Information Security Analyst

Naperville, IL, NAP - IT

Information Security Analyst

Opportunity:
We are seeking a skilled and detail-oriented Information Security Analyst to join our cybersecurity team. The Security Analyst will play a crucial role in protecting our organization's information systems and data from potential threats and vulnerabilities. The Analyst will be responsible for monitoring security events, analyzing risks, and implementing effective security measures to ensure the confidentiality, integrity, and availability of our systems. This role requires strong analytical skills, attention to detail, deep understanding of cybersecurity best practice, and the ability to work collaboratively with cross-functional teams.

Responsibilities:

  • Perform daily and recurring security operations related tasks.
  • Participate in system baselining, assessments, investigations, and testing as required.
  • Monitor and analyze security incidents and assist in the escalation of security events.
  • Complete all tasks, assignments, goals, and objectives by the assigned due date.
  • Participate in change management and vendor due diligence reviews.
  • Create new and/or update existing procedures during security operations execution.
  • On-site at least once a month

Security Operation and Threat Hunting - 70%

  • Working with the Sr. Manager of Security Operations:
    • Design and run custom analysis models on security event information to discover active threats
    • Triage security incidents and determine cause
    • Identify (hunting) security nuances and abnormalities in the environment
    • Lead projects and assignments as related to remediation of discovered threats
  • Perform analysis and investigate the following areas:
    • Incident Response
    • Log analysis (statistical modeling, correlation, pattern recognition, etc.)
    • Microsoft platform (Server, workstation, 0365, applications)
    • Open Systems platforms (Linux, UNIX, VM Ware ESX)
    • Web Application
    • Networking (firewalls, IDS/IPS, packet capture)
    • Databases (Oracle, SQL Server, DB2, IMS)
    • SIEM (Splunk)
    • Reverse Engineering / Malware analysis

Projects - 30%

  • Partake in technical design reviews, integration, and security testing
  • Respond to information security issues during each stage of a project's lifecycle
  • Test security & IT solutions using industry standard analysis criteria
  • Recommend modifications in technical and GRC areas that affect IT security
  • Other duties as assigned

Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Below are the minimum requirements of the education, experience, knowledge, and skills required to competently perform in this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Incident reporting, vulnerability assessments and remediation, threat management and forensic analysis is required
  • 3-5 years overall technical experience in either threat hunting, threat intelligence, incident response, security operations, or related information security field
  • 3-5 year's experience in penetration testing, ethical hacking, and/or vulnerability management.
  • Understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc.
  • Experience with security operations tools, including but not limited to: SIEM, Network analysis, Signature development/management (e.g., Splunk rules, Snort rules, Yara rules), EDR solutions, Link/relationship analysis
  • Broad experience with various common security infrastructure tools (NIDS, HIPS, EDR, etc.)
  • Scripting experience related to system administration and security operations (Python, Bash, PowerShell, Perl, C/C++) is preferred
  • Professional security management certification, such as a Certified Ethical Hacker (C|EH), GIAC Certified Intrusion Analyst (GCIA) or other similar credentials, is preferred.
  • Excellent written and verbal communication skills, interpersonal and collaboration skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • Understanding of multiple security domains: Network, Data, Identity, Application, Cloud O/S: Linux (Red Hat, SUSE), Windows, UNIX, Cisco IOS, VM Ware Network: Firewalls, Proxy Servers, Reverse Proxy Servers, IPS, SIEM, SASE