The Threat Investigation Analyst is a key member of the Threat Operations Team and will be responsible for supporting alarm research and development in our proprietary security platform as well as performing research on emerging threats and providing communication to our customers. This person will act as a technical expert in our detections as well as a collaborative point of escalation for our Threat Operations team. Your ability to analyze logs, actively pursue the most cutting-edge industry news and events, think like an attacker, and correlate information across wide data sets will be critical in this position. This role can be remote but must provide occasional onsite support at our Downers Grove, IL location.

Job Duties:

• Craft, maintain, and document detection opportunities within our proprietary security platform

• Perform necessary correlation and research to create useful, compelling, and context-rich alerts for our customers

• Pursue research into current threats and industry trends to be aware of the most up-to-date threats affecting the environments under our vigilance

• Drive high levels of customer satisfaction through communication and custom deliverables, maintaining strong customer relationships through external and inter-departmental collaboration

• Drive initiatives to create detection content based on findings stemming from threat hunts and ad hoc detection opportunities

• Craft, maintain, and document detection opportunities within our proprietary security platform

• Perform necessary correlation and research to create useful, compelling, and context-rich alerts for our customers

• Pursue research into current threats and industry trends to be aware of the most up-to-date threats affecting the environments under our vigilance

• Drive high levels of customer satisfaction through communication and custom deliverables, maintaining strong customer relationships through external and inter-departmental collaboration

• Drive initiatives to create detection content based on findings stemming from threat hunts and ad hoc detection opportunities

Minimum Proficiencies:

• Customer-first mindset with strong written, verbal, and interpersonal communication skills along with the ability to work in a highly collaborative environment as this is a customer facing role

• Strong ability to translate technical concepts and information into a form easily consumed by non-technical stakeholders

• Strong ability to self-direct and work independently, learn new things, think creatively and demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and adapt to new requirements

• Demonstrated strong initiative to proactively research new threats and stay current with the industry threat landscape and ability to translate that knowledge into practical application

• 1+ years of experience as a key member of a security operations team (SOC, Incident Response, Threat Intel, Malware Analysis, IDS/IPS Analysis, etc.)

• Confident analyzing real SIEM logs across various products and security solutions: malicious, normal, and application traffic; and demonstrated ability to differentiate malicious logs from false positives

• Strong adherence to defined workflow and processes

• Ability to correlate activity across multiple ingest sources and large data sets

• Follows an automation-first mindset

• Familiarity with various network and endpoint products and their logs

• Understanding of complex Enterprise networks (EDR, routing, switching, firewalls, proxies, etc.) including previous MSSP experience.

• Demonstrated knowledge of common/emerging attack techniques

• Strong understanding of the Diamond Model, Analysis of Competing Hypotheses, MITRE ATT&CK, the Cyber Kill Chain, and/or knowledge of cyber threat intelligence terminology, key concepts, and analysis and how to operationalize these for performing job duties

• Proficiency in a SIEM query language

• The candidate must have a car, as this position requires travel between location and the transportation of equipment

• A valid driver’s license and proof of vehicle insurance will be required

• Legally authorized to work in the US without sponsorship

• Must demonstrate a “can-do” attitude

We focus on candidates that display our “ACE” factor – Attitude, Compassion, and Enthusiasm to deliver quality solutions with exceptional customer service.

What you get:

We offer an energetic work environment with many corporate culture amenities, competitive salary, and rich benefit plan including: Medical, Dental, Vision, 401K, 529, Life Insurance, Income Protection Short and Long-Term Disability, Medical and Child/Elder Care, Flexible Spending Account Plans, Employee Assistance Program, Two weeks’ vacation, additional paid time-off for Personal and Sick, certification and hands-on training, and discounts for local event entertainment and health clubs.

MOTIVATED…..make IT happen!

Sentinel Technologies, Inc. has been rated a top workplace every year since 2012!

About Us:

Sentinel delivers solutions that can efficiently address a range of IT needs – from security, to communications, to systems & networks, to software applications, to cloud and managed services; all of which include our staffing solutions for our clients. Since 1982, Sentinel has grown from providing technology maintenance services to our current standing as one of the leading IT services and solutions provider in the US. We have aligned with many of today’s global technology leaders including Cisco, Dell, VMware and Microsoft. Sentinel services customers both nationally and internationally with primary support operating centers in Downers Grove (HQ), Chicago, and Springfield, IL; Phoenix, AZ.; Detroit, Lansing, and Grand Rapids, MI; Milwaukee, WI; Denver, CO; and Fort Lauderdale, FL.

If you are MOTIVATED… you can make IT happen at Sentinel. Our commitment to our employees is to create a work environment that encourages creativity, an entrepreneurial spirit, fosters growth through certification and hands-on training, and values a team-oriented culture with rewards based on impact!

If you share our passion about what technology can do and want to be part of a top workplace environment – we’d like to have you join our team. Learn more at www.sentinel.com/careers.

As part of Sentinel's employment process, candidates will be required to complete a background check. Only those who meet the minimum requirements will be contacted. No phone calls please.

Sentinel is proud to be an equal opportunity/affirmative action employer committed to a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, genetics, disability, pregnancy, veteran status or any other basis protected by law.

If you are an individual with a disability and need assistance in applying for a position, please contact [ Email address blocked ] - Click here to apply to Threat Intelligence Analyst.

Job ID: 2023-3956

Street: 2550 Warrenville Rd.