Previous Job
Infrastructure Management - Infrastructure & System Manager
Ref No.: 18-07016
Location: Downers Grove, Illinois
Start Date: 07/27/2018
Job description:

A: Must Skills
• Excellent analytical, problem-solving and decision-making capabilities
• Excellent verbal, written and presentation communication skills
• Experience in managing multiple projects, deadlines, and resources
• Broad experience working in and/or supervising security operations
• Experience working in a geographically diverse and fast-paced environment
• Understanding of current information security challenges and solutions; industry trends
• Experience leading cross functional teams, preferably as part of a global team
• Extensive knowledge of security devices such as firewalls, intrusion detection systems, AV systems, spam systems, event correlation devices, log file analyzers etc.
• Understanding of ever-evolving Security information such as Threat Intelligence, IT vulnerabilities, Compromise methodology, and Indicators of Compromise.
• Ability to explain findings to non-technical professionals and management and be able to work under pressure in time of critical or emergency situations with attention to detail and accuracy

B: Plus Skills

• Master-Level understanding and hands-on experience in SIEM concepts such as correlation, normalization, aggregation and parsing.
• Master-Level understanding of Cyber Security Operations, Incident Response processes
• Master-Level understanding of enterprise logging standards, with a focus on application logging
• Master-Level understanding of regular expressions and development of custom Parsers in SIEM
• Master-Level in Intrusion Detection Systems and Analysis tools.
• Experience in performing vulnerability assessments and penetration tests. Ability to administer the operations of a security infrastructure.
• Extensive experience in creating reports, rules, alerts and dashboards in SIEM.
• Knowledge of networking, web related protocols, SIEM best practices, processes and workflows.
• Experience in Mobile Device protection
• Experience in integration of email security on widely accepted email platforms

C: degrees, certifications/training
• Bachelor's/Master's Degree in Computer Science, Data / Information Technology, Engineering or similar
• Global Exposure of Information Security Experience with Professional Security credentials such as: GIAC, CISSP, CISM, CISA, CCNA Security, MCSE, MCP or CEH
• Sound understanding of IT Service Management disciplines in line with IT industry standards and best practices, e.g. ITIL process experience

D: Industry expertise
• 8-10 years hands on IT security experience with Security Incident Management and Security Operations (SIEM technologies, AV, IDS, IPS, Vulnerability Management)

E: Detailed job responsibilities
Activities may include:
• Collaborate with other information security and IT professionals to develop and implement innovative strategies for monitoring and preventing attacks.
• Lead team to conduct proactive monitoring, logging and alerting to analyze, correlate, and respond to cyber-attacks, threat intelligence and ability to define Risk and Compliance Dashboards.
• Conduct research on emerging information security threats.
• Develop programs and scripts for various security initiatives.
• Create technical documentation around the content deployed to the SIEM.
• Collaborate with SIEM engineers to develop specific content necessary to implement security use cases and transform into correlation queries, reports, rules, alerts from Checkpoint Firewalls, Security IDS, Symantec Enterprise Protection, etc.
• Execute content management and change management procedures.
• Identify emerging threat actors and track existing actors as their tactics, techniques and procedures (TTP) evolve.
• Participate in after-hours on-call for Critical incident management.
• Participate in technology remediation efforts through cross functional teams & across business units.
• Collaborate with team to have configuration, testing, integration tasks related to SIEM platform. Perform and guide forensic analysis in response to security incidents. Plan for live incident response (reactive and proactive incident management) by identifying and remediating malicious applications and compromised infrastructure components.
• Understand Network, Wireless, Mobile Device, and Wan/Lan infrastructure device architecture and associated Security integration for proactive Threat Management.
• Perform threat and vulnerability assessments and provide subject matter expertise on appropriate threat mitigation.
• Supports and mentor's other members of the team. Help to troubleshoot issues with log sources or systems with vendor, and report system defects as needed.