What are the responsibilities and job description for the Data and Web Security Analyst position at Hightower Advisors?
Our Story
Founded in 2008, Hightower is a wealth management firm that provides investment, financial and retirement planning services to individuals, foundations and family offices, as well as 401(k) consulting and cash management services to corporations. Hightower’s capital solutions, operational support services, size and scale empower its vibrant community of independent-minded wealth advisors to grow their businesses and help their clients achieve their vision of “well-th. rebalanced.” Based in Chicago with advisors across the U.S., we operate as a registered investment advisor (RIA).
Your Future Team
Reporting to the Director of Cybersecurity, Hightower’s Cybersecurity team is dedicated to safeguarding the company’s information assets, ensuring compliance with industry regulations, and mitigating cyber risks. The team plays a vital role in protecting sensitive data, securing web applications, and maintaining the integrity of critical business systems.
The Data and Web Security Analyst is an essential part of this team, responsible for monitoring, analyzing, and enhancing the security of data and web-based applications. This role involves proactive risk assessments, implementation of security controls, and collaboration with IT and business units to ensure robust cybersecurity practices. The ideal candidate will have experience in threat detection, vulnerability management, and web security frameworks, helping to strengthen the organization’s overall security posture.
What You’ll Do
You are a U.S. citizen, U.S. permanent resident or possess other unrestricted U.S. work authorization and will not require sponsorship for U.S. work authorization now or anytime in the future.
Founded in 2008, Hightower is a wealth management firm that provides investment, financial and retirement planning services to individuals, foundations and family offices, as well as 401(k) consulting and cash management services to corporations. Hightower’s capital solutions, operational support services, size and scale empower its vibrant community of independent-minded wealth advisors to grow their businesses and help their clients achieve their vision of “well-th. rebalanced.” Based in Chicago with advisors across the U.S., we operate as a registered investment advisor (RIA).
Your Future Team
Reporting to the Director of Cybersecurity, Hightower’s Cybersecurity team is dedicated to safeguarding the company’s information assets, ensuring compliance with industry regulations, and mitigating cyber risks. The team plays a vital role in protecting sensitive data, securing web applications, and maintaining the integrity of critical business systems.
The Data and Web Security Analyst is an essential part of this team, responsible for monitoring, analyzing, and enhancing the security of data and web-based applications. This role involves proactive risk assessments, implementation of security controls, and collaboration with IT and business units to ensure robust cybersecurity practices. The ideal candidate will have experience in threat detection, vulnerability management, and web security frameworks, helping to strengthen the organization’s overall security posture.
What You’ll Do
- Monitor and secure web applications: Continuously analyze and assess the security of web-based applications, APIs, and databases, identifying vulnerabilities and implementing protective measures.
- Analyze security threats: Detect, investigate, and respond to potential cybersecurity threats, ensuring timely mitigation and documentation of incidents.
- Conduct vulnerability assessments: Perform regular scans, penetration tests, and security audits to identify risks and recommend remediation strategies for applications and data infrastructure.
- Implement data protection measures: Ensure compliance with data security policies, encryption standards, and access controls to protect sensitive and regulated information.
- Oversee firewall and network security controls: Assist in managing firewalls, intrusion detection/prevention systems, and other network security measures to prevent unauthorized access.
- Manage security incident response: Lead or support incident response efforts related to data breaches, web security vulnerabilities, and unauthorized access attempts.
- Collaborate with development teams: Work closely with software engineers and IT teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards.
- Maintain compliance and documentation: Ensure security processes align with regulatory requirements (e.g., GDPR, CCPA, SOC 2) and maintain accurate records of security policies, incidents, and risk assessments.
- BS/BA degree and Security or related certification.
- 3 years' experience in security or user support, desktop systems support, or voice and data network support.
- Collect and analyze technical data to resolve design and implementation issues.
- Must accept a minor level of local travel.
- Coverage on the first day of employment for medical, dental, and vision insurance.
- Paid parental leave (16 weeks for primary caregiver and 8 weeks for secondary caregiver).
- Flexible PTO plan.
- Hybrid model work schedule (50% in office).
- 401k matching plan.
- HSA employer contributions.
- Student loan assistance.
- Pet insurance.
- Base salary of $90,000 - $95,000 plus discretionary bonus (exact base salary amount will be dependent on experience).
You are a U.S. citizen, U.S. permanent resident or possess other unrestricted U.S. work authorization and will not require sponsorship for U.S. work authorization now or anytime in the future.
Salary : $90,000 - $95,000
