Chicago, IL, USA
up to 200k
4 months ago
- Oversee and participate in incident response.
- Analyzing cyber threats and networks intrusions.
- Oversee and participate advanced forensic investigations (host and network).
- Assist in the development of security policies and procedures.
- Monitor security alerts, SIEM tools, host and network IDS, system logs, and firewall logs (Unix and Windows).
- Create and maintain incident response policy and procedure updates as needed.
- Mentor Level 2 and Level 1 analysts, and serve as the escalation point for security incidents.
- Ability to work in teams.
- Experience with SIEM software and IDS/IPS
- Advanced knowledge and understanding of network devices and protocols.
- Experience with Mac OS, Windows, and Unix systems.
- Experience in event log analysis and ability to recognize emerging cyber intrusions/attacks.
- Ability to work in a high pressure environment
- Experience using Splunk
- Experience with forensic tools FTK or EnCase
One of more of these skills are desired: threat hunting, static/dynamic malware analysis, or reverse engineering. Scripting experience can be useful as well.