Job DescriptionJoin a world-class academic healthcare system,
UChicago Medicine, as an
Information Security Analyst in our
Information Security department. This is a remote, work from home opportunity, and you may be based outside of the greater Chicagoland area.
Under general direction of the Information Security Operations Manager, Monitor and respond to security events and investigations performed by Security Operations Team. Participate in Incident response on call rotation and respond to critical security events. Collaborate with team to define improvements in SOC workflows, automation and detection. Create Incident reports and update SOC documentation in collaboration with the Security Operations Team.
Essential Job Functions- Participate in incident response, triage, and investigations for security events including malware, phishing, threats, etc.
- Use threat intelligence and institutional knowledge to proactively hunt for active threats and malicious activity
- Create incident reports, threat reports, and security operation documentation for stakeholders
- Continuous improvement of security operations playbooks, documentation, trends, and lessons learned from incidents in collaboration with the Security Operations team.
- eDiscovery requests and Insider Threat investigations working with Privacy, Legal and HR
- Support Threat Hunting and Intelligence, Detection development, automation and SOC AI workflows
- Investigate and respond to email-based threat types including phishing, business email compromise (BEC), malware delivery, and account takeover
- Monitor Security Operation service and Incident queue.
- Participate in on-call rotation and respond to critical security events
Required Qualifications- BS or BA degree, Computer Science, Engineering, or equivalent education, training or work experience required
- 4 years of Security experience, or equivalent training and education
- Knowledge of computing systems, data network communications, and network architecture is required
- Good knowledge of security information and event management (SIEM) platforms including query language (Yara-L, CQL, SPL, etc.)
- Good knowledge of network security fundamentals, Network Detection and Response (NDR), intrusion detection, incident detection/response, malware analysis, cyber forensics, SIEM concepts, and security best practices; additional duties as assigned
- Scripting or programming skills (Python, PowerShell, Go, etc.) preferred
- Strong service commitment, and verbal, writing, and reporting skills
- High level of integrity, and sound judgment concerning security and privacy
Position Details- Job Type/FTE: Full Time (1.0 FTE)
- Shift: Day
- Location: Remote
- Unit/Department: Information Security
- CBA Code: Non-Union
Compensation & Benefits OverviewUChicago Medicine is committed to transparency in compensation and benefits. The pay range provided reflects the anticipated wage or salary reasonably expected to be offered for the position.
The pay range is based on a full-time equivalent (1.0 FTE) and is reflective of current market data, reviewed on an annual basis. Compensation offered at the time of hire will vary based on candidate qualifications and experience and organizational considerations, such as internal equity. Pay ranges for employees subject to Collective Bargaining Agreements are negotiated by the medical center and their respective union.
Review the full complement of benefit options for eligible roles at Benefits - UChicago Medicine.