UncommonX Inc. in Chicago, IL seeks Security Operations Center Analyst. Manage services team in a 24x7x365 Security Operations Center (SOC). Responsible for detecting network intrusion attempts, investigating security events, and responding to threats using our proprietary platform and tools. Evaluate network, end point, and authentication activity on customer networks to find risk and threats and define mitigation strategies. Continuously monitor security alerts and logs from various sources like EDR solutions, Email Security, Firewalls, Networks, IAM, and file sharing. Regularly review logs for unusual patterns or suspicious activity in the customer environment. Triage and prioritize alerts based on severity and potential impact and decide on the appropriate response actions. Ensure all security tools and systems (e.g., SIEM, IDS/IPS, EDR, EMAIL, FIREWALL) are functioning properly and update as necessary. Fine-tune security tools to reduce false positives and improve detection accuracy. Create and deploy alerts in the customer environments to detect anomalies in the environment. Work with IT teams to ensure that all systems are patched and up to date with the latest security updates. Responsible for conducting monthly vulnerability scans of the customer to assist them in the vulnerability management area. Identifying, tracking, and managing an organization's assets, which include hardware, software,
data, and other valuable resources. Perform detailed analysis of incidents to understand the scope, impact, and root cause. Implement immediate measures to
contain and mitigate the impact of active security threats. Coordinate with IT teams to remediate vulnerabilities or remove malicious activity. Record and document incidents, actions taken, and lessons learned. Stay updated with the latest threat intelligence, including new vulnerabilities, malware, and attack techniques. Participate in postincident reviews to identify areas for improvement in incident response processes. Prepare and deliver monthly security reports highlighting incidents, key findings, and response actions to the customer. Generate detailed reports following major incidents, including recommendations for future prevention.

Must possess a Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering, or Cybersecurity. Must also possess work experience or course work experience with (i) Information security, Network security, Network architecture, Network firewall, Cisco ASA, network design, QoS configuration, IDS and IPS, Data privacy, Data Protection, access control, SDN, and DLP; (ii) Linux and Windows Systems Administration, Windows Server, Active Directory Domain, Azure AD, virtual machines (VMWare and Virtual Box), and security management; (iii) EDR tools like Cisco AMP or Windows Defender; (iv) SIEM, ELK Stack, Identity Access Management, and MFA; (v) scripting languages such as Python, PowerShell, Java, and Bash; (vi) log event analysis and traffic analysis; (vii) penetration testing capabilities using Kali Linux and security tools like Burp suite, Nikto, Metasploit, MSFVenom, Nessus, Wireshark, and OSINT; (viii) IT security operations such as Business continuity and disaster recovery, incident response, IT security policies, IT Auditing, Security Awareness Training, risk management, and IT service delivery and support; and (ix) NIST, HIPAA, CIS Controls, COBIT, ITIL, ISO 27001, PCI, and MITRE ATT&CK. Salary: $75,442/year

Submit your resume to hello@uncommonx.com.; Ref Job 101