271 Cybersecurity jobs in Chicago

• Collect, analyze, and interpret threat intelligence data from diverse sources.
• Identify, track, and profile threat actors, their motivations, and capabilities.
• Develop and maintain threat models and intelligence reports on emerging threats.
• Analyze malware, phishing campaigns, and other cyber attack vectors.
• Generate actionable intelligence products for security operations, incident response, and executive leadership.
• Support threat hunting initiatives and develop detection strategies.
• Collaborate with internal security teams to integrate threat intelligence into defensive measures.
• Stay abreast of the latest cybersecurity trends, vulnerabilities, and attack techniques.
• Contribute to the development and refinement of intelligence collection and analysis processes.
• Participate in red team exercises and tabletop simulations.

• Bachelor's degree in Cybersecurity, Computer Science, or a related field, or equivalent practical experience.
• 5+ years of experience in threat intelligence, security operations, or incident response.
• Deep understanding of cyber threat landscapes, attack methodologies, and actor TTPs (Tactics, Techniques, and Procedures).
• Proficiency in using threat intelligence platforms and tools.
• Experience with scripting languages (e.g., Python) for automation is highly desirable.
• Strong analytical and critical thinking skills.
• Excellent written and verbal communication skills, with the ability to present complex information clearly.
• Relevant certifications such as GCTI, CISM, or CISSP are a plus.

Job Description:

Company Description:

McDonald’s growth strategy, Accelerating the Arches, encompasses all aspects of our business as the leading global omni-channel restaurant brand. As the consumer landscape shifts we are using our competitive advantages to further strengthen our brand. One of our core growth strategies is to Double Down on the 3Ds (Delivery, Digital and Drive Thru). McDonald’s will accelerate technology innovation so 65M+ customers a day will experience a fast, easy experience, whether at one of our 25,000 and growing Drive thrus, through McDelivery, dine-in or takeaway. 

McDonald’s Global Technology is here to power tomorrow’s feel-good moments.  

That’s why you’ll find us at the forefront of transformative technology, exploring new and innovative ways to serve our millions of customers and spread happiness one delicious Hot Fudge Sundae-dipped fry at a time. Using AI, robotics and emerging tech, we’re digitizing the Golden Arches. Combine that with our unparalleled global scale, and we’re reshaping all areas of the business, industry and every community that is home to a McDonald’s restaurant. We face complex tech challenges every day. But that’s where our diverse and talented teams come in. They’re made up of the best and brightest from all over the globe, and they thrive in the space where feel-good meets fast-paced.  

Check out the McDonald’s Global Technology Technical Blog (  to learn how technology and our global team are directly enabling the Accelerating the Arches strategy. 

Department Overview

McDonald’s Global Cyber Security is looking for a highly motivated, diligent, and skilled analyst to join the Vulnerability Management Technology team. This team protects McD’s customers, data, and brand by identifying vulnerabilities and threats to our organization and working to drive remediation of identified security risks. Vulnerability Management is a capability of Global Security Services within the larger Global Cyber Security Operations (GCS) function. Join us to support and improve our efforts to identify and reduce McDonald’s attack surface and help our business continue to have remarkable impacts on our customer’s lives.

This role is a key member of the team and works with internal and external groups to identify and drive remediation of information security risks. In this role, you will develop new Cybersecurity services and improving existing services to meet the growing needs for protecting our users, devices, networks, applications, and data through vulnerability management. The ideal candidate will have prior experience building and managing a vulnerability management platform, analyzing vulnerabilities to determine applicability and impact, reporting vulnerability and risk information to senior leadership, and leading prioritization and remediation strategies in an enterprise environment.

Responsibilities & Accountabilities

• Be aware of important vulnerabilities and new threats affecting McDonald’s. Act as a Vulnerability Management expert, assisting teams in understanding detected vulnerabilities and offering remediation mentorship.

• Develop and maintain processes to address vulnerabilities promptly, encouraging clear communication with collaborators and addressing exceptions to SLAs.

• Use vulnerability management infrastructure that includes scanners, sensors, and agent configurations. (Tenable/Nessus, Security Center, Qualys, Wiz, ServiceNow and RBVM for vulnerability management.)

