Messina is searching for a Senior Cyber Security Analyst for our client in Rosemont, IL. 
The Sr. Cyber Security Analyst is responsible for managing threats and vulnerabilities in target systems, networks, and applications at an enterprise level. This role is tasked with deploying and operating tools used to identify and mitigate cyber risks across all systems used by our client. The Sr. Cyber Security Analyst classifies flaws and weaknesses of IT both on-premise and cloud-specific assets that can be exploited to cause business disruption and provides crucial insights into the most pressing security issues with recommendations on how to mitigate those issues. 

This role is also responsible for partnering with the managed security services partner in the operation and maintenance of information security systems, frequent review of security logs, security project support, compliance monitoring, incident response, and vulnerability management. The ideal candidates will be able to work effectively in a fast-paced setting, bring a fresh perspective to the Security program and be passionate about protecting, defending, and responding to information security-related events. 

This role does not require to be on-site.

Responsibilities Include:

• Manages processes responsible for the analysis of and response to security threats (malicious code, indicators of compromise, hacker profiling, zero-day exploits, OEM weaknesses, intrusion logging, etc.) in order to proactively prepare for security events.
• Manage security controls such as phishing defenses, endpoint detection and response, intrusion detection, and SIEM.
• Response to and triage of level 3 threat alerts sent from MSSP level 1 and 2 analysts, monitor industry resources, threat intelligence, and observe new technical developments, intruder activities, and related trends to help identify threats to the business.
• Conduct vulnerability analysis using vulnerability analysis tools, threat intelligence, as well as agency and industry resources for the latest vulnerabilities and exploits and use a risk-based approach to qualify threats and develop mitigation strategies.
• Lead incident handling processes, e.g. incident discovery, analysis, and verification, incident tracking, containment and recovery, incident response coordination, and notification.
• Perform malware analysis, forensics, and threat modeling.
• Prepare companywide security advisories and security information bulletins.
• Develop and document standard operating procedures (SOP) and compile incident reports.
• Proactive monitoring and response of known and or emerging threats against the network and endpoints.
• Perform complex data analysis in support of security event management processes.
• Provide event and anomaly detection which requires long-term analysis and deep-dive investigation into internal systems and network activity.
• Provide analysis and information gathering to provide situational awareness and actionable intelligence.
• Strives for continuous improvement and makes recommendations to further mature the security program.
• Participates cross-functionally across IT and business tiers to provide consultation on complex security issues.
• Perform web application vulnerability scanning, detection, assessment, and mitigation.
• Monitor and configure Intrusion detections and prevention systems operations.
• Maintain information security operational metrics (i.e. # of incidents, types of incidents, etc.).
• Takes a leadership role in overseeing security issues, projects, and risk management across the enterprise.
• Partners with key functions (IT, Legal, HR, Finance, and Product) to manage risk across the enterprise.
• Uses data to make risk-based decisions and leverages skills and experiences to efficiently problem solve.

Education and Experience: 

Required: 

• Bachelor’s Degree in MIS or Computer Science preferred, or relevant concentration.
• Minimum of 5-7 years of overall cybersecurity and compliance management experience including triaging security and intrusion events.
• Minimum of 5-7 years of IT Security Testing (e.g., penetration testing, web application security assessments, vulnerability assessments and technical security assessments.
• Minimum of 5-7 years of cloud, endpoint, server, database, application and network security hardening experience (e.g., design, recommend and implement security hardening technical controls).
• Possess one or more of the following certifications: CISSP, CISM, CEH, GWAPT, GPEN, GCWN, GCUX, or OSCP.
• Strong understanding of SIEM, EDR, Threat Intelligence, and IDS technologies.
• Experience in analyzing logs to correlate threats and adversarial activity.
• Experience with and comprehensive knowledge of networking (routing, firewalls, load balancing, etc.) and network traffic analysis.
• Strong analytical, documentation and communication skills.
• Strong understanding of endpoint (OS), identity (AD), cloud (Azure, Google, AWS), and application (ERP, CRM, Web) technologies.

Preferred:

• Core understanding of CCPA, GDPR, and other data privacy regulations.
• Third party risk assessment analysis and review.
• Legal contract reviews related to cyber security protections with external entities.
• Phishing training and awareness programs.
• Leading efforts to develop BIA, BCP, and DR plans.

• Gym / Health Club / Fitness Membership
• Paid Holidays / Vacation
• Education/Training/Tuition/Certification Reimbursement
• Flex-Time / Flexible Schedule
• 401K/Profit Sharing