A great opportunity at an industry leader! Medline's growth has hit double digits for 53 of the past 54 years, and we're still growing. And we're again named a Chicago Tribune Top Employer. Doesn't this look like the type of organization you'd want to be a part of? Check us out. Description:
The IT Security Threat Analyst (aka Threat Hunter) performs a wide variety of security duties with a primary focus on threat actor based investigations, creating new detection methodology and providing expert support to incident response and monitoring functions.
The Threat Hunter will leverage data analysis, threat intelligence, and cutting-edge security technologies to proactively detect security incidents that may evade automated security systems.
This position requires a high degree of technical skill, initiative, creativity, and the employee to stay current with new and emerging trends, theories, standards, and technologies. (Though we are currently working remote due to Covid, this position will be based in our Mundelein, IL office once we return to the office. This individual will be work in the office 3 days per week, and may work remote or from the office the other 2 days) Duties and Responsibilities:
- Hunt for and identify threat actor groups and their techniques, tools and processes
- A passion for research, and uncovering the unknown about internet threats and threat actors
- Participate in %26quot;hunt missions%26quot; using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors on Medline%26rsquo;s networks.
- Provide analytic investigative support of complex security incidents.
- Perform analysis of security incidents for further enhancement of alert catalog
- Continuously improve processes for use across multiple detection sets for more efficient operations
- Review alerts generated by detection infrastructure for false positives and modify alerts as needed
- Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc
- Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
- Document and manage incident cases in our case management system
- Keep up-to-date with information security news, techniques, and trends
Desired Professional Qualifications
- Bachelor%26rsquo;s degree in Information Security, Computer Science, Information Technology, or related
- Minimum 1 year of Cyber Threat Hunter experience or 2 years of Security Operations Center (SOC) experience preferred.
- Advanced knowledge and experience in Information Security strongly preferred
- Strong communication skills, written and oral
- Experience with SIEM
- Experience with End Point Data Protection
- Experience with software vulnerabilities & exploitation
- Experience with data analysis
- Experience with malware analysis preferred
- Experience with APT/Crimeware ecosystems preferred
- Experience with exploit kits preferred
- Desired Security Certifications: GCFE (Certified Forensic Examiner), GCFA (Certified Forensic Analyst), GCTI (Cyber Threat Intelligence)
#LI-RB1 About Medline:
Medline is the largest privately held manufacturer and distributor of healthcare supplies in the United States, providing more than 550,000 products that serve the entire continuum of care. Our innovative products and programs can be found in most hospitals, extended-care facilities, surgery centers, physician offices, home care dealers, home health agencies and retail outlets. Founded in 1910, Medline has grown from a small manufacturer of aprons, surgical gowns and uniforms to a thriving $17 billion global enterprise because of our dedicated people, entrepreneurial spirit and honest values. Again named one of the country%26rsquo;s %26quot;Best and Brightest Companies to Work For,%26rdquo; and once again named to Chicago Tribune%26rsquo;s Top Workplaces, Medline has experienced fifty-plus years of consecutive annual growth, and is headquartered in Northfield, IL.
- Information Security
- Incident Response
- Security Information And Event Management
- Information Technology