Job Title: InfoSec Analyst
Location: 4120 W Diversey Ave, Chicago IL; they are doing a hybrid model where people will need to be onsite 1-2 days a week
Duration: 3 month c2h opening and 5-6m contract openings
Start Date: ASAP
Interview Process/Times: potentially just one video interview with CISO, could be a second round with CIO depending on how the first round goes
Must Haves / Notes from Manger:
Job Description:
Top 3 must haves:
Vulnerability management; experience with any type of vulnerability management system
Incident response; needs to understand the process and be doing it in their current role
Analytical mind set; specifically around data, this is a highly technical role
Description:
- Minimum of 5 years of experience as a Security Administrator, Security Analyst or Security Engineer role
- BA/BS degree in computer science, IS, MIS, Engineering, Computer Science, or related field
- Preferred Licensing/Certifications: CEH, GIAC GCIH, GCIA, GCFA, GCFE, GREM, CCNA, Security+, MCSE
- Knowledge of Active Directory/LDAP Directory Services and Windows 2012,2016
- Working knowledge of DNS, DHCP, SMTP, SNMP, TCP/IP, UDP, RADIUS, 802.1x
- Familiar with common security tools, concepts, practices and procedures.
- Familiar with penetration testing concepts and vulnerability scanning
- Familiar with firewalls/routers/IPS/IDS
- Familiar with VOIP technologies and implementations.
- Proficient in Microsoft applications (Access, Excel, Word, Project).
- Understanding of computer systems security issues.
- Ability to define complex problems and propose solutions
- Good organizational, multi-tasking, and time-management skills
- Excellent communication (written and oral) and interpersonal skills
Day to Day
- Perform Security Incident investigation on reported cases
- Define SOP's to investigate various types of incidents
- Responsible for complete security incident management life cycle
- Demonstrate and apply knowledge of networking concepts and devices (Firewalls, Routers, Switches, NAC, IDS, IPS, etc.).
- Integrate outputs of technical research, e.g., network forensics and reverse engineering, into intelligence products
- Provide analytics in support of incident handling and investigative activities
- Utilize SIEM tools like RSA Netwitness, QRadar, Splunk, LogRhythm, AlienVault
- Utilize Enterprise vulnerability scanner (like Qualys, Tenable, Nexpose) to identify and remediate vulnerabilities
- Understand security concepts such as need-to-know; least privilege; MFA, IPSEC, SSL, DLP, PKI, MitM, Encryption, deep packet inspection,
- Conduct host and network-based forensics, log analysis, and malware triage in support of incident response investigations
- Provide on-call support for Security technologies
- Conduct risk reviews, certifications and control analysis for the IT environment and perform or oversee IT implementation of remediation
- Oversee penetration testing and vulnerability assessment activities
Analyze and recommend new security products to implement in the technical environment - Work effectively with the IT group and business leaders