Previous Job
IT Security Engineer
Ref No.: 18-03235
Location: Chicago, Illinois
Position Type:Full Time
Pay Rate : $ 110,000.00 - 120,000.00 /Year
  • Leads Vulnerability Management program and personnel
    • Monitors and manages analyst(s) and program performance
    • Tests future workflows as capabilities and use cases continue to be implemented
    • Receives feedback from KPI reports
  • Acts as "super-analyst” only as resources or response requires
    • Resolves issues in the event of conflicting findings between analysts or between IS and analysts
    • Bridges any gaps between analysts, IS, Risk Management, and upper-level management
    • May conduct some Analyst tasks, running reports, prioritizing and assigning remediation requests and overseeing remediation process
  • Provides training of solutions and tools as needed as subject matter professional
    • Organizes training for analysts
    • Serves as conduit between solution providers and resources as needed for analysts to be successful
  • Creates scheduled reports containing analysts' data for upper-level management and CISE
    • Reviews service metrics and KPI reports compiled by analysts
  • Addresses need for process or workflow changes with sufficient evidence from analysts
    • Incorporates analyst-identified input to improve tactics or tools
    • Collaborates with analysts to compile data to propose tactical or operational change
  • Assesses vulnerability scan results
    • Assess prioritized scan results to ensure accurate completion of scan
    • Draft risk analysis/tickets identifying top priorities for remediation
  • Bachelor's degree appropriate to Cybersecurity discipline or equivalent combination of education and experience.  Related certifications (e.g., CISSP, CISM, CISA, OSCP) preferred
  • 4 – 7 years of combined IT and Security work experience with a broad range of exposure to business/systems analysis, and Security assessments
  • Experience in leading Risk/Vulnerability Management projects/teams
  • Experience and knowledge of one of the major Vulnerability Management tools:
    • Rapid7 Nexpose (preferred)
    • Nessus
    • Qualys
  • Experience In one or more of the following:
  • Successful implementation of business relevant measures of Information Security effectiveness
  • Effective leadership of security incident investigation and resolution
  • Design/enhancement of Vulnerability Management processes
  • In-depth knowledge of one or more Information Security frameworks (HIPAA, PCI, etc.) and industry best practices
  • Familiarity with Information Security governance, risk, and compliance best practices and tools
  • Certification or courses: CISSP, GSEC, GCWN, GCED or CEH a plus
  • Experience in delivering formal presentations
  • Excellent verbal and written communication skills