Chicago, Illinois | Direct Hire
Location: Downtown Chicago, IL
Salary: $140,000-150,000 + Bonus + Benefits
Interview: Zoom + F2F
They are looking for someone who understands Server & Network Infrastructure within the framework of Security.
The Security Engineer is responsible for managing the day-to-day cybersecurity operations. The role includes strong collaboration with internal IT teams to ensure that their systems and software are protected from cybersecurity risks.
This hands-on role will help design, implement, and support the security technologies deployed by the firm. This includes identity access and patch management, endpoint security, vulnerability management, firewalls, IPS/IDS, data loss prevention, security information and event management, encryption, and cloud-based security controls.
This position will also work closely with the firm’s managed security service provider (MSSP).
This is a hands-on technical position best suited for a professional with security engineering and operations experience.
- Implement and execute an ongoing screening/testing/maintaining of the enterprise’s security program for vulnerabilities, including existing systems, audits, and any new processes/software introduced (including Cloud Security, SIEM, Endpoint Protection, DLP, Vulnerability Management, Privileged Access, Firewalls/VPN)
- Evaluate, implement, and maintain security products/solutions with a focus on automation
- Respond to alerts, troubleshoot, and resolve problems in a timely manner with a specific focus on security events, threat alerts, and vulnerability management.
- Maintain all security systems and their corresponding or associated software, such as firewalls, intrusion detection/prevention systems, vulnerability management, SIEM, and anti- virus software.
- Provide oversight of MSSP’s vulnerability scanning and remediation process, onboard new log sources, and provide the leadership team with a dashboard view of security events.
- Manage and maintain systems and infrastructure that are not in compliance or are missing updates
- Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance
- Assist with performing remediation’s based on audit requirements and identified gaps.
- Prepare supporting documentation as necessary to satisfy regulatory and insurance requirements
- Detect and remediate new security vulnerabilities, apply security system updates, and manage security certificate renewals
- Conduct internal security reviews, threat hunting, and training exercises.
- Research and review new threat vectors, develop detections and preventions
Education and Experience
- Bachelor’s degree in Computer Science or equivalent
- 3-5 years’ experience in an information security-related role, such as security analyst
- Experience with security monitoring, detection and response / SIEMs (e.g. Sumologic)
- General understanding of threat modeling, risk prioritization, and technical security measures
- System administration skills (Win/Mac, Windows Server) and scripting capabilities
- Excellent planning, organizational, implementation, and follow-up skills required
- Proven experience with automation
- Highly analytical with excellent problem-solving ability
- Strong vendor management skills
- Passionate about security with strong desire to learn and grow