Security Analyst- Need only local to Chicago, IL- No relocation

Hi our direct client is hiring for a Security Analyst location at Chicago, IL. Please view below requirement and reply with suitable resumes

Security Analyst
Location: Chicago, IL
Experience: 5+ yrs
Skills: Nexpose, InsightVM, PrismaCloud, Checkmarx, Tableau, ServiceNow, ServiceNow Vulnerability Response Module, KnowBe4, Bitsight, Splunk, CrowdStrike
Duration: 12 Months

Job ID: R2500288

Description of the Job: We are seeking a skilled and motivated Sr. Security Analyst to join our team! The ideal candidate will be responsible for supporting the Bank's Vulnerability Management Program, Security Awareness Program, and provide hands-on support for day-to-day security operations to ensure a resilient and secure environment. The Senior Security Analyst contributes to the success of the Bank by facilitating the vulnerability management program across IT and the broader organization. This individual will apply their passion for security and technology to design and operate technical processes to operate vulnerability scanning on a regular frequency, collaborate with stakeholders on reporting needs and prioritize resolution of issues with remediation teams.

Duties: This role is mainly an additional vulnerability management program support staff resource on a team of Security Analysts. We are looking to transition our vulnerability management program process into the ServiceNow Vulnerability Response Module, which has already been configured in the environment. In the future, we will expand our vulnerability tracking and remediation efforts in the container space (EKS) and SAST space. Additional operational support duties are listed below.

Requirements:

• 2-5 years of vulnerability management experience.
• 4-year college degree in information technology, cyber security or equivalent experience.
• Security and technology certifications are preferred (Security+, Microsoft Azure, AWS, etc).
• Experience in a Windows Server environment.
• Experience with custom reporting tools such as Tableau is preferred.
• Experience with vulnerability scanning tools such as Nexpose, Qualys or Nessus.
• Excellent analytical and problem-solving skills.
• Be a clear and confident public speaker, able to tailor messaging around technical concepts to diverse audiences.
• Demonstrated experience evaluating security statistics to identify patterns and produce metrics that can be used for strategic decision making.
• Familiar with standard security best practices.
• Ability to quickly learn new processes and tools to find and manage software vulnerabilities.

Key Responsibilities:

• Identify and create process improvements to the vulnerability management program.
• Perform vulnerability scanning on a regular frequency.
• Assess vulnerability risk and applicability based on existing guidance
• Work with remediation teams to create and track plans to address discovered vulnerabilities.
• Production of metrics and custom reporting to track the effectiveness of vulnerability management efforts.
• Identify and evaluate vulnerability metrics to determine areas of concern and improvement.
• Assist with efforts to quantify and analyze areas of risk in the environment.
• Present vulnerability reporting to stakeholders.
• Creating and adhering to procedure documents.
• Perform Vendor Security and Software Risk Assessments.
• Contribute to Security Awareness efforts on an as needed basis.
• Contribute to Security Awareness efforts of Security Requests.

We are looking for additional support in the below areas:

• Review and respond to phishing emails reported by users and escalate if necessary.
• Manage and resolve incoming service requests and incidents through the ServiceNow ticketing system.
• Evaluate new technologies and solutions to ensure alignment with organizational security policies, standards, and risk tolerance before adoption.
• Review and assess SOC2 reports as part of vendor security evaluations.
• Assist in the development and facilitation of cybersecurity tabletop exercises to simulate incident response scenarios, evaluate organizational readiness, and identify gaps in existing processes and controls.

Enhancing Qualifications:

• ServiceNow Vulnerability Response Module Experience is a plus
• Familiarity of SAST, DAST, and SCA concepts from a vulnerability management remediation perspective is a plus
• Container Security experience from a vulnerability management remediation perspective is a plus
• Experience conducting risk assessments is a plus
• Data Visualization experience is a plus (Tableau)
• Experience Facilitating Tabletop Exercises is a plus
• Experience running a security awareness program is a plus (Simulated Phishing and Security Awareness Training)
• Experience performing header analysis/review of suspicious emails
• Self-starter who can work independently as well as in a team setting

Additional Skills & Qualifications

• Bachelor s degree in computer science, Information Security, or a related field.
• 3+ years of experience in a security analyst role or similar position.
• Proficiency with tools such as Nexpose/InsightVM, PrismaCloud, Checkmarx, Tableau, ServiceNow, ServiceNow [Vulnerability Response Module], KnowBe4, Bitsight, Spunk, and Crowdstrike.
• Excellent communication and presentation skills.
• Ability to work collaboratively with cross-functional teams.
• This role requires a strong understanding of security protocols, risk management, and the ability to communicate technical concepts to diverse audiences.
• Interest in understanding customer perspective to aid in development of the right solution.
• Commitment to delivering quality solutions.
• Ability to communicate technical topics to a non-technical audience.
• Interest in understanding business needs to aid in developing solutions that are right for the broader organization