Corporation is an American insurance company, headquartered in Northfield Township, Illinois, near Northbrook since 1967. Founded in 1931 as part of Sears, Roebuck and Co., it was spun off in 1993. The company also has personal lines insurance operations in Canada.
The Global Fusion Center - Incident Handling Level I Analyst is responsible for monitoring multiple security technologies and alert systems to engage in the detection and remediation of potential security events and incidents. The analyst will follow detailed operational process and procedures to appropriately analyze, escalate, and assist in creation of cases, basic investigations, and contribute to the enhancement of Fusion Center processes.
The ideal candidate should have Min 3+ years of security related experience in areas such as intrusion detection, incident response/handling, 24/7 SOC operations.
In addition, the ideal candidate must have the following knowledge / experience:
Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation and remediation, SIEM correlation logic and alert generation.
Demonstrated ability to analyze, triage and remediate security incidents.
Understanding of Cybersecurity principles, techniques and technologies such as SANS Top 20 critical security controls and OWASP top 10.
Knowledge of SIEM solution such as RSA Security Analytics, ArcSight, LogRhythm, QRadarr, Splunk or similar.
Must be able to manage multiple priorities simultaneously.
Moderate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)
Moderate knowledge of malware operation and indicators
Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)
Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
Programming skills in various disciplines including scripting languages is an added advantage.
Cybersecurity Incident Handling / SOC
SIEM log analysis - Investigating security incidents using logs
Time line analysis using SIEM logs
Analyzing security incidents from endpoints, email gateway, network and permiter controls
Relevant 2-3 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
6:30am to 3:30pm IST
2:30pm to 11:30pm IST