Information Security Analyst

Hinshaw & Culbertson LLP

Chicago, IL

JOB DETAILS
SALARY
$130,000–$150,000 Per Year
SKILLS
Analysis Skills, Authentication, Automation, Best Practices, CISSP - Certified Information Systems Security Professional, CompTIA Security+, Computer Security, Content Filtering Software, Continuous Improvement, Documentation, Email Security, Endpoint Security, Establish Priorities, GCIH - GIAC Certified Incident Handler, ISO (International Organization for Standardization), Identify Issues, Identity Data Management, Incident Response, Information/Data Security (InfoSec), Internet Security, Legal, Multiplatform/Cross-Platform, Operational Improvement, Organizational Skills, Patient Assessment, Phishing, Problem Solving Skills, Process Improvement, Python Programming/Scripting Language, Risk Analysis, Risk Management, Root Cause Analysis, Scripting (Scripting Languages), Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Technical Operations, Technical Support, U.S. National Institute of Standards and Technology (NIST), Use Cases, Vulnerability Scanners, Windows PowerShell
LOCATION
Chicago, IL
POSTED
30+ days ago

Information Security Analyst - Hinshaw & Culbertson

My Account

Openings >> Information Security Analyst

Information Security Analyst

Summary

Title:Information Security AnalystID:731229037Department:StaffLocation:Chicago, ILSalary Range:Estimated $130K - $150K annually. The estimated salary range displayed is specifically for those applicants who will perform work in the state of Illinois if selected for the role. Benefits include medical/dental/vision/life insurance & 401(k).Salary Range Note:N/AWorkplace Type:Remote

Description

Position Summary

The Information Security Analyst is responsible for protecting the firm's systems, networks, and data through the implementation, monitoring, and continuous improvement of security controls and technologies.

This role combines hands-on security operations with technical ownership of key security tools and controls, focusing on threat detection, incident response, and control effectiveness. The analyst will work closely with IT and vendors to strengthen the firm's security posture while contributing to the evolution and optimization of the Information Security Program.

Reports to: Director of Information Security & Governance

Key Responsibilities:

Security Operations & Incident Response

  • Monitor and analyze security alerts across EDR, MDR/SIEM, email security, and identity platforms
  • Investigate suspicious activity, perform triage, and escalate incidents as appropriate
  • Execute incident response activities across the lifecycle, including detection, containment, eradication, and recovery
  • Document investigations, actions taken, and outcomes for audit and reporting purposes
  • Perform root cause analysis and recommend improvements following incidents

Endpoint, Identity & Infrastructure Security

  • Configure, maintain, and optimize security tools (e.g., endpoint protection, PAM, web filtering, identity controls)
  • Support system hardening efforts aligned to industry best practices
  • Monitor and improve privileged account usage and enforcement of least privilege
  • Assist in implementation and tuning of identity controls (MFA, Conditional Access, authentication policies)

Detection & Security Engineering Support

  • Develop and tune detection rules and alerting use cases across security platforms
  • Translate threat intelligence into actionable detection and prevention controls
  • Identify gaps in coverage and recommend improvements to detection capabilities
  • Support integration and optimization of security tools within monitoring workflows

Vulnerability & Risk Management

  • Perform vulnerability scanning and coordinate remediation with IT teams
  • Track and validate remediation efforts and escalate unresolved risks
  • Provide technical input into risk assessments and remediation prioritization
  • Assist in improving vulnerability management processes and reporting

Security Tools & Automation

  • Support the implementation, integration, and optimization of security technologies
  • Assist in developing automation to improve alert triage, response, and reporting
  • Identify opportunities to streamline operational tasks and improve efficiency
  • Maintain documentation for tools, configurations, and processes

Governance, Compliance & Collaboration

  • Support compliance initiatives and provide evidence for audits and assessments
  • Assist in responding to client security questionnaires as needed
  • Partner with IT and business teams to ensure controls are functioning as intended
  • Contribute to technical standards and support enforcement of security policies

Qualifications

Required

  • 2-5+ years of experience in information security, cyber operations, or IT security

  • Associate's or Bachelor's degree in Information Security, Information Technology, or a related field

  • Experience working with security technologies such as:

  • EDR/XDR

  • SIEM/MDR platforms

  • PAM solutions

  • Identity & Access Management (IAM), MFA, Conditional Access

  • Strong understanding of:

  • Networking fundamentals (TCP/IP, firewalls, VPNs)

  • Windows and cloud environments (Azure preferred)

  • Common attack techniques (phishing, credential theft, lateral movement)

  • Experience with vulnerability management processes

  • Ability to analyze logs, alerts, and security events

Preferred

  • Familiarity with HITRUST, NIST CSF, CIS Controls, or ISO 27001
  • Scripting or automation experience (e.g., PowerShell, Python)
  • Experience with security automation or SOAR tools
  • Experience in legal or regulated environments
  • Security certifications (e.g., Security+, CySA+, GCIH, CISSP)

Key Competencies

  • Analytical & Investigative Mindset - Strong ability to analyze alerts and determine root cause
  • Technical Problem-Solving - Ability to troubleshoot across endpoint, identity, and network environments
  • Operational & Engineering Balance - Comfortable both responding to issues and improving underlying controls
  • Incident Response Discipline - Organized and effective during security events

Apply Now

Refer to a Friend

Alternatively, you can apply to this job using your profile from Indeed by clicking the button below:

Copyright 2026 Hinshaw & Culbertson. All rights reserved.

Powered by ApplicantStack Hiring Software

Privacy Policy | Terms of Use

About the Company

H

Hinshaw & Culbertson LLP