A great opportunity at an industry leader! Medline's growth has hit double digits for 53 of the past 54 years, and we're still growing. And we're again named a Chicago Tribune Top Employer. Doesn't this look like the type of organization you'd want to be a part of? Check us out.
Description: The IT Security Threat Analyst (aka Threat Hunter) performs a wide variety of security duties with a primary focus on threat actor based investigations, creating new detection methodology and providing expert support to incident response and monitoring functions. The Threat Hunter will leverage data analysis, threat intelligence, and cutting-edge security technologies to proactively detect security incidents that may evade automated security systems. This position requires a high degree of technical skill, initiative, creativity, and the employee to stay current with new and emerging trends, theories, standards, and technologies.
(This position is a hybrid remote work position. While most work can be done remotely, attendance in the Mundelein, IL corporate office may be required on short notice. Individuals must be located within a reasonable commute distance to accommodate).
Duties and Responsibilities:
Hunt for and identify threat actor groups and their techniques, tools and processes
A passion for research, and uncovering the unknown about internet threats and threat actors
Participate in %26quot;hunt missions%26quot; using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors on Medline%26rsquo;s networks.
Provide analytic investigative support of complex security incidents.
Perform analysis of security incidents for further enhancement of alert catalog
Continuously improve processes for use across multiple detection sets for more efficient operations
Review alerts generated by detection infrastructure for false positives and modify alerts as needed
Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc
Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
Document and manage incident cases in our case management system
Keep up-to-date with information security news, techniques, and trends
COVID-19 Vaccination Please be aware that Medline requires all employees starting in this position to be fully vaccinated against COVID-19. This position will require the successful candidate to provide proof that they are fully vaccinated by their start date. Medline is an equal opportunity employer, and will provide reasonable accommodations to those individuals who are unable to be vaccinated for COVID-19 consistent with federal, state, and local law. Required Skillsets:
Bachelor%26rsquo;s degree in Information Security, Cyber Security, Computer Science, Information Technology, or equivalent job experience with certifications
Minimum 1 year of Cyber Threat Hunter experience and 2+ years of experience in other mid-level security roles such as Incident Response, SOC Analyst, Penetration Tester, or related security roles
Advanced knowledge and experience in Information Security required
Strong communication skills, written and oral
Experience with SIEM
Experience with End Point Data Protection
Experience with software vulnerabilities & exploitation
Experience with data analysis
Experience with malware analysis preferred
Experience with APT/Crimeware ecosystems preferred
Experience with exploit kits preferred
Experience with any open-source security software (Kali Linux, Metasploit, Burp Suite, Nmap, etc.)
Bonus if you have: Experience with SOAR solutions (IBM Security SOAR, Phantom, Dimesto, etc.) Skill in interacting with various platform APIs to retrieve and manipulate data