IT Security Analyst Tier 2
Apply NowCompany: Philadelphia Comapny
Location: Chicago, IL 60629
Description:
Company Description
At Philadelphia Company, we believe that technology should support and enhance your organization's success, not constrain it. With our wide range of best-in-class services, we provide customized solutions that fit your unique IT needs. We're committed to excelling at our job so you can focus on doing yours.
Job Description
Summary
We are seeking an IT Security Analyst Tier 2 for the Security Operations Center (SOC) to conduct investigations of and responses to, incidents that occur on the organization's network. This is an internal customer facing position and will require interaction with staff members. The candidate will support "The Clients" overall corporate information security mission as well as any additional SOC functions including but not limited to: Digital Forensics; Malware Analysis; Cyber Threat Intelligence; Vulnerability Assessment/Management; and Internal Stakeholder Relationship Management. The ideal candidate should work well in team dynamics; be passionate about continual self-improvement through the continual acquisition of technical skills relating to their roles and responsibilities; be self-motivated and driven to thrive in new and changing environments.
Responsibilities
Support proactive detection and analysis of security incidents.
Periodic assessment on incident trending to guide the strategy.
Network Forensic skills such as proficiency in packet-level analysis to identify threats within the network
Monitor networks for security events and alerts clients to potential (or active) threats, intrusions, and compromises
Identified information security related events/incidence and document through to resolution.
Analyze data provided from other departments/ Business Unit customers to evaluate the severity/magnitudes of events to determine if an incident occurred and formulate an appropriate and calibrated response in the event of a confirmed incident.
Responsible for understanding the global threat landscape and tracking changes in this area, as well as understanding the direct or indirect impact to the enterprise.
Conducts research and aligns response to emerging threats, including understanding the level of impact and exposure to customers (internal and external), proactively communicating to internal business units on a regular basis updates on emerging threats, and ensuring the organization has thorough detection capabilities in place for aforementioned threats.
Review third party intelligence reports to compare "The Clients" network security conditions against known/suspected threats. Craft communications and develop proactive measures to assist in defending the corporate network.
Perform analysis as needed to support routine business functions in support of project/task activities.
Perform triage of service requests from internal teams; act as a subject matter expert for advanced technology, architecture and threat-related questions from internal staff.
Have a passion for and a willingness to provide verbal and written security related advice, mentoring and education to other staff
Provide and document daily reporting metrics and may be required to present those in a verbal manor to the team and or management.
Provide after-hours On-Call Support for cyber security events.
Qualifications
THE FOLLOWING REQUIREMENTS MUST BE MET TO BE CONSIDERED FOR THIS POSITION:
Bachelor's degree in computer science or other relevant field and 2-5 years' experience in Information Technology, Networking, or equivalent combination of education and experience. Incident Response and intrusion detection (ID) experience.
Moderate knowledge of TCP/IP networking, switches, routers, firewalls, VPNs, and encryption.
Ability to work closely with members of different teams and organizations and manage the analytic process.
Strong ability to communicate: write clearly and speak authoritatively to different kinds of audiences (business leaders and technical peers)- can present complex concepts at high level, while retaining meaning and highlighting features of interest.
Experience with 3 or more of the following security areas: malware reverse engineering, threat detection development, digital forensics, penetration testing, network perimeter defense, vulnerability assessment.
The ability to cultivate technical development of junior analysts.
Educate Response Analysts on potential threats. Also work closely with Specialist teams (Hunt and Forensics)
Ability to tune existing alerting mechanisms to ensure high fidelity incident correlation
Active tracking of the cyber threat landscape and extrapolation of risk based on internal exposure
Collaborate with other teams in the Information Technology department on security risks. incidents and response.
Possess an understanding of cyber adversary motivations in the domains of cybercrime, cyberespionage, and hacktivism.
Strong understanding of security operations concepts: perimeter defense, data loss protection, insider threat, kill chain analysis, risk assessment, and security metrics
Moderate knowledge of Malicious code mechanisms of operation and associated indicators of compromise
Basic knowledge of audit requirements (PCI, SOX, etc.)
Ability to execute on strategic requirements to mitigate risk within a global security architecture
Capacity to coordinate international cross-functional teams to fulfill long-term objectives in a timely and effective manner
THE FOLLOWING IS DESIRED, BUT NOT REQUIRED TO BE CONSIDERED FOR THIS POSITION:
Ability to perform end user education on a case by case basis.
Experience with a diversity of hardware/software/Operating Systems (Windows, Linux, server focused Operating Systems).
Ability to use one or more scripting languages (Python, Perl, JavaScript, Bash, etc.)
Exposure to object oriented development, with C++, Java, or Python Experience with Splunk as well as experience with Enterprise Security
Certified Incident Handler (GCIH)
Certified Intrusion Analyst (GIAC) with one or more of the following:
o Certified Ethical hacker (CEH)
o Certified Information Systems Security Professional (CISSP)
Networking Certifications (CCNA, etc
Additional Information
All your information will be kept confidential according to EEO guidelines.
