Security Operations Analyst

Security Operations Analyst page is loaded## Security Operations Analyst remote type:
Hybrid Working locations:
Chicago, ILtime type:
Full time posted on:
Publicado hoyjob requisition :
R0033609

At HUB International, we are a team of entrepreneurs. We believe in protecting and supporting the aspirations of individuals, families, and businesses. We help our clients evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees to learn, grow, and make a difference. Our structure enables our teams to maintain their own unique, regional culture while leveraging support and resources from our corporate centers of excellence.

HUB is a global insurance and employee benefits broker, providing a boundaryless array of business insurance, employee benefits, risk services, personal insurance, retirement, and private wealth management products and services. With over $5 billion in revenue and almost 20,000 employees in 600 offices throughout North America, HUB has grown substantially, in part due to our industry leading success in mergers and acquisitions.
** ABOUT

THE ROLE
** The Information Security Analyst functions as a member of the Security Operations and Engineering team and interacts with technical and business units to plan and implement information security solutions and support information security incidents. This role requires strong teamwork skills and leadership qualities and must be able ability to foster and maintain business relationships with both technical and business units, must be a great communicator.
** Objectives of this Role
*** Protect the integrity and confidentiality of HUB data and infrastructure while enabling business functionality in all systems and environments by supporting applicable security solutions.
* Lead incident response activities and provide timely response to security incidents and alerts generated by security tools or the SOC
* Assist in improving processes, identify efficiencies, and recommend solution enhancements to improve service level delivery
* Contribute to “Continuous Improvement and Posture Management” efforts, in respect to HUB’s information security tooling and systems.
* Support the HUB Information Security Governance & Compliance team as needed during risk assessments, internal and external Information Security Audits, and Vendor reviews
* Champion vulnerability remediation efforts and act as a liaison to IT and application owners for patch management
* Gather and report on key organizational information security metrics
* Other duties as assigned
** Daily and Monthly Responsibilities
*** Provide Level II Support for incident and request tickets escalated from other technical teams
* Communicate with stakeholders to assist remediation efforts.
* Lead / Assist in root-cause analysis for security incidents events leading to resolution.
* Contribute to weekly and monthly posture and response operations reporting.
* Be responsible for analysis and recommendation of upgrades, changes, implementation specific to the support and scaling of HUB’s security operations.
* Support the HUB Information Security Governance & Compliance team as needed during risk assessments, internal and external Information Security Audits, and Vendor reviews
** Skills and Qualifications
*** Bachelor's degree in discipline appropriate to assignment or an equivalent combination of education and experience
* Related certifications (e.g., GSEC, CISSP, AWS) preferred
* At least 2 years’ experience in an Information Security role or 3 years’ experience in an IT engineering capacity with progressively difficult responsibilities
* 2+ years of experience with cloud infrastructure and O365 services and technology
* Experience working with and managing Active Directory / MS Entra
* Experience with SOAR (Security Orchestration, Automation, and response)
* Experience with vulnerability assessment and patch management practices
* Experience with KQL and SPL or other Query Languages
* Knowledge of industry security standards, guidelines, and regulatory/compliance requirements related to information security such as ISO 27001, NIST 800-53, SOC2, PCI, SOX, etc.
* Knowledge of…