Chicago, IL, USA
about 1 month ago
- Oversee and participate in the security operations, including threat detection, monitoring and response.
- Analyzing cyber threats and networks intrusions.
- Oversee and participate advanced security investigations and incident response and handling.
- Assist in the development of security policies and procedures.
- Monitor security alerts, SIEM tools, host and network IDS, system logs, and firewall logs (Unix and Windows).
- Create and maintain incident response policy and procedure updates as needed.
- Mentor Level 2 and Level 1 analysts, and serve as the escalation point for security incidents.
- Communicate with customers to inform and advise them on remediation, and any issues.
- Perform triage analysis.
- Ability to work in teams.
- Experience with SIEM software and IDS/IPs.
- Advanced knowledge and understanding of network devices and protocols.
- Experience with Mac OS, Windows, and Unix systems.
- Experience in event log analysis and ability to recognize emerging cyber intrusions/attacks.
- Ability to work in a high pressure environment
- Ability to work directly with customers to understand requirements for and feedback on security services
- Excellent verbal and written communication skills
- Experience creating signatures for security tools