Threat Investigation Analyst

at Sentinel Technologies, Inc. in Downers Grove, Illinois, United States

Job Description

Threat Investigation Analyst

Job ID 
2024-4446  

Type 
Regular FTE
Responsibilities

The Threat Investigation Analyst is a key member of the Threat Operations Team and will be responsible for executing security investigations and response procedures to protect computer systems, networks, and data. This person will act as a first responder to cyber incidents. They investigate and communicate about cyber threats and then implement changes to protect our customers' environments. Your ability to analyze real logs, traffic, and associated artifacts and make determinations on malicious or benign traffic will be critical in this position. This is a 3rd shift role working Sat/Sun with 2 weekdays. This is a full-time position that can be remote but must provide occasional onsite support to our Downers Grove, IL office.

Qualifications

2+ years of experience as a key member of a security operations team (SOC, Incident Response, Threat Intel, Malware Analysis, IDS/IPS Analysis, etc.) is required
The candidate must meet and uphold CJIS requirements
Act as a first responder in triaging and investigating security alerts in an enterprise environment
Perform necessary correlation and research to make a determination and escalation of activity based on current knowledge and best practices
Escalate to higher tier team members when complexity or knowledge gaps dictate
Assist in ad hoc investigations where required
Customer-first mindset with strong written, verbal, and interpersonal communication skills along with the ability to work in a highly collaborative environment as this is a customer facing role
Strong ability to translate technical concepts and information into a form easily consumed by non-technical stakeholders
Strong ability to self-direct, learn new things, think creatively, and adapt to new requirements
Demonstrated strong initiative to proactively research new threats and stay current with the industry threat landscape and ability to translate that knowledge into practical application
Confident analyzing real traffic and associated artifacts: malicious, normal, and application traffic; and demonstrated ability to differentiate malicious traffic from false positives
Comfortable creating queries in Splunk to search across data sets
Understanding basic network protocols and traffic flow in an enterprise environment
Strong adherence to defined workflow and processes
Understanding of complex Enterprise networks (EDR, routing, switching, firewalls, proxies, etc.) including previous MSSP experience
Demonstrated knowledge of common/emerging attack techniques
Experience in SIEM, network, and/or host-based analysis and investigations
Strong knowledge in operating systems and their architectures and system internals
The candidate must have a car, as this position requires travel between location and the transportation of equipment
A valid driver's license and proof of vehicle insurance will be required
Legally authorized to work in the US without sponsorship
Must demonstrate a "can-do" attitude
We focus on candidates that display our "ACE" factor - Attitude, Compassion, and Enthusiasm to deliver quality solutions with exceptional customer service.

What you get:
We offer an energetic work environment with many corporate culture amenities, competitive salary, and rich benefit plan including: Medical, Dental, Vision, 401K, 529, Life Insurance, Income Protection Short and Long-Term Disability, Medical and Child/Elder Care, Flexible Spending Account Plans, Employee Assistance Program, Two weeks vacation, additional paid time-off for Personal and Sick, certification and hands-on training, and discounts for local event entertainment and health clubs. 

Overview

MOTIVATED.....make IT happen!

Sentinel Technologies, Inc. has been rated a top workplace every year since 2012!
About Us:
Sentinel delivers solutions that can efficiently address a range of IT needs - from security, to communications, to systems & networks, to software applications, to cloud and managed services; all of which include our staffing solutions for our clients. Since 1982, Sentinel has grown from providing technology maintenance services to our current standing as one of the leading IT services and solutions provider in the US. We have aligned with many of today's global technology leaders including Cisco, Dell, VMware and Microsoft. Sentinel services customers both nationally and internationally with primary support operating centers in Downers Grove (HQ), Chicago, and Springfield, IL; Phoenix, AZ.; Detroit, Lansing, and Grand Rapids, MI; Milwaukee, WI; Denver, CO; and Fort Lauderdale, FL.

If you are MOTIVATED... you can make IT happen at Sentinel. Our commitment to our employees is to create a work environment that encourages creativity, an entrepreneurial spirit, fosters growth through certification and hands-on training, and values a... For full info follow application link.