Our Story
Founded in 2008, Hightower is a wealth management firm that provides investment, financial and retirement planning services to individuals, foundations and family offices, as well as 401(k) consulting and cash management services to corporations. Hightower’s capital solutions, operational support services, size and scale empower its vibrant community of independent-minded wealth advisors to grow their businesses and help their clients achieve their vision of “well-th. rebalanced.” Based in Chicago with advisors across the U.S., we operate as a registered investment advisor (RIA).
Your Future Team
Reporting to the Director of Cybersecurity, Hightower’s Cybersecurity team is dedicated to safeguarding the company’s information assets, ensuring compliance with industry regulations, and mitigating cyber risks. The team plays a vital role in protecting sensitive data, securing web applications, and maintaining the integrity of critical business systems.
The Data and Web Security Analyst is an essential part of this team, responsible for monitoring, analyzing, and enhancing the security of data and web-based applications. This role involves proactive risk assessments, implementation of security controls, and collaboration with IT and business units to ensure robust cybersecurity practices. The ideal candidate will have experience in threat detection, vulnerability management, and web security frameworks, helping to strengthen the organization’s overall security posture.
What You’ll Do
- Monitor and secure web applications: Continuously analyze and assess the security of web-based applications, APIs, and databases, identifying vulnerabilities and implementing protective measures.
- Analyze security threats: Detect, investigate, and respond to potential cybersecurity threats, ensuring timely mitigation and documentation of incidents.
- Conduct vulnerability assessments: Perform regular scans, penetration tests, and security audits to identify risks and recommend remediation strategies for applications and data infrastructure.
- Implement data protection measures: Ensure compliance with data security policies, encryption standards, and access controls to protect sensitive and regulated information.
- Oversee firewall and network security controls: Assist in managing firewalls, intrusion detection/prevention systems, and other network security measures to prevent unauthorized access.
- Manage security incident response: Lead or support incident response efforts related to data breaches, web security vulnerabilities, and unauthorized access attempts.
- Collaborate with development teams: Work closely with software engineers and IT teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards.
- Maintain compliance and documentation: Ensure security processes align with regulatory requirements (e.g., GDPR, CCPA, SOC 2) and maintain accurate records of security policies, incidents, and risk assessments.
What You’ll Bring
- BS/BA degree and Security+ or related certification.
- 3+ years' experience in security or user support, desktop systems support, or voice and data network support.
- Collect and analyze technical data to resolve design and implementation issues.
- Must accept a minor level of local travel.
What We Offer
- Coverage on the first day of employment for medical, dental, and vision insurance.
- Paid parental leave (16 weeks for primary caregiver and 8 weeks for secondary caregiver).
- Flexible PTO plan.
- Hybrid model work schedule (50% in office).
- 401k matching plan.
- HSA employer contributions.
- Student loan assistance.
- Pet insurance.
- Base salary of $90,000 - $95,000 plus discretionary bonus (exact base salary amount will be dependent on experience).
AN EQUAL OPPORTUNITY EMPLOYER: Hightower is an equal opportunity employer and does not discriminate based upon race, color, religion, sex, sexual orientation, pregnancy, marital status, national origin, citizenship, veteran status, ancestry, age (over 40), physical or mental disability, medical condition (cancer-related), gender identity or expression, genetic information including sickle cell or hemoglobin C trait, or any other consideration made unlawful by applicable federal, state, or local law.
You are a U.S. citizen, U.S. permanent resident or possess other unrestricted U.S. work authorization and will not require sponsorship for U.S. work authorization now or anytime in the future.