At Philadelphia Company, we believe that technology should support and enhance your organization's success, not constrain it. With our wide range of best-in-class services, we provide customized solutions that fit your unique IT needs. We're committed to excelling at our job so you can focus on doing yours.
Job Description
Summary
We are seeking an IT Security Analyst Tier 2 for the Security Operations Center (SOC) to conduct investigations of and responses to, incidents that occur on the organization's network. This is an internal customer facing position and will require interaction with staff members. The candidate will support "The Clients" overall corporate information security mission as well as any additional SOC functions including but not limited to: Digital Forensics; Malware Analysis; Cyber Threat Intelligence; Vulnerability Assessment/Management; and Internal Stakeholder Relationship Management. The ideal candidate should work well in team dynamics; be passionate about continual self-improvement through the continual acquisition of technical skills relating to their roles and responsibilities; be self-motivated and driven to thrive in new and changing environments.
Responsibilities
Support proactive detection and analysis of security incidents.
Periodic assessment on incident trending to guide the strategy.
Network Forensic skills such as proficiency in packet-level analysis to identify threats within the network
Monitor networks for security events and alerts clients to potential (or active) threats, intrusions, and compromises
Identified information security related events/incidence and document through to resolution.
Analyze data provided from other departments/ Business Unit customers to evaluate the severity/magnitudes of events to determine if an incident occurred and formulate an appropriate and calibrated response in the event of a confirmed incident.
Responsible for understanding the global threat landscape and tracking changes in this area, as well as understanding the direct or indirect impact to the enterprise.
Conducts research and aligns response to emerging threats, including understanding the level of impact and exposure to customers (internal and external), proactively communicating to internal business units on a regular basis updates on emerging threats, and ensuring the organization has thorough detection capabilities in place for aforementioned threats.
Review third party intelligence reports to compare "The Clients" network security conditions against known/suspected threats. Craft communications and develop proactive measures to assist in defending the corporate network.
Perform analysis as needed to support routine business functions in support of project/task activities.
Perform triage of service requests from internal teams; act as a subject matter expert for advanced technology, architecture and threat-related questions from internal staff.
Have a passion for and a willingness to provide verbal and written security related advice, mentoring and education to other staff
Provide and document daily reporting metrics and may be required to present those in a verbal manor to the team and or management.
Provide after-hours On-Call Support for cyber security events.
Qualifications
THE FOLLOWING REQUIREMENTS MUST BE MET TO BE CONSIDERED FOR THIS POSITION:
Bachelor's degree in computer science or other relevant field and 2-5 years' experience in Information Technology, Networking, or equivalent combination of education and experience. Incident Response and intrusion detection (ID) experience.
Moderate knowledge of TCP/IP networking, switches, routers, firewalls, VPNs, and encryption.
Ability to work closely with members of different teams and organizations and manage the analytic process.
Strong ability to communicate: write clearly and speak authoritatively to different kinds of audiences (business leaders and technical peers)- can present complex concepts at high level, while retaining meaning and highlighting features of interest.
Experience with 3 or more of the following security areas: malware reverse engineering, threat detection development, digital forensics, penetration testing, network perimeter defense, vulnerability assessment.
The ability to cultivate technical development of junior analysts.
Educate Response Analysts on potential threats. Also work closely with Specialist teams (Hunt and Forensics)
Ability to tune existing alerting mechanisms to ensure high fidelity incident correlation
Active tracking of the cyber threat landscape and extrapolation of risk based on internal exposure
Collaborate with other teams in the Information Technology department on security risks. incidents and response.
Possess an understanding of cyber adversary motivations in the domains of cybercrime, cyberespionage, and hacktivism.
Strong understanding of security operations concepts: perimeter defense, data loss protection, insider threat, kill chain analysis, risk assessment, and security metrics
Moderate knowledge of Malicious code mechanisms of operation and associated indicators of compromise
Basic knowledge of audit requirements (PCI, SOX, etc.)
Ability to execute on strategic requirements to mitigate risk within a global security architecture
Capacity to coordinate international cross-functional teams to fulfill long-term objectives in a timely and effective manner
THE FOLLOWING IS DESIRED, BUT NOT REQUIRED TO BE CONSIDERED FOR THIS POSITION:
Ability to perform end user education on a case by case basis.
Experience with a diversity of hardware/software/Operating Systems (Windows, Linux, server focused Operating Systems).
Ability to use one or more scripting languages (Python, Perl, JavaScript, Bash, etc.)
Exposure to object oriented development, with C++, Java, or Python Experience with Splunk as well as experience with Enterprise Security
Certified Incident Handler (GCIH)
Certified Intrusion Analyst (GIAC) with one or more of the following:
o Certified Ethical hacker (CEH)
o Certified Information Systems Security Professional (CISSP)
Networking Certifications (CCNA, etc
Additional Information
All your information will be kept confidential according to EEO guidelines.