Information Technology Security Analyst

Job Title: IT Security Analyst

Location: Chicago, IL

Details: Contract with ongoing need, opportunity for direct hire, fully remote position

Pay Rate: $40.00 – 50.00/hr. with benefit inclusions

Job Summary: As an IT Security and Detection Engineer, your primary focus will be on implementing, configuring, and maintaining security detection rules and mechanisms within our on-premise and Google Cloud environments. Your expertise will contribute to our mission of safeguarding our assets and ensuring the highest level of security for our cloud infrastructure. This role requires in-depth knowledge of detection engineering, incident response, investigations, and emerging threat trends.

Responsibilities:

• Utilize the MITRE ATT&CK Framework for threat detection creation, gap assessment, and analysis.
• Implement, configure, and maintain security detection rules and mechanisms, including intrusion detection, anomaly detection, and log analysis tools, to identify and respond to security incidents.
• Play a critical role in day-to-day security operations, including monitoring, tuning, analysis, and proactive threat hunting.
• Lead incident response efforts, investigate security incidents, conduct root cause analysis, and implement corrective measures.
• Apply expertise in Kubernetes for incident response and forensic analysis.
• Develop and maintain automation scripts and tools to streamline security detection operations and response.
• Maintain comprehensive documentation of security detection configurations, incident response procedures, and investigations.
• Stay up-to-date with the latest security threats, vulnerabilities, and industry trends to proactively enhance security detection measures.

Years of Experience and Education:

• Bachelor's degree or related field experience.
• 3-5 years of related experience
• Google Cloud Professional Cloud Security Engineer certification or equivalent experience is desirable

Skills Required:

• Familiarity with the MITRE ATT&CK Framework for threat detection and mitigation.
• Experience working with Splunk Enterprise Security or similar SIEM solutions.
• Experience working with threat emulation solutions like Atomic Red Team, PurpleSharp, Safebreach, etc.
• Experience with cloud security detection tools and technologies, including intrusion detection, anomaly detection, and log analysis.
• Proficiency in scripting and automation (e.g., Python, Bash).
• Experience in incident response, investigations, and security operations.
• Proficiency in Kubernetes with a focus on incident response and forensic analysis.
• Experience with CI/CD pipelines and Test-Driven Development using Python.
• Excellent problem-solving and analytical skills.
• Strong communication and teamwork skills.
• Relevant certifications such as CISSP, GCIH, GCIA, Certified Kubernetes Administrator (CKA), or Splunk certifications are a plus.