Security Incident Response Analyst - Blue Cross Blue Shield Association Chicago, IL, USA Bookmark Share Print 1778 7 59

Listing Description

Triage and investigate cybersecurity alerts.

Monitor and respond to alerts generated by our enterprise security tools.

Follow established incident response processes to triage security events.

Triage issues escalated to the Cyber Defense team ensuring quick and appropriate follow-up actions are taken.

Develop and tune cybersecurity alerts and dashboards.

Document and manage investigations and incidents in our Incident Management System.

Improve our detection capabilities by building and enhancing alert rules and actively hunting for evidence of malicious activity.

Operate and maintain security tooling and platforms.

Develop and continually improve incident response playbooks to ensure we efficiently and effectively analyze and respond to security alerts.

Cross-functional shared team work .

Assist with forensics activities following a security incident.

Participate in Incident Response on-call rotation.Required Basic Qualifications:

Bachelor’s degree or equivalent practical experience

Demonstrated IT experience in the areas of operating systems, networking, and web-based applications

Passionate about Information Security and technology

Preferred Basic Qualifications:

System administration experience (esp. Unix/Linux)

Experience working with Splunk or other SIEM/threat detection platforms

Previous SOC or IR experience is a plus

Software development and/or scripting experience

Comfortable communicating with individuals having varying degrees of technical understanding

Knowledge of common attacks and defenses

Equal Opportunity Employer

Blue Cross Blue Shield Association is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, national origin, age, gender identity, disability, veteran status, genetic information or any other legally protected characteristics