Job Summary
A publicly-held property and casualty insurance provider has an open position for a Telecommute Level 2 Incident Handler in Northbrook.
Core Responsibilities of this position include:
- Being part of the core investigation team that performs security investigations and trains/mentors Level 1 Incident Handlers
- Performing security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation
- Analyzing, triaging and remediating security incidents
Must meet the following requirements for consideration:
- Moderate knowledge of networking fundamentals (TCP/IP, Network Layers, etc)
- Moderate knowledge of malware operation and indicators
- Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
- Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc)
- Moderate protocol analysis experience (Wireshark, tcpdump, Netwitness, Snort, Bro, etc)
- Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc)