Talent.com
Information Security Manager - Security Operations Center

Information Security Manager - Security Operations Center

The University of Chicago MedicineDarien, IL, US
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Job Description

Join a world-class academic healthcare system, UChicago Medicine , as an Information Security Manager – Security Operations Center in our Information Security department. This position will be primarily a work from home opportunity with the requirement to come onsite once a week to our Darien office. You will need to be based in the greater Chicagoland area.

This position will oversee and enhance security operations by managing the Security Information and Event Management (SIEM) and Security, Orchestration, and Automation Response (SOAR) system, managing threat hunting efforts, managing the relationship with an outsourced security services provider, and helping to build and manage an internal security operations center. This role will be responsible for ensuring our security monitoring, detection, and response capabilities are robust, efficient, and continuously evolving to meet emerging threats.

Essential Job Functions

  • Lead the administration, tuning, and optimization of the Security Information Event Monitoring and Security, Orchestration, and Automation Response tool to ensure effective threat detection and response.
  • Monitor the performance of the vendor providing Security Operations Center services and ensure proper integration of security data sources and data integrity.
  • Assist in building an internally based Security Operations Center.
  • Manage and support staff on response to incidents and threat-hunting activities to detect advanced persistent threats and hidden adversaries.
  • Work with security teams to investigate security incidents, identify root causes, and recommend the implementation of mitigations.
  • Develop and implement SIEM and SOAR use cases, correlation rules, and log management strategies.
  • Serve as an escalation point, team mentor, and advisor to leadership on threat-based activities, response to incidents and vendor performance.
  • Scrutinize, enhance and improve current processes and their associated procedures and playbooks.
  • Manage between 3-10 people.
  • Other duties as assigned.

Required Qualifications

  • Bachelor’s degree from an accredited college or university
  • 5+ years of experience in security operations, threat detection, and / or incident response
  • Minimum of at least 2 years of work experience in an Information Security Operations Center or equivalent experience
  • Prior experience managing a security team and / or mentoring security analysts
  • Experience working with managed security service providers (MSSPs) or third-party security vendors
  • Security certifications or ability to obtain within 2 years such as CISSP, GIAC (GCIH, GCIA, GCFA), CEH, or equivalent
  • Deep understanding of the Google Chronicle or similar SIEM and SOAR platform - including rule creation, log ingestion, tuning, and alert triage
  • Hands-on experience with EDR, XDR, SOAR platforms, vulnerability scanners, and endpoint protection
  • Proficiency in scripting (., PowerShell, Python) for automation and custom alerting / playbook development
  • Familiarity with security monitoring in cloud environments (preferably Microsoft Azure), including log sources and native tools
  • Knowledge of threat hunting methodologies, anomaly detection, and familiarity with threat intel feeds
  • Skilled in managing and coordinating response to security incidents, including containment, eradication, and recovery
  • Ability to analyze logs from firewalls, endpoints, IDS / IPS, and cloud environments to identify threats
  • Strong knowledge of threat intelligence, adversary tactics, and cybersecurity frameworks (MITRE ATT&CK, NIST, CIS,
  • Excellent written and verbal communication skills and the ability to collaborate across teams

    • Preferred Qualifications

  • Master’s degree
  • Knowledge of HIPAA and other health related regulations
  • Academic medical center and / or health care consulting experience

    • Position Details

  • Job Type / FTE :  Full Time (1.0 FTE)
  • Shift : Days
  • Location : Flexible (Darien)
  • Unit / Department : Information Security Office
  • CBA Code : Non-Union
    • serp_jobs.job_alerts.create_a_job

    Information Security Manager • Darien, IL, US