Who We Are
At Old Second, you're first! For more than 150 years, Old Second has consistently put businesses and individuals throughout the Chicago area first, and we're only getting started.
With great employees we've grown from a single location in the back of a general store to 50 locations and over $6 billion dollars in assets. At Old Second we embrace values that foster an environment of community and growth. Recently, we've been voted a Forbes Best-In-State Bank for Illinois by our customers. Be a part of something big as we continue our growth story together!
Position Overview:
The Security Operations Center (SOC) Analyst will analyze reports and make suggestions to improve the institutions security posture. May participate in the creation and maintenance of policies, standards, and procedures. Assists the administrator for security systems as assigned. Knowledgeable of the system's security goals as established by stated policies, procedures, guidelines, and standards and works to achieve those goals.
Essential Job Functions:

• Conducts initial triage of security event incidents (e.g., Phishing, malware, dark-web data leaks, etc.) and facilitates communication within the SOC and documents progress throughout the Incident Response Lifecycle.
• Investigates suspicious emails identified by email protection systems or reported by end-users.
• In the case of Business Email Compromises, initiates inbound quarantines and outbound blocks, communicates with e-fraud and others to remove blocks when appropriate.
• Monitors BEC Quarantines in and investigates and releases emails when necessary.
• Provides management with scheduled metric of Telephony, Internet Usage, system storage utilization and patch compliance for InfoSec.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analysis of relevant event detail and summary information.
• Utilizes available threat intelligence resources to research and investigate emerging business application/security topics, threats, capabilities, and solution options to create/update policy and governance, technology strategies, solution architecture, and vulnerability assessments.
• Assesses and prioritizes security events generated by security monitoring tools and/or escalated by the SOC.
• Investigatse security events using a wide range of logs available from security tools including SIEM, EDR, and other security tools to identify root causes.
• Identifies patterns/outliers within data sets that match threat actor TTPs, post-compromise behavior, insider threat, and other unusual behavior.
• Monitors software vendor websites and/or other established cybersecurity threat intelligence sites for new vulnerabilities that may affect institution.
• Responsible to create detailed reports on incident and vulnerabilities as needed. (i.e., Virus/Malware Incident Form)
• Provides second-level response support by analyzing alerts and gathering information about potential incidents or vulnerabilities.
• Conducts incident analysis and response based on predefined procedures. (i.e. Incident Response Playbooks)
• Creates remediation tickets and tracks tickets to ensure timely closure.
• Analyzes security incidents and the escalation of security events in conjunction with the Bank's incident response policy/program.
• Assists in the management and maintenance of various Information Security Software/Tools. (e.g., Microsoft Defender, Red Canary, Recorded Future, etc.)
• Acts as resource to the Information Security Team on related Information Security inquiries.
• Performs and completes daily checklist reviews of Information Technology processes.
• Assist with the creation, development and updating of incident response plans and playbooks

Minimum Requirements
Bachelor's degree in computer science, Engineering or Related Field (logic, philosophy, systemic theology or related discipline with ability to apply concepts to technology) and two or more years of experience in one or a combination of the following: information security, compliance, operational risk management (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk); or equivalent combination of education and experience.

• Relevant military experience, certification, or ability to clearly demonstrate competence through experience may substitute for education requirement.
• Four years of related experience may substitute for the education requirement.

This position offers the flexibility of a hybrid work schedule with work performed weekly both onsite (Downers Grove, IL) and remotely (IL only). Must be able to come to Downers Grove each week.
Competencies:

• Strong problem-solving skills. Ideal candidate prefers to work on a series of short-duration complex problems (vs. a single problem over a long period.)
• Excellent written and verbal communication skills
• Strong project management, analytical skills and administrative skills
• Excellent organizational skills, ability to multitask and demonstrate flexibility.
• Demonstrates initiative and creativity in problem-solving; self-motivated/self-starter; works independently with minimal supervision; works well under pressure, develops strong relationships with subordinates, peers, and senior managers; demonstrates commitment and accountability.

Preferred, but not required

• Information Security Certifications or pursuing certifications such as CISSP, CISM, CISA, CISSP, GAIC, CompTIA Security etc.

Thanks for considering Old Second!