Lead SOC Analyst
The position is located in Chicago with a flexible schedule including the ability to work from home 1-2 days per week. This is a growing team and this position will have a significant role in shaping it. While not a management position, other Tier 1 and Tier 2 SOC analysts will follow your operational lead.
Responsibilities:
- Assist with response and investigation efforts
- Assist in the design, evaluation, and implementation of new security technologies
- Mentor and share expertise with junior staff
- Execute incident response processes to respond to security threats and attacks
- Create detection and mitigation rules based on indicators of compromise that align with industry threats
- Update incident response playbooks to minimize gaps in response processes
- Experience identifying, investigating, and responding to complex attacks
- Minimum of 5 years’ experience in security, 3 years Incident Response
- Experience with investigative technologies such as SIEM, packet capture analysis, host forensics analysis tools
- Understanding of threat landscape in terms of the tools, tactics, and techniques of attacks
- Understanding of networking and security fundamentals and administration of Windows, Unix/Linux, and Macintosh
- Some degree of Python competency to build and maintain scripts used to detect, investigate and remediate threats is a plus
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law. #DICE