$130,000–$150,000 Per Year
Analysis Skills, Authentication, Automation, Best Practices, CISSP - Certified Information Systems Security Professional, CompTIA Security+, Computer Security, Content Filtering Software, Continuous Improvement, Documentation, Email Security, Endpoint Security, Establish Priorities, GCIH - GIAC Certified Incident Handler, ISO (International Organization for Standardization), Identify Issues, Identity Data Management, Incident Response, Information/Data Security (InfoSec), Internet Security, Legal, Multiplatform/Cross-Platform, Operational Improvement, Organizational Skills, Patient Assessment, Phishing, Problem Solving Skills, Process Improvement, Python Programming/Scripting Language, Risk Analysis, Risk Management, Root Cause Analysis, Scripting (Scripting Languages), Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Technical Operations, Technical Support, U.S. National Institute of Standards and Technology (NIST), Use Cases, Vulnerability Scanners, Windows PowerShell
Information Security Analyst - Hinshaw & Culbertson
My Account
Openings >> Information Security Analyst
Information Security Analyst
Summary
Title:Information Security AnalystID:731229037Department:StaffLocation:Chicago, ILSalary Range:Estimated $130K - $150K annually. The estimated salary range displayed is specifically for those applicants who will perform work in the state of Illinois if selected for the role. Benefits include medical/dental/vision/life insurance & 401(k).Salary Range Note:N/AWorkplace Type:Remote
Description
Position Summary
The Information Security Analyst is responsible for protecting the firm's systems, networks, and data through the implementation, monitoring, and continuous improvement of security controls and technologies.
This role combines hands-on security operations with technical ownership of key security tools and controls, focusing on threat detection, incident response, and control effectiveness. The analyst will work closely with IT and vendors to strengthen the firm's security posture while contributing to the evolution and optimization of the Information Security Program.
Reports to: Director of Information Security & Governance
Key Responsibilities:
Security Operations & Incident Response
- Monitor and analyze security alerts across EDR, MDR/SIEM, email security, and identity platforms
- Investigate suspicious activity, perform triage, and escalate incidents as appropriate
- Execute incident response activities across the lifecycle, including detection, containment, eradication, and recovery
- Document investigations, actions taken, and outcomes for audit and reporting purposes
- Perform root cause analysis and recommend improvements following incidents
Endpoint, Identity & Infrastructure Security
- Configure, maintain, and optimize security tools (e.g., endpoint protection, PAM, web filtering, identity controls)
- Support system hardening efforts aligned to industry best practices
- Monitor and improve privileged account usage and enforcement of least privilege
- Assist in implementation and tuning of identity controls (MFA, Conditional Access, authentication policies)
Detection & Security Engineering Support
- Develop and tune detection rules and alerting use cases across security platforms
- Translate threat intelligence into actionable detection and prevention controls
- Identify gaps in coverage and recommend improvements to detection capabilities
- Support integration and optimization of security tools within monitoring workflows
Vulnerability & Risk Management
- Perform vulnerability scanning and coordinate remediation with IT teams
- Track and validate remediation efforts and escalate unresolved risks
- Provide technical input into risk assessments and remediation prioritization
- Assist in improving vulnerability management processes and reporting
Security Tools & Automation
- Support the implementation, integration, and optimization of security technologies
- Assist in developing automation to improve alert triage, response, and reporting
- Identify opportunities to streamline operational tasks and improve efficiency
- Maintain documentation for tools, configurations, and processes
Governance, Compliance & Collaboration
- Support compliance initiatives and provide evidence for audits and assessments
- Assist in responding to client security questionnaires as needed
- Partner with IT and business teams to ensure controls are functioning as intended
- Contribute to technical standards and support enforcement of security policies
Qualifications
Required
2-5+ years of experience in information security, cyber operations, or IT security
Associate's or Bachelor's degree in Information Security, Information Technology, or a related field
Experience working with security technologies such as:
EDR/XDR
SIEM/MDR platforms
PAM solutions
Identity & Access Management (IAM), MFA, Conditional Access
Strong understanding of:
Networking fundamentals (TCP/IP, firewalls, VPNs)
Windows and cloud environments (Azure preferred)
Common attack techniques (phishing, credential theft, lateral movement)
Experience with vulnerability management processes
Ability to analyze logs, alerts, and security events
Preferred
- Familiarity with HITRUST, NIST CSF, CIS Controls, or ISO 27001
- Scripting or automation experience (e.g., PowerShell, Python)
- Experience with security automation or SOAR tools
- Experience in legal or regulated environments
- Security certifications (e.g., Security+, CySA+, GCIH, CISSP)
Key Competencies
- Analytical & Investigative Mindset - Strong ability to analyze alerts and determine root cause
- Technical Problem-Solving - Ability to troubleshoot across endpoint, identity, and network environments
- Operational & Engineering Balance - Comfortable both responding to issues and improving underlying controls
- Incident Response Discipline - Organized and effective during security events
Apply Now
Refer to a Friend
Alternatively, you can apply to this job using your profile from Indeed by clicking the button below:
Copyright 2026 Hinshaw & Culbertson. All rights reserved.
Powered by ApplicantStack Hiring Software
Privacy Policy | Terms of Use