and Veterans

#HBS

Company Overview:

Yampa Valley Bank (YVB) is a full-service commercial bank that has been providing Genuine Hometown Banking for over two decades. As the only locally owned bank in the Yampa Valley, we bring value to our banking relationships by providing local decisions, local ownership and local investment to our communities. YVB is proud to power our communities by enabling our customers to succeed.

Role Summary:

Yampa Valley Bank's Compliance & Information Security Manager will perform a key risk management role to help ensure that Bank initiatives and business processes comply with applicable Federal and State banking laws and regulations. This position has the resources and executive level commitment to establish and maintain compliance excellence.

Location: Steamboat Springs, CO or Craig, CO or Remote. Position will require regular travel to Steamboat Springs, approximately once per month.

Compensation: Annual Base Salary of $85,000, depending on experience. Eligible for annual discretionary bonus with a target opportunity of 10% of base salary.

Benefits include: Paid Time Off of 30+ days per year (Vacation, Sick, Holidays), Medical, Health Savings Account, Dental, Vision, Disability, Life Insurance, 401(k) with company match.

• Research federal and state banking laws and regulations and review YVB's policies and procedures to ensure that the Bank is in compliance with laws and regulations.
• Responsible for internal audits and compliance area monitoring/auditing and establishing a risk weighted annual risk assessment for both audit and compliance.
• Provide subject matter expertise by responding to inquiries from all YVB departments regarding the proper application of compliance laws, regulations, and related requirements.
• Manage YVB's audit functions with regard to timeliness, effectiveness of audit reports, findings and follow up.
• Provide regular and consistent reporting to Executive Management and the Audit Committee regarding the adequacy of management responses to audits and/or target dates for remedial action.
• Develop and maintain information security policies, standards, and guidelines.
• Oversee and maintain effective business continuity and disaster recovery policies and standards to align with program goals.
• Provide regular and consistent reporting on the current status of the information security program to Executive Management, the Enterprise Risk Management Committee (ERM), and the Board of Directors as part of the strategic enterprise risk management program.
• Build collaborative working relationships to understand core business activities and processes, as well as key risks, products, and transactions that pertain to the Bank's compliance framework and risk assessment activities.
• Develop, conduct, and assist with relevant training for Bank employees on compliance responsibilities, including the dissemination of information security policies, standards, and guidelines.

Required Qualifications:

• Bachelor's degree in accounting, finance, law, economics, or a related business discipline, or commensurate work experience.
• Minimum of five (5) years of work experience in banking regulatory compliance or similar work experience in risk management and abatement.
• Current certification, or ability to receive certification, as a CRCM (Certified Regulatory Compliance Manager) and/or CRCP (Certified Regulatory and Compliance Professional).

We are an Equal Opportunity Employer and qualified applicants or employees will receive consideration for employment without regard to race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity, mental or physical disability, genetic information, protected veteran status, or any other category protected by applicable federal, state or local laws. YVB does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

Please check your junk/spam mail for emails from our Recruitment team