• Focus on prioritization of vulnerabilities based on potential impact to McDonald’s; exposure and likelihood of compromise based on Common Vulnerability Score System (CVSS); CISA KEV; EPSS; proprietary algorithms; external threats; and internal risk factors.

• Evaluate extensive data to spot risks and trends, boost reporting maturity via prioritization and automation, and improve processes for presenting vulnerabilities and results to collaborators.

• Build, modify, and mature vulnerability management reports and metrics to drive remediation across McDonald’s environments, while leading projects focused on analytics, security, and ongoing data management strategies.

• Develop insights that lead to short- term and long-term improvements in the enterprise vulnerability management program, review and build technical documentation, reports, and policies.

• Collaborate with security and technology leaders to exchange best practices and insights, while supporting cybersecurity risk assessments, IT audits, and/or vulnerability assessments.

• Ability to support 24 x 7 x 5 stakeholders

Qualifications

• Bachelor’s degree in Cybersecurity, Information Security, or related field

• 2+ years of experience in information security, security operations and incident response, regulatory compliance or audit, vulnerability management, security engineering or similar experience. (Required)

• Demonstrated understanding of vulnerability management technologies, processes, and programs is required, along with hands-on experience using tools such as Tenable, Wiz, Qualys, or Rapid7.

• Experience with analyzing output from vulnerability management tools and security penetration tests for the purposes of prioritizing remediation efforts. (Required)

• Familiarity with security standards and frameworks such as: NIST, PCI DSS, ISO, etc. (Required)

• Information security certifications, such as Security+, Network+, CCNA Security, GSEC, GCIA, GCFA, GPEN, CEH. (Preferred)

• Experience with writing and implementing queries for metrics reports, dashboards, and reporting using Power BI is a plus.

Skills/Abilities:

• Demonstrated leadership, interpersonal and verbal and written communication skills

• Knowledge of cybersecurity Vulnerability Management techniques, as applied to cloud, data, applications, platforms, operating systems and networks

• A strong working understanding of cybersecurity architectural principles

• Ability to understand technically challenging Common Vulnerability and Exposure (CVE) information and resolve importance to McDonald’s

• Ability to work independently and as part of a team within tight timeframes and a fast-paced environment with changing priorities

• balance multiple tasks simultaneously

• General knowledge of laws, regulations, and standards relevant to the Cybersecurity / privacy.

Compensation

Bonus Eligible: Yes

Benefits Eligible: Yes

Salary Range

The expected salary range for this role is $98,140.00 - $125,130.00 per year

The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.

Additional Information:

Benefits eligible: This position offers health and welfare benefits, a 401(k) plan, adoption assistance program, educational assistance program, flexible ways of working, and time off policies (including sick leave, parental leave, and vacation/PTO). Eligibility requirements apply to some benefits and may depend on job classification and length of employment. 

Bonus eligible: This position is eligible for a bonus, calculated based on individual and company performance.

McDonald’s is an equal opportunity employer committed to the diversity of our workforce. We promote an inclusive work environment that creates feel-good moments for everyone. McDonald’s provides reasonable accommodations to qualified individuals with disabilities as part of the application or hiring process or to perform the essential functions of their job. If you need assistance accessing or reading this job posting or otherwise feel you need an accommodation during the application or hiring process, please contact Reasonable accommodations will be determined on a case-by-case basis.

McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.

Requsition ID: 1808

A well-known shipping company is looking for a Cybersecurity Lead to oversee enterprise-wide security initiatives, including policies, risk management, incident response, and compliance with frameworks like NIST and ISO.

You'd be a great fit if you have:

• 3+ years Cybersecurity experience
• Expertise in security tools (e.g., Active Directory, endpoint security, firewall management)
• Experience with regulatory standards (NIST, ISO, SOX, GDPR)
• Strong background in cloud technologies (ideally Azure) and strategic planning
• Cybersecurity certifications like CISSP, CISM, GIAC, etc.

