Security Operation Engineer

Security, PowerShell, Python, Splunk, LogRhythm, QRadar, SIEM, Crowdstrike, CISSP
Full Time
$120,000 - $135,000

Job Description

***We are unable to sponsor as this is a permanent full time role***

A prestigious company is on the search for a Security Operations Engineer.  This position will be revolved around incident response and will be doing 24/7 support, monitoring, and investigation of security alerts.  This engineer will need to have experience with scripting in languages like PowerShell, Python, etc.  Also needed is experience with SIEM products like Splunk, LogRhythm, or QRadar. 

Responsibilities:

  • Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach.
  • Monitor and correlate security event log information to identify and detect anomalous activity.
  • Document and conform to processes related to security monitoring, patching and incident response.
  • Implement techniques using the most advanced technologies to hunt for the unknown threats in the environment
  • Appropriately inform and advise management on incidents and incident prevention.
  • Participate in knowledge sharing with other analysts and develop solutions efficiently.
  • Upgrade security systems by monitoring security environment; identifying security gaps, evaluating and implementing enhancements.
  • Enhance department and organization reputation by delivering quality results and exploring opportunities to increase value and raise awareness of Information Security Program.

Qualifications:

  • Bachelor’s degree required, preferably in cybersecurity or other IT-related field
  • At least four (4) years in an IT-related field or at least two (2) years working in cybersecurity required. Experience in an MSSP or SOC preferred.
  • Programming and scripting skills such as PowerShell, Python, etc. preferred.
  • Microsoft Outlook, Word, & Excel required.
  • Experience investigating security incidents using various security tools including EDR tools such as Carbon Black, CrowdStrike, or Cylance required.
  • Experience with Security Information and Event Management (SIEM) such as Splunk, LogRhythm, or QRadar including event analysis, alert generation, investigations, and reporting preferred.
  • Experience using file sandbox technology to detonate and analyze potentially malicious documents and executables preferred.
  • Experience with other security-related technologies including Intrusion Prevention/Detection Systems, Firewalls, Content Filtering Technology, Vulnerability Scanning/Management Solutions preferred

Certificates, Licensures, Registrations

  • Comptia Security+, Network+, Cybersecurity Analyst
  • GIAC Information Security Fundamentals or Security Essentials Certification
  • Certified Information Systems Security Professional (CISSP)
Dice Id : napil006
Position Id : 7405197
Originally Posted : 3 months ago
Have a Job? Post it

Similar Positions

Network Security Engineer
  • Perennial Resources International
  • Chicago, IL, USA
Cloud Security Engineer
  • Cboe
  • Chicago, IL, USA
Senior IT Security Engineer
  • Jobot
  • Chicago, IL, USA
Senior Information Security Engineer EndPoint Solutions
  • Wintrust Financial Corp
  • Rosemont, IL, USA
Network Security Engineer II
  • Ace Hardware
  • Oak Brook, IL, USA
Senior Security Sales Engineer - North Central (Remote)
  • GuidePoint Security
  • Chicago, IL, USA
Security Engineer
  • Request Technology, LLC
  • Oak Brook, IL, USA
Security Engineer
  • Request Technology, LLC
  • Oak Brook, IL, USA