Jobs · Engineering · Illinois

Information Security Lead - Cyber Security and Operations

Sidley Austin LLP · Chicago, IL · 2 wk ago
HybridEngineering$140k–$180k/yrFull-time

Duties And Responsibilities

  • Provide primary support for the network security solutions, including next generation firewalls, web proxies, Cloud Access Security Broker (CASB) technologies and other network security technologies
  • Participate in and lead troubleshooting and resolution efforts for wide range of security and network related issues
  • Review and triage information security alerts, provide analysis, determine and track remediation, and escalate as appropriate
  • Proactively identify and assess security risks and works in advisory capacity for technical teams on mitigation strategies
  • Participate as a member of the Information Security Operations Team (SecOps) by responding to information security incidents according to the Incident Response Plan
  • Help build skillset of less experienced security personnel through knowledge transfer and mentoring
  • Maintain the operational integrity of the Security Operations Center (SOC) through monitoring and periodic testing of critical tools and processes
  • Contribute to the advancement of the security monitoring program through thought leadership and guidance on tools, technologies, and processes that provide automated and proactive detection and prevention
  • Develop and improve process/procedure manuals and documentation related to incident response, threat intelligence, threat detection, and analysis of vulnerabilities
  • Propose and generate metrics with emphasis on Security Operation Center (SOC) Key Performance Indicators (KPI)

Requirements

  • Required Education and/or Experience: Bachelor’s degree or equivalent combination of education and/or experience, Minimum of 7 years of experience in an Information Security role with at least two years in an incident response, threat analysis, or a security operation center role.
  • Relevant knowledge and experience in two or more of the following areas: incident response, threat analysis, malware response , security operations, Network Security/next generation firewall, proxy configuration and management
  • Demonstrated experience in threat detection technologies including two or more of the following: network or host intrusion prevention/detection systems (IPS/IDS), Endpoint Protection, Security Incident Event Management (SIEM), data loss prevention (DLP), Cloud Access Security Broker (CASB), Next-Gen Firewall (NGFW), or Multifactor-Authentication platforms (MFA)
  • Demonstrated ability to analyze security events, perform initial triage, and determine appropriate next steps
  • Demonstrated experience in security projects development, security vendor or services management, and request for proposal processes and procedures

Preferred

  • Bachelor’s degree
  • Certified Information Systems Security Professional (CISSP) or equivalent is preferred
  • One or more of the following technical certifications is preferred: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), or GIAC Reverse Engineering Malware (GREM), EC-Council Certified Security Analyst

Similar jobs

Cyber Operations Lead

Accenture Federal ServicesArlington, VA· Yesterday
Management$135k–$279k/yrapply on boards.greenhouse.io

Cyber Operations Lead

Valiant Harbor International, LLCWashington, DC· 6 days ago
Manufacturingapply on theapplicantmanager.com