Lead Security Analyst / Engineer - Security Operations

We are currently seeking a Lead Security Analyst/Engineer to join our Security Operations team at our corporate headquarters in Chicago, IL.  As a Senior Security Analyst/Engineer at EQR, you will be responsible for hands-on incident response following the guidelines of our Information Security Program. You’ll serve as a key member of the Security Operations team to lead the development, improvement, and documentation of our security program. You will focus on real-time security events analysis, helping to protect the organization’s electronic assets. And by relying on your knowledge and previous experience with a wide range of security areas including (but not limited to): IDR solutions, IDS/IPS, malware analysis, firewalls, and data loss prevention solutions, you’ll recommend detection, prevention and mitigation strategies to be evaluated by the greater EQR security team.

• Knowledgeable.  You have a broad-based familiarity with Security Operations with 5 to 7 years of experience as an Incident Responder. More specifically, your background includes at least 2 years of Splunk experience as well as with IDR tools, familiarity with static and dynamic malware analysis, DFIR and threat hunting methodologies is key. A solid network background is also important.
• Problem Solver. You are a creative thinker, who focuses on the problem as stated and gathers information and knowledge to achieve an appropriate solution. Your skillfulness in this area helps you determine how to quickly assess security incidents.
• Strong Communicator. Your writing and speaking skills are clear, articulate, and effective, demonstrating your ability to interact with and be understood by all levels and various teams across the organization.  In addition, you’re skilled in communicating in a non-technical manner with everyone from end users to senior management and also in a technical manner to other IT professionals.
• Organized, Efficient, and Accountable. You have a keen eye for detail and pride yourself on delivering quality work. You multitask well, re-prioritize accordingly, and meet deadlines consistently. Above all, you are flexible and able to juggle the needs of changing priorities of the business, even if that means an occasional after-hours project.
• Passionate. Motivated. Eager to Learn.  You are resourceful, ask smart questions, challenge the status quo, and regularly seek to understand. You’re willing to learn a range of business and/or technical specialties, based on organizational needs. And when a special project arises, you volunteer!
• Maintain confidentiality.  The ability to work with confidential information, while using discretion, is crucial to this position.

• Lead a team of Incident Responders.
• Investigate and document security incidents according to the security incident response policy.
• Assist with architecting firewalls changes, as well as manage IPS/IDS and web filtering technologies.
• Create actionable items out of threat intelligence feeds.
• Coordinate and execute red/blue team exercises.
• Evaluate and map risk accordingly to risk models.
• Understand and apply threat model concepts.
• Collaborate with the team to resolve fault conditions on security systems.
• Support the team on high priority and high visibility security issues.
• Mentor other less experienced Security Analysts and train peers on platform enhancements and technology changes.
• Ensure platform accessibility, software revisions, and best practices are maintained.
• Prepare ad-hoc analysis and reports as needed.
• Perform other duties and participate in special projects, as needed.

PREVIOUS EXPERIENCE

• Solid understanding of Windows Operating Systems and Windows Internals.
• 4+ years work experience in IP addressing and subnetting, routing protocols, VPN concepts, VLAN configuration and concepts and L2/L3 switching technologies.
• Experienced leading a team of incident responders
• 5+ years experience as an Incident Responder and in Security Operations.
• 4+ years of experience designing and maintaining firewall policies
• Bachelor's degree, with an emphasis in computer science or information systems preferred or equivalent experience.
• Experience maintaining highly available and highly secure networks.
• Experience with SSL decryption technologies.
• Must possess expert level knowledge with DMZ architectures.
• Well-versed in layer 2 to layer 7 troubleshooting experience.
• Exposure to major system applications and databases; Unix and Windows experience a plus!
• Excellent understanding of VMware Infrastructures.

We recognize everyone has different needs outside of work. That’s why, in addition to a competitive benefits package (medical, dental, vision and paid time off), we offer many unique options to employees, like adoption benefits and paid time off for community service projects. To learn more, view our Total Wellbeing page here.