ActiveCampaign is one of the fastest growing tech companies in Chicago revolutionizing marketing automation. Our software allows all of our users, the power to make smarter business decisions based on data-driven analytics.

At ActiveCampaign product is at our core and drives our business, and we’re looking for a self-motivated Incident Response professional who understands the value of trust. Our customers trust us with their data and we are committed to continuously finding innovative ways to ensure that we are transforming, processing, and storing that data securely. The ideal candidate will have be passionate about proactive threat hunting and leave no log unturned. They will strive to create visibility across the organization by creating custom dashboards that depict network anomalies providing unquestionable value. A person who believes a comprehensive Incident Response program that reduces the overall threat landscape of an organization.

If that sounds like you, we should chat!

What your day could consist of:

• Organize and monitor log aggregation and SIEM technologies, to ensure all systems and applications are properly logging and examined for signs of abuse or IOCs
• Research open source intelligence sources for additional IOCs to integrate into SIEM technologies
• Investigate potential security incidents and serve as initial incident responders
• Create dashboards and custom queries to search for suspicious activity or research known incidents
• Maintain Monitoring and Incident Response policies, procedures and documentation of investigations
• Manage internal communications and escalations for any ongoing investigations
• Perform table top exercises simulating escalations with senior leadership

What is needed:

• 3-5 years experience in an Incident Response role
• Strong knowledge of MacOS and/or Linux system internals
• Familiarity with AWS, or experience working in an AWS environment
• Experience with forensics, binary analysis and/or examining network traffic
• Experience with large-scale log aggregation and SIEM technologies, such as ELK, Sumologic, or Splunk
• Ability to identify malicious behavior and emerging threats via log analysis
• Experience documenting investigations into suspicious events
• Scripting or programming capabilities for automation and API integrations

We continually invest in our employees and offer comprehensive benefits including 100% coverage of your medical premiums and 50% for dependents, open vacation policy, fully paid maternity and paternity leave, 401k matching, catered lunches every day in a kitchen stocked with snacks and fresh fruit, free CTA or Metra passes, and a DIVVY bike membership (to name a few). At ActiveCampaign, we are committed to maintaining a culture that is inclusive and diverse. Our colleagues foster an environment that is warm, supportive, and helpful where we treat each other exceptionally well. We are looking to add curious, driven, and creative individuals to our team who are ready to grow with us!