Experience:
3-5 years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Posted:
9/13/2017
Job Category:
Information Services
Senior Information Security Threat Handler
(This job is no longer available)
loading
School
Major
Grad Date
 
 

Not sure what types of jobs you are interested in?


Explore Jobs
Based on Your Education

Follow This Company
Share

Job Description

Chicago, IL

Prestigious Global Firm is seeking a Senior Information Security Threat Handler. The Incident and Threat Handler will focus on Infrastructure threats, vulnerabilities, penetration testing, ethical hacking, etc. Must be able to do Penetration Testing and prefer an EHC. Experience in Microsoft Environments is preferred but not required.

Primary Responsibilities:

  • Lead incident response efforts related to critical incidents, threats, vulnerabilities and bring these issues to resolution.
  • Create, document and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of all security incidents.
  • Collect, analyze, and disseminate commercial and open-source threat intelligence.
  • Research emerging threats, and prepare detailed threat intelligence reports.
  • Correlate threat intelligence and vulnerability assessments with active attacks within the enterprise.
  • Monitor and analyze security events and identify trends, attacks, and potential threats.
  • Facilitate the integration of threat and data feeds for the purposes of incident response.
  • Organize and conduct incident response exercises, incorporating resources both internal and external to the Cox Security team.
  • Interface effectively in key relationships, including security peers (Security Operations, Enterprise IT Operations, Architecture, etc.) internal business partners (Compliance/Privacy, Legal, Corporate Communications, etc.), and other leaders and partners within the broader enterprise.
  • Maintain security documentation including the Incident Response Plan and Security Logging & Monitoring Standards.
  • Work closely with boundary partners in order to integrate security monitoring into new projects.
  • Maintain familiarity with current and emerging information security vulnerabilities, threats, and exploits.

Qualifications

Minimum:

  • 3+ years of security experience, preferably with security and incident response duties.
  • Background integrating threat intelligence into incident response procedures, preferably working within a CSIRT or SOC.
  • Experience and proficiency with any of the following: Intrusion analysis, Host-Based Forensics, Network Forensics, Malware Analysis concepts and methods.
  • Experience working with and/or managing a SIEM.
  • Experience working with commercial and/or open-source threat intelligence feeds.
  • Experience with digital investigations, including disk and memory forensics.
  • Ability to write scripts/code using Python, Perl, Powershell, or an equivalent language.
  • Excellent written and verbal communication skills, including presentation skills, are important to be successful in this role. Proven ability to effectively communicate with all levels of the organization, as well as with external parties.
  • Excellent organizational and time management skills.
  • Demonstrated understanding and experience with current incident response best practices and standards.
  • Critical thinking and contextual analysis abilities.
  • Deep knowledge of security issues, techniques, and implications across multiple technology platforms.
  • Ability to demonstrate a clear understanding, at an enterprise level, of application, network, infrastructure, and data security architecture.
  • Excellent analytical skills, able to manage multiple projects under strict timelines, work well in a demanding dynamic environment, and meet overall objectives.

Preferred:

  • BS in Computer Science, Information Systems, Engineering, Business, etc.
  • Experience with Cloud security solutions.
  • At least one relevant industry certification - GCIH, CCIA, GIAC, CISSP, CISM, CISA.
  • Experience with and knowledge of packet flow, TCP/UDP traffic, Firewall, IDS/IPS, Proxy technologies, antivirus solutions, protocol analyzers, vulnerability scanners, endpoint monitoring tools.
  • Experience in digital forensics and tools associated with the task such as EnCase, FTK, GRR Rapid Response, X-Ways, Volatility, Rekall.
  • Experience in reverse engineering malware and tools associated with the task such as IDA Pro, OllyDbg, Radare2
  • Experience in a hands-on technical role working within the Information Security Field, with emphasis on Intrusion Detection, Incident Response, Digital Forensics and Malware Analysis.

Qualifications

Applicants must be eligible to work in the specified location