Posted: Saturday, February 24, 2018 3:33 PM
Location: Downtown Chicago with flex to work remote and in:office
Will provide strong sign:on bonus for relocation
No VISA Sponsorship
Full:time position with excellent compensation, training, certification support, security conferences and BONUS
Excellent career opportunity to grow quickly into Lead role
:Strong background in Incident response, forensics, malware analysis and vulnerability management preferably in a SOC
:Prior experience with Splunk or similar SIEM
:Knowledge of IDS/ IPS (SourceFire or similar)
:Familiarity with Symantec and Carbon Black products or similar
:Experience with Cisco products and Checkpoint firewalls.
:Familiarity with Nessus
:Basic knowledge of DNS
:Experience interacting with team leads in other departments, external clients and internal clients
:Foundational understanding of database attacks (SQL:injection, data injections, record flooding) is a huge plus
:CISSP, GIAC certs or others
50 Incident response, managing IDS, IPS, firewalls, conducting Vulnerability assessments and vulnerability management program
20 Identifying, containing and analyzing malware, denial of service, network infrastructure attacks, attacks to cloud resident services and active cyber attacks
10 Installing, maintaining and/or tuning security products and tools including
20 Providing remediation guidance and policy adoption / adherence and mentoring junior security engineers
As a valued contributor to the Security Operations team, the Sr Security Engineer supports our production environment, protecting it from the latest information security threats. The Security Engineer is responsible for developing, improving and executing documented cyber threat management processes. The Security Engineer will focus on real:time security events analysis to protect the organization electronic assets. The candidate is experienced with researching the latest security threats and vulnerabilities and identifies weaknesses and exposures. Recommends protection and mitigation strategies to be evaluated by the security team. Must be able to perform strong hands:on support and management for a wide range of security technologies including, but not limited to: SIEM, IDS/IPS, malware analysis and protection, data loss prevention and vulnerability scanners. The candidate has at least 3 to 5 years of experience as part of a security incident response team.
:Manage Checkpoint firewalls, Sourcefire IPS/IDS, Bluecoat technologies.
:Manage the vulnerability management program
:Create actionable items out of threat intelligence feeds
:Coordinate red team blue team exercises
:Perform research and data analysis of possible security events and proactively identify and communicate status
:Document and investigate security incidents according with the security incident response policy.
:Resolve service impacting events, restore service and provide root cause analysis
:Resolve fault conditions on security systems
:Mentor other less experienced Security Engineers
:Support team as necessary on high priority high visibility problems
:Train peers on platform enhancements and technology changes
:Ensure platform accessibility, software revisions and best practices are maintained
:Prepare ad:hoc analysis and reports as needed
:This position does require 24 x 7 availability to support operations where necessary
:3 to 5 years of experience as an Incident Responder and Security Operations
:At least 2 years of Splunk experience writing searches
:Familiar with malware analysis processes
:Minimum 3:5 years of experience designing and maintaining firewall policies in Checkpoint Provider:1 and Checkpoint R75 or higher on Linux or Unix based platforms.
:Very familiar with Threat intelligence activities including the collection of IOCs and tracking threat actors.
:Experienced with Digital Forensics Incident Response
:Experienced with Threat Hunting methodologie
• Location: Chicago
• Post ID: 90952197 chicago