Incident Response Analyst

Location: Chicago, IL
Date Posted: 03-20-2019
Job Description
 Working for a leading multi-family real estate investment trust (REIT) headquartered in downtown Chicago, means being part of a community and striving to provide the best in apartment living, speaking boldly about new ideas for innovation, and inspiring creativity in the ways we work together. Our portfolio of high-quality properties in urban growth markets – New York City, Boston, Washington DC, Seattle, San Francisco and Los Angeles – provides homes where people most want to live, work and play. We've got the best people in the business, and our experience shows in our dedication to our residents and in how much we value each other as colleagues. That’s why our employees say they are proud to work at a company that gives our residents a place where they can live remarkably and offers a culture where our employees to have the opportunity to make their mark.
 
We are currently seeking a Security Analyst to join our IT team at our corporate headquarters in Chicago, IL. As a key member of the Security Operations team, you will support our production environment, protecting it from the latest information security threats. You will be responsible for executing documented cyber threat management processes with a focus on real-time security events analysis to protect the organization electronic assets. Utilizing your experience as part of a security incident response and security engineering team, as well as your initiative, drive, and creativity, you will research the latest security threats and vulnerabilities in order to identify weaknesses and exposures.
 
Tasks and responsibilities
  • Document and investigate security incidents according with the security incident response policy.
  • Execute daily incident response processes and checklists.
  • Manage the IR incidents lifecycle.
  • Create actionable items out of threat intelligence feeds.
  • Participate in red team blue team exercises.
  • Perform research and data analysis of possible security events to proactively identify and communicate status.
  • Resolve service impacting events to restore service as quickly as possible and provide root cause analysis to address future situations.
  • Support the team on high priority and high visibility security issues.
  • Ensure platform accessibility, software revisions, and best practices are maintained.
  • Prepare ad-hoc analysis and reports as needed.
  • Provide weekend and after-hours support as required; at times, this position will require 24/7 availability to support operations, based on business needs.
  • Perform other duties and participate in special projects as needed.
 
Required skills, abilities, and certifications
  • 2+ years of experience as part of a security incident response and security engineering team
  • Bachelor’s Degree in Computer Science, related area or equivalent experience
  • At least 1 years of Splunk experience writing searches
  • Familiar with malware analysis processes; threat intelligence activities including the collection of IOCs and tracking threat actors; digital forensics incident response; and threat hunting methodologies
  • Experience with Sourcefire IPS/IDS systems, Symantec DLP Solution and Bluecoat Web Filtering and SSL decryption technologies
  • Minimum 1-3 years of experience in IP addressing and subnetting, routing protocols, VPN concepts, VLAN configuration and concepts and L2/L3 switching technologies
  • Solid understanding of DMZ architectures
  • Good layer 2 to layer 7 troubleshooting experience
  • Exposure to major system applications and databases, Unix and Windows experience a plus
  • Good understanding of VMware Infrastructures; Windows Server and Desktop knowledge
  • Must demonstrate strong analytical and problem solving skills, as well as proven project management and organizational skills — specifically managing multiple concurrent projects
  • Process orientated with the ability to clarify objectives, evaluate options, consider implications, assess risks, and make key decisions
  • Ability to convey network concepts and issues to both technical and non-technical audiences
  • The candidate should have a demonstrated ability to write with clarity and accuracy, and consistently delivers conscientious, thorough, and accurate analysis
  • Extremely detail oriented and well-organized, with an exceptional ability to plan work effectively and multi-task as appropriate
  • Team player that demonstrates flexibility and the ability to integrate and work well with others
 
Preferred Experience
  •  Knowledgeable.  You have a broad-based familiarity with Security Operations including 2 years of experience as an Incident Responder. More specifically, your background includes at least 1 year of Splunk experience writing searches, familiarity with malware analysis processes, Digital Forensics Incident Response and threat hunting methodologies. A solid network background is also important.
  • A Problem Solver. You are a creative thinker who focuses on the problem as stated and gathers information and knowledge to achieve an appropriate solution. Your skillfulness in this area helps you determine how to quickly assess security incidents.
  • A Strong Communicator. Your writing and speaking skills are clear, articulate, and effective, demonstrating your ability to interact with and be understood by all levels and various teams across the organization.  In addition, you’re skilled in communicating in a non-technical manner with everyone from end users to senior management and also in a technical manner to other IT professionals.
  • Organized, Efficient, and Accountable. You have a keen eye for detail and pride yourself on delivering quality work. You multitask well, re-prioritize accordingly, and meet deadlines consistently. Above all, you are flexible and able to juggle the needs of changing priorities of the business, even if that means an occasional after-hours project.
  • Passionate. Motivated. Eager to Learn.  You are resourceful, ask smart questions, challenge the status quo, and regularly seek to understand. You’re willing to learn a range of business and/or technical specialties, based on organizational needs. And when a special project arises, you volunteer!
  • Trustworthy and Discerning. The ability to work with confidential information, while using discretion, is crucial to this position.
this job portal is powered by CATS