Senior Security Analyst

Location: Chicago, IL
Salary: $100,000.00 USD Annually - $120,000.00 USD Annually
Description:
Senior Security Analyst

Location: Chicago, IL

About the Role: We are seeking a dynamic and seasoned Senior Security Analyst to safeguard and protect our organization's information systems and data from cyber threats. This role involves monitoring, analyzing, and responding to security incidents, developing and implementing security measures to prevent and reduce the impact of cybersecurity incidents. The ideal candidate will conduct vulnerability assessments, coordinate the remediation of penetration test findings, and design and plan mitigating controls. Responsibilities include implementing, reviewing, and improving security logging and monitoring, and documenting baseline standards to ensure maximum security. The ideal candidate will have a solid technical background, extensive experience in cybersecurity, and the ability to think critically and strategically about security risks.

Key Responsibilities:

• Assess, design, document, and work with IT teams to implement security controls for critical applications and systems throughout the network to meet security standards and best practice recommendations.
• Plan and schedule work with all areas of IT to ensure timely remediation of vulnerabilities based on security scans, penetration testing, or other means of threat detection.
• Conduct thorough investigations of security alerts/incidents and provide detailed reports on findings and actions taken.
• Develop and implement security policies, procedures, and best practices to protect sensitive information and ensure compliance with regulatory requirements.
• Maintain and ensure annual updates of all security-related infrastructure policies and procedures by working with respective teams.
• Perform regular security audits, risk assessments, and vulnerability assessments to identify and mitigate potential security risks and ensure the effectiveness of security controls.
• Stay up-to-date with the latest cybersecurity trends, threats, and technologies.
• Oversee team members whose duties involve reviewing email proxy phishing and spam queues, providing guidance for tuning/adjustment of rules for the email proxy as needed.
• Provide guidance for approving/disapproving Web Exception Access requests as appropriate on the Web Proxy.
• Define rules for and assist with DLP system maintenance.
• Assist third-party vendors with conducting annual penetration testing and coordinate efforts to mitigate found vulnerabilities.
• Lead incident response and assist with disaster recovery planning and execution.
• Maintain subscriptions to vendors' security/vulnerability alerts and assess and establish a response plan based on the severity and applicability of the threat.
• Participate in the recruitment and training of new team members.
• Perform other security tasks as needed.

Qualifications:

• At least 7-10 years of security work experience.
• Proficiency in conducting risk assessments, vulnerability assessments, and penetration testing.
• Strong understanding of cybersecurity compliance frameworks, standards, and best practices (e.g., NIST, HIPAA, OWASP).
• Experience configuring, maintaining, and auditing application systems security controls.
• Knowledge of system and network exploitation, attack vectors, intrusion techniques, such as phishing, denial of service attacks, OWASP Top 10 vulnerabilities, malicious code/malware, ransomware, password attacks, etc.
• Experience with Next Generation Firewalls, Next Generation EndPoint Protection products, IDS/IPS, and web application firewall technologies.
• Experience with IBM QRadar, Splunk, Tenable Nessus, Delinia Secret Server, Microsoft SCCM, and OpenSCAP or similar products.
• Knowledge of current Windows Server, Windows Workstation, Linux, VMware, and Active Directory environments.
• Knowledge of Directory Services (LDAP, AD) and Internet/Intranet architecture and design.
• Experience with Forcepoint Email Security, Web Security, and DLP products.
• Professional certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team in a fast-paced environment.
• Strong attention to detail and the ability to think critically and strategically.

Benefits and Perks:

• Full benefits package, including Paid Time Off (PTO), medical, dental, vision, 401(k) with match, robust EAP, wellness program, and much more.
• Competitive pay with annual increases.

By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.

Contact:

This job and many more are available through The Judge Group. Please apply with us today!