Cyber Security SME

Role: Cyber Security SME

Location: Chicago, IL- Onsite

Duration: 12+ Months

Job Description:

Expertise in cybersecurity solutions like SOC, MDR, SIEM, SOAR, DAM, etc.

Configure rules for real-time alerting in SIEM tool for events, analytic rules, automation rules, hunting queries & Playbook.

Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide defensive action to locate and prevent threats.

Knowledge of 3rd party tools Crowdstrike, LogRythem, Netspoke, Semperis, Illumio

Identity and Access Management RBAC, Conditional Access Policies, Active Directory ID, PIM/PAM, Active Directory Connect, AD FS, ID Protection, MFA

Security monitoring includes log aggregation/centralization, correlation, and alerting of security events and incidents.

Participates in the incident response and investigation process.

Knows about network architecture and protocols like TCP/IP, HTTP, etc.

Security Services - Security Operation Center, Key Vault, Log Analytics, Monitor

Apply and implement cloud security technologies.

Review existing cloud security measures and processes.

Implement security as a core part of all design and development of the client s cloud solutions.

Recommend best practices based on leading industry insights.

Map security controls to compliance requirements for cloud environments.

Provide incident response support as a key stakeholder.

Identify, triage, and remediate security detections and anomalies.

Work creatively and analytically in a problem-solving environment