Cyber Security SME-Chicago, IL - Georgia IT Inc.
Chicago, IL
About the Job
Location: Chicago, IL
Duration: 6-12 Months
Rate: DOE
· Expertise in cybersecurity solutions like SOC, MDR, SIEM, SOAR, DAM, etc.
· Configure rules for real-time alerting in SIEM tool for events, analytic rules, automation rules, hunting queries & Playbook.
· Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide defensive action to locate and prevent threats.
· Knowledge of 3rd party tools Crowdstrike, LogRythem, Netspoke, Semperis, Illumio
· Identity and Access Management – RBAC, Conditional Access Policies, Active Directory ID, PIM/PAM, Active Directory Connect, AD FS, ID Protection, MFA
· Security monitoring includes log aggregation/centralization, correlation, and alerting of security events and incidents.
· Participates in the incident response and investigation process.
· Knows about network architecture and protocols like TCP/IP, HTTP, etc.
· Security Services - Security Operation Center, Key Vault, Log Analytics, Monitor
· Apply and implement cloud security technologies.
· Review existing cloud security measures and processes.
· Implement security as a core part of all design and development of the client's cloud solutions.
· Recommend best practices based on leading industry insights.
· Map security controls to compliance requirements for cloud environments.
· Provide incident response support as a key stakeholder.
· Identify, triage, and remediate security detections and anomalies.
· Work creatively and analytically in a problem-solving environment
