Location: Chicago, IL
Duration: 6 Months
- The Business Protection Consultant III will be a member of the Detection and Response team focusing on enhancing monitoring, anomaly hunting and incident response capabilities.
- Improve visibility into E-W traffic and remediate network monitoring blind spots
- Collaborate with infrastructure teams and third party vendors on network tap configuration
- Architect and implement network security sensors in high risk locations
- Work with infrastructure teams on enhancing egress traffic filtering
- Advance database activity monitoring
- Work with a vendor on enhancing existing detection capabilities
- Develop high fidelity alerting
- Assist internal SOC with creating SOPs for investigating and responding to alerts
- Configure security tools to tap into web traffic monitored by proxies
- Expand decrypted web traffic, traffic analysis
- Perform functionality testing and document findings
- BS degree in Computer Science, MIS, Computer Engineering or equivalent work experience
- Proficient in using Linux flavor operating systems
- Experience in packet capture and logs analysis
- Hands-on experience implementing and maintaining security solutions such as: firewalls, proxies, email filters, network taps,
- IDS, sandbox, SIEM etc.
Preferred Basic Qualifications:
- Knowledge and understanding of security principles, computer architecture, network security, authentication and security protocols, cryptography, and application security.
- Understanding of TCP/IP communications and knowledge of how common protocols and applications are implemented including HTTP/S, DNS, SSH, SMB.
- General undersigning of cyber-attack techniques and procedures.
- Knowledge of common application vulnerabilities and countermeasures.
- Experience in protecting Database servers using Database
- Activity Monitoring solutions
- Ability to automate tasks using scripting or programming is a plus.
- Red team or blue team experience is a plus.