Senior Associate, Information Security Analyst
Location:
Riverwoods , Illinois
Posted:
September 11, 2017
Reference:
P169884
The Discover Security Intelligence & Incident Response Team (SIIRT) is looking for qualified security analysts to join our ranks. Comprised of several sub-teams, Discovers SIIRT group oversees all information security detection, response, and intelligence efforts for the enterprise.SIIRT currently has an opening on one of our newest teams, SIIRT Logic, Design & Instrumentation (SIIRT-LDI). This highly specialized team of skilled analysts serves as experts in creating detective tools and logic for our Security Operations Center (SOC) and related enterprise teams. Our primary mission is to enable our analysts to efficiently find, triage, and analyze potential security incidents and related items of concern. To achieve these goals, we have a wide variety of tools, techniques, and datasets at our disposal. We utilize an innovative blend of commercial and home-grown solutions to ensure the best possible tools are deployed to meet our analysts needs.As we continue to build out our detective tools and capabilities, were looking for talented, self-motivated, and experienced professionals who have a strong passion for designing and deploying solutions to hunt down and identify anomalous and malicious activity. Were interested in people who enjoy being challenged on a daily basis to stay one step ahead of an ever-changing landscape of threats and adversaries. Whether youre a seasoned SOC analyst or a security engineer in search of a unique and exciting challenge, were looking for new team members to join us in guarding our enterprise as the last and ultimate line of defense. Responsibilities Include:
  • Building and maintaining custom security detection logic to analyze and correlate information to produce meaningful, actionable results
  • Full-lifecycle development and support of home-grown security tools and solutions
  • Tuning of rules, filters and policies for detection-related security technologies to improve accuracy and visibility
  • Creation of visualizations and telemetry to accurately depict operational status and increase situational awareness
  • Integration and upkeep of various datasets to ensure information in logs is accessible and data quality is maintained
  • Data mining of log sources to uncover anomalous activity, along with related items of interest
  • Maintaining documentation of tools, logic, policies, and procedures
  • Acting as a representative of the team for larger company projects and initiatives
Required Qualifications:
  • 5 years work experience, 3-5 years of experience in Information Security, preferably as a SOC analyst or security analyst/engineer in a related position
  • Prior experience detecting, analyzing and/or responding to security incidents
  • Hands-on experience with common security technologies (SIEM, IDS, Firewall, WAF, etc.)
  • Mastery of knowledge of common security threats, attack vectors, vulnerabilities and exploits
  • Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies
  • Working knowledge of common operating systems and basic endpoint security principles
  • Knowledge of common networking services and protocols
  • Exceptional organizational abilities and attention to detail
  • The ability to think creatively to find elegant solutions to complex problems
  • Excellent verbal and written communication skills
  • The desire to work both independently and collaboratively with a larger team
  • A willingness to be challenged along with a strong appetite for learning
Preferred Qualifications:
  • Experience with big data platforms (Splunk, Hadoop, etc.)
  • Rudimentary knowledge of data science, data visualization, mathematics, and/or statistics
  • Previous experience creating tools and interfaces for a security operations team
  • Programming experience (Python, Javascript, etc.)
  • Prior information security experience in a large-scale enterprise
  • Expert knowledge of database monitoring and security
Preferred Certifications: CISSP, GIAC (GCIA, GCIH, GSEC, GPEN, GREM, etc.), OSCP, CEH, etc. Education: Bachelors Degree in Computer Science, Information Security or related/equivalent educational or work experience
Skills
Building and maintaining custom security detection logic to analyze and correlate information to produce meaningful, actionable resultsFull-lifecycle development and support of home-grown security tools and solutionsTuning of rules, filters and policies for detection-related security technologies to improve accuracy and visibilityCreation of visualizations and telemetry to accurately depict operational status and increase situational awarenessIntegration and upkeep of various datasets to ensure information in logs is accessible and data quality is maintainedData mining of log sources to uncover anomalous activity, along with related items of interestMaintaining documentation of tools, logic, policies, and proceduresActing as a representative of the team for larger company projects and initiatives
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

A little about us:
Discover is one of the most recognized brands in U.S. financial services. We’re a direct banking and payment services company built on a legacy of innovation and customer service.

Know someone who would be interested in this job? Share it with your network.