Alixpartners Chicago , IL 60602
Security Operations Analyst
In this critical role on AlixPartners' Corporate Services Information Security team, you will be responsible for ensuring the confidentiality, integrity, and availability of information assets within the enterprise. This position will provide technical expertise and protection of assets by reviewing, analyzing, and implementing security controls, functions, and processes within the enterprise to support the overall information security program and other security initiatives. This position will consult with other IT staff and non-IT departments on security issues and requirements to support the security team's projects, initiatives, and operational responsibilities.
The Security Operations Analyst will work in the Security Operations Center (SOC) which provides cyber defense of information assets and manages physical security controls. SOC responsibilities include, but are not limited to, security monitoring, incident response, malware prevention, data loss prevention, threat intelligence and analysis, and physical security.
The Security Operations Analyst is a full-time role which can be located in Southfield, Michigan (preferred), Dallas, TX, Chicago, IL, or New York, NY and reports to the Team Lead, Security Operations. Position may be contract to hire. Paid relocation is not available for this position.
Administers information security controls and software such as endpoint protection, endpoint detection and response, intrusion detection/prevention (IDS/IPS), security incident and event management (SIEM), data loss prevention (DLP), and physical security systems
Responds to, investigates, and analyzes security events to determine appropriate actions
Analyzes security system logs, security tools, and available data sources on a regular basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning
Gathers information from other IT staff and non-IT staff to obtain information regarding security problems to networks, servers, endpoints, and applications.
Performs incident response activities and ensure that proper protection or corrective measures have been taken when an incident has been discovered
Expected to stay current on security industry trends, new threats and attack techniques, mitigation techniques, and emerging security technologies
Provides insight and participate in security projects to evaluate and recommend security products for various applications and platforms throughout the organization while supporting business initiatives
Assists with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOP).
Improves security efficiency and streamline/automate work processes while working collaboratively with other team members and IT staff to accomplish objectives
Participates, as needed, in critical incidents and implementation reviews
May serve as a backup to other critical security positions; Additional responsibilities as identified.
Highly motivated to work in information security
3+ years of Information Security experience; Experience working in Security Operations is preferred
Bachelor's degree in Information Technology or related field preferred; work experience and background will be considered in lieu of formal education
Desire to continuously improve processes and procedures and share information with the team
Experience with physical security technology such as door access and badging systems is a plus
Experience integrating security tools through scripting, using API's and improving existing processes through automated methods are a plus
Experience with a Security Incident and Event Management (SIEM) tool is a plus
Experience with Endpoint Security tools is a plus
Incident Response, Forensics, and Malware Analysis experience is a plus
Strong knowledge of information systems security concepts and current information security trends and practices.
Working knowledge of infrastructure security tools such as firewalls, network security monitoring, anti-malware, OS hardening, etc.
System administration and security hardening experience is a plus
Ability to work well individually and as part of a team
Effective skills to support security programs: Excellent written/oral communication and inter-personal skills with the ability to provide formal reports and presentations as required.
Strong attention to detail with the ability to prioritize tasks
Proven project management and organizational skills; successfully manages multiple priorities and deadlines
Security Certifications such as the following are a plus:
CompTIA Security+ (Sec+)
CompTIA Advanced Security Practioner (CASP)
GIAC Information Security Fundamentals (GISF)
GIAC Security Essentials (GSEC)
GIAC Certified Enterprise Defender (GCED)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Intrusion Analyst (GCIA)
This description is not designed to encompass a comprehensive listing of required activities, duties or responsibilities.
In addition to a positive workplace, the firm offers a competitive compensation package including an excellent benefit program (health, vision, dental, disability, 401K, tuition reimbursement).
AlixPartners is a global firm of senior business and consulting professionals that specializes in improving corporate financial and operational performance, executing corporate turnarounds and providing litigation consulting and forensic accounting services when it really matters in urgent, high-impact situations. More information is available at www.alixpartners.com.
All qualified applicants will receive consideration for employment without regard to among other things, race, color, religion, sex, sexual orientation, gender identity, national origin, (age), status as a protected veteran, or disability. AlixPartners is a proud Bronze award-winning Veteran Friendly Employer.