Cybersecurity Engineer

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: None

Employee Type: Regular

Percentage of Travel Required: None

Type of Travel: None

The Opportunity:

• In this critical role, you will perform security vulnerability assessments that are an integral part of our independent verification and validation process. You will perform vulnerability scanning, static code analysis, reverse engineering, penetration testing, traffic analysis, documentation, reporting and analysis of requirements.

• The successful candidate will possess a strong background in computer science, cybersecurity, or related field, with hands-on experience in modern programming languages, operating systems, and network infrastructure.

• If you're passionate about cybersecurity, have a keen eye for detail, and thrive in a dynamic environment where you can have a significant impact on system security, CACI encourages you to apply for this challenging and rewarding position.

• There is no security clearance required to begin employment. However, as a requirement of continued employment, you may be required to obtain a security clearance.

Responsibilities:

• Perform comprehensive security assessments of identified and applied security controls. Provide summaries of initial assessments in Security Assessment Reports (SAR) that address the technical evaluation and results of assessment, identify weaknesses or deficiencies, and recommend corrective actions for risk mitigation.

• Perform and assess the degree to which a system is compliant with operating system, network, and application security STIG reviews.

• Perform host and network-based security control assessments, determine residual security risks, prepare assessment test reports, prepare and assess test plans, and provide formal recommendations in support of authorization.

• Review and analyze the findings that identify security issues on the system. You shall compile results and finding into a final Security Assessment Report, along with assessments and recommendations for remediation.

• Conduct testing and scanning via modern techniques and scanning tools, including manually (software and hardware) used either remotely or locally on the systems to evaluate compliance and to identify security vulnerabilities, threats, risks, and gaps. You will review and analyze the findings that identify security issues on the system.

• Scanning code, auditing results with development and/or security teams and offering plans for remediation of vulnerabilities.

• Install, configure, and maintain laboratory environments and equipment used in these security vulnerability assessments. Implement, administer, and troubleshoot lab network infrastructure devices, such as switches, routers, and user workstations, including virtual machines.

Qualifications:

Required:

• University Degree BS in CS/CE/EE/Cyber Security or equivalent experience.

• Knowledge and experience in security disciplines including, but not limited to, software security, operations security, administrative security, and communications security.

• Knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.

• Ability to develop best practices for processes and standards that will better the system.

• Knowledge of security system design tools, methods, and techniques.

• Knowledge of known vulnerabilities from alerts, advisories, and bulletins.

• Knowledge and experience in modern programming languages, C, C++, C#, Python, etc.

• Knowledge and experience in Linux, Microsoft Windows, and Microsoft Office applications.

• Knowledge of IP networking and equipment installation, configuration, and maintenance.

Desired:

• Working knowledge of information system security controls and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.

• Experience in system testing methodologies that include: Penetration testing, Configuration analysis, Security best practices validation.

• Experience in CodeSonar, Black Duck, Whitesource, Burp, Coverity, Nessus, Nexpose.

• Experience in security testing and penetration tools that include: Kali Linux, Metasploit, Nmap, Wireshark, Red / Blue team assessment experience.

• Experience in system level software and programming languages.

This position is contingent on funding and may not be filled immediately. However, this position is representative of positions within CACI that are consistently available. Individuals who apply may also be considered for other positions at CACI.

___

What You Can Expect:

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.

Your potential is limitless. So is ours.

Learn more about CACI here. (

___

Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here ( .

The proposed salary range for this position is:

$58,400 - 116,900 USD

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

Job Title: Cybersecurity Analyst
Location: Lake Forest, IL – onsite – local candidates only
Period: 09/09/2024 to 12/31/2024 – possibility of extension
Hours/Week: 40 hours – hours over 40 will be paid at time and a half
Rate: $50 – $60/hour
Contract Type: W-2 only

Scope of Services:

The Cybersecurity Analyst will be responsible for performing cybersecurity assessments based on the NIST Framework. This role requires ensuring the appropriate application of security products and technologies to protect the organization’s systems and information, enabling the achievement of the organization’s objectives. The analyst will develop a risk-based cybersecurity program that meets regulatory requirements and aligns with industry-leading information security practices. Responsibilities include performing threat identification and mitigation activities using industry-leading security controls and toolsets, supporting management in developing strategies, policies, and standards to protect company information and technology assets, and applying technical knowledge to safeguard the company's assets against cyber threats.

Role, Responsibilities, and Deliverables:

• Perform cybersecurity risk-based assessments.
• Apply technical knowledge to design, develop, or recommend secure technical solutions, including policies, standards, applications, systems, architectures, and infrastructure.
• Perform threat identification and mitigation activities using industry-leading security controls and toolsets.
• Contribute to the design of cybersecurity toolsets to enable automated discovery, remediation, and alerting of network and device vulnerabilities, improving the security posture.
• Assess threats to the business and deploy countermeasures.
• Guide business units, application development teams, and third-party vendors to achieve program requirements while enabling business operations.
• Participate in cross-team coordination to achieve defined security goals and meet technical requirements.
• Perform analysis of emerging technologies and design secure implementations.
• Perform assessments of cybersecurity incidents to identify root causes, respond, and recover the environment.
• Support management in developing strategies, policies, and standards to protect company information and technology assets.
• Contribute subject matter expertise on security projects to ensure the timely, on-budget, and effective implementation of cybersecurity improvements, with validation methods in place to measure effectiveness.

Experience:

• Bachelor’s degree in Cybersecurity, Software, or a related field (Master’s preferred).
• 2 to 4 years of experience in cybersecurity roles.
• Experience performing cybersecurity risk-based assessments and working with the NIST Framework.
• Proficiency in technical knowledge to protect against cyber threats, including knowledge of firewalls, intrusion detection and prevention systems, data loss prevention solutions, endpoint protections, log aggregation technology, and other security technologies.
• Hands-on experience with industry standards such as ISO 27001/2, SOC 2, HITRUST, and FedRAMP Information Security standards.
• Experience with GRC toolsets (Governance Risk and Compliance).
• Strong analytical skills for threat identification and mitigation.
• CompTIA Security+ certification preferred.
• CISSP certification (or similar) and knowledge of national and international regulatory compliance and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.

Your Journey at Crowe Starts Here:

At Crowe, you can build a meaningful and rewarding career. With real flexibility to balance work with life moments, you’re trusted to deliver results and make an impact. We embrace you for who you are, care for your well-being, and nurture your career. Everyone has equitable access to opportunities for career growth and leadership. Over our 80-year history, delivering excellent service through innovation has been a core part of our DNA across our audit, tax, and consulting groups. That’s why we continuously invest in innovative ideas, such as AI-enabled insights and technology-powered solutions, to enhance our services. Join us at Crowe and embark on a career where you can help shape the future of our industry.

Job Description:

As a Cybersecurity team member in Crowe’s Consulting Practice , your role will be focused on helping clients assess and refine their information security posture, technology implementations, and regulatory compliance. Our team will develop your Information Security skillset over your first couple of years. This is not a typical desk job. Starting from day one, you will be in the field working side by side with our experienced security professionals at our clients around the world! A number of our experienced team members have also presented their research, techniques, and procedures at security conferences around the country. At Crowe, we empower you to take risks, to challenge yourself in specialized areas of consulting & technology, and to generate solutions that impact the firm and your professional growth. Crowe cultivates a creative corporate culture where you will have the opportunity to share your ideas and knowledge with clients from your very first day with the firm.

Our team comes from different backgrounds and experience levels and works across many different client types and sizes. From a small business to a global company, you can expect to serve clients in many different industries, including financial services, life sciences, public sector, technology, consumer markets, and more!

Skills and Requirements:

• Have a willingness to travel as needed based on client or project requirements

• Possess knowledge of Information Technology fundamentals, including:

• Basic network services (TCP/IP, HTTP, SSH, SMB, and DNS), where they reside on the OSI model, and how they technically function to provide basic connectivity to a system

• Routing and Switching

• System Administration (Windows & Active Directory and/or Linux/Unix)

• Database Administration (Microsoft SQL, Oracle, Mongo, PostgreSQL, etc.)

• Cloud Systems (Azure, Google Cloud, AWS, etc.)

• Possess knowledge of Information Security standards and concepts, such as Risk Management and Cybersecurity Governance, System and Application Hardening (Security Engineering), Network Infrastructure Security, Access Management, Security Assessments, Security Operations, Compliance with Security Control Frameworks (SOC, ISO, etc.), Federal / State Compliance (GDPR, CPRA, FedRAMP, CMMC, etc.), and/or Data Privacy

• Possess technical writing skills using Microsoft Office (Word, Excel, Visio, PowerPoint, Outlook)

• Have a passion for Information Security and be willing to share your knowledge and lessons learned with the team and the security community

• Have a desire to continue personal growth through continuing professional education, self-study, pursuit of technical certifications, and mentoring/training less experienced team members

• Be capable of independently managing time and able to prioritize tasks in a fast-paced environment

• Be able to communicate technical findings to non-technical audiences, such as company officers (CEOs, CIOs, CFOs, COOs) and Audit Committees

Education:

We are seeking college students pursuing academic degrees in one of the following preferred majors (or similar background).

• Information Technology

• Cybersecurity, Information Security, or Network Security

• Cyber Forensics

• Systems or Network Engineering and Administration

• Computer Science or Software Engineering

We expect the candidate to uphold Crowe’s values of Care, Trust, Courage, and Stewardship. These values define who we are. We expect all of our people to act ethically and with integrity at all times.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Crowe, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $27.00 - $42.00 per hour.

Our Benefits:
Your exceptional people experience starts here. At Crowe, we know that great people are what makes a great firm. We care about our people and offer employees a comprehensive total rewards package. Learn more about what working at Crowe can mean for you!

How You Can Grow:
We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper!

More about Crowe:
Crowe ( is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country's best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world.

Crowe LLP provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Crowe LLP does not accept unsolicited candidates, referrals or resumes from any staffing agency, recruiting service, sourcing entity or any other third-party paid service at any time. Any referrals, resumes or candidates submitted to Crowe, or any employee or owner of Crowe without a pre-existing agreement signed by both parties covering the submission will be considered the property of Crowe, and free of charge.

Crowe will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. Please visit our webpage to see notices of the various state and local Ban-the-Box laws and Fair Chance Ordinances, where applicable.

Position Summary:

The Security Manager is responsible for leading Power Construction's information security strategy, ensuring the protection of digital assets, compliance with regulatory frameworks (e.g., ISO, CMMC, NIST), and operational resilience across both corporate and field environments.

Responsibilities:

* Develop and maintain the company's cybersecurity strategy and roadmap.

* Lead incident response efforts and coordinate with internal and external stakeholders.

* Enforce security policies and standards across infrastructure, endpoints, and cloud services.

* Oversee third-party risk assessments and vendor compliance.

* Conduct security awareness training and phishing simulations.

* Manage vulnerability assessments, penetration testing, and remediation tracking.

* Collaborate with IT and operations teams to secure field technology and mobile assets.

* Support audits and maintain documentation for compliance and governance.

* Coordinate change control for security-related updates and system hardening.

* Report regularly to leadership on risk posture, incidents, and improvement plans

* Obtain and maintain security certifications, specifically CMMC

Position Requirements:

* IT Security Manager- needs to have prior management and hands on experience.

* Prior security vendor/ contract management experience

* Experience defining and building out security strategies, roadmaps, and organizational training

* Experience implementing solutions

* Prior experience with MS Defender, Entra ID

* Strong communicator, takes initiative, proactive, and an attitude to lead and problem solve.

* Strong knowledge of compliance (NIST, SOC 2, ect)

Qualifications:

* Bachelor's degree in computer science, or related field.

* 5+ years of experience in cybersecurity, preferably in construction or critical infrastructure.

* Strong knowledge of regulatory frameworks.

* Security certifications experience is advantageous.

* Experience with endpoint protection, network security, and identity management.

Compensation Details:

Salary Range: $133,000 - $147,000

Compensation for this role includes a base salary plus an annual discretionary bonus. Details on our benefits can be found on the Benefits tab within the Careers section of the website.

Power Construction is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. Power Construction is committed to increasing opportunities for historically disadvantaged workers (including women and members of disproportionately affected racial and ethnic groups), as well as residents of marginalized communities.