Investigate and respond to security alerts, leverage security platforms for the identification of security events; triage and escalate security incidents.
Assist in improving Security Operations through automation and technical controls.
Assist in identifying, designing, and implementing improvements to current programs/procedures.
Stay up to date with current security vulnerabilities and attacks.
Assist in analyzing threats posed to various systems, technologies, or operations.
Assist in identifying relationships, trends, and patterns of security events.
Participate in documenting and maintaining procedures around threat hunting.
Assist in automating response and remediation of security events.
Leverage threat intelligence solutions, as well as conducting intelligence, analysis, and vulnerability scanning.
Assist in development of new use cases to detect threats across multiple environments including network, endpoint, and applications.
Integrate cyber threat intelligence into various systems.Â
Support the development of impactful risk and threat metrics and provide investigation reports.
Support wider CTDS Information Security Officer initiatives.
Assist the team in system upgrades and expanded features.
Produce and help maintain useful and actionable threat and risk dashboards, reports, and metrics.
Assist in practical application of detection and response methodologies in a variety of environment types, including on premises, private cloud, and public cloud provider.
With moderate direction from others, performs procedures necessary to ensure the safety of information systems. Monitors system activity and identifies potential threats. Responds to detected and reported security violations.
Researches, recommends, and implements changes to procedures and systems to enhance data systems security.
Communicates with users to understand their security needs and supports the implementation of procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.
Performs other related work as needed.
Bachelor of Science in a related field such as Computer Science, Information Science or Cybersecurity.
Product Experience with various SIEM/SOAR, XDR, Scanning, Malware Analysis, Vulnerability Management, Threat Intelligence, and Insider Threat solutions.
Experience conducting or participating in incident response, threat intelligence, threat hunting, etc. activities and host/network forensics.
Experience with information security tools and solutions.
Licenses and Certifications:
Certification of one (1) or more:Â CRISC, GIAC, CISSP, CISA, CISM
Technical knowledge of threat intelligence and hunting, incident detection at scale, and creating effective incident containment and response practices, coupled with an understanding of the security and information technology landscape.
Knowledge of hybrid IT systems, networking, and cloud environments (AWS, Google, etc.).
Understanding of MITRE ATT&CK and Lockheed Martin Cyber Kill Chain.
Understanding of TCP/IP, Firewalls, Routers, and Switches.
Technical understanding in security incident detection and response.
Ability to respond to changing priorities and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness.
Ability to take direction and organize for the successful completion of critical actions, often under tight deadlines.
Ability to present information in a consistent and concise manner.
Strong written and verbal communication skills and ability to foster collaborative working relationships.
Cover Letter ( preferred)
The University of Chicago is an Affirmative Action/Equal Opportunity/Disabled/Veterans Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national or ethnic origin, age, status as an individual with a disability, protected veteran status, genetic information, or other protected classes under the law. For additional information please see the University's Notice of Nondiscrimination.
Staff Job seekers in need of a reasonable accommodation to complete the application process should call 773-702-5800 or submit a request via the Applicant Inquiry Form.
The University of Chicago's Annual Security & Fire Safety Report (Report) provides information about University offices and programs that provide safety support, crime and fire statistics, emergency response and communications plans, and other policies and information. The Report can be accessed online at: securityreport.uchicago.edu. Paper copies of the Report are available, upon request, from the University of Chicago Police Department, 850 E. 61st Street, Chicago, IL 60637.
One of the world's premier academic and research institutions, the University of Chicago has driven new ways of thinking since our 1890 founding. Today, UChicago is an intellectual destination that draws inspired scholars to our Hyde Park and international campuses, keeping UChicago at the nexus of ideas that challenge and change the world.