View Job
This job posting is no longer active on ChicagoJobs.com and therefore cannot accept online applications.
Allstate Insurance Corporation
Location: Northbrook, IL 60062 Document ID: A3414-0F0N Posted on: 2010-03-1503/15/2010 Job Type: RegularJob Schedule:Full-time
2010-04-14
Threat Management Analyst - Professional - (Job Number: 0008TW)
The purpose of this department is
The purpose of the department is to protect the confidentiality, integrity and availability of Allstate's information assets. Integration of service delivery principles and be a consulting and advisory partner for all enterprise clients. Provide governance regarding laws and regulatory mandates to protect Allstate data and assets.
The purpose of the department is to protect the confidentiality, integrity and availability of Allstate's information assets. Integration of service delivery principles and be a consulting and advisory partner for all enterprise clients. Provide governance regarding laws and regulatory mandates to protect Allstate data and assets.
The scope of this job is
To protect and secure company assets and associated networks through leading internal and industry threat management practices. Assignments and skills range from performing application security assessments, penetration testing, data leakage, network / system forensics to testing the design and effectiveness of security controls of Internet systems, networks and applications. As a member of the Threat Management team, the selected candidate will be required to be a thought leader within selected information security practices, haven proven experience in development and maintenance of network security operations and management of information risk mitigation.
The Threat Management Analyst will be responsible for:
- Performing penetration tests and vulnerability assessments on company assets.
- Coordinate and initiate network forensics in support of incident handling and event correlation.
- Dynamic in his/her ability to manage multiple projects and initiatives.
- Perform analysis on centralized log data in conjunction with performing case management investigations for security alerts.
- Analyzing security logs and network traffic to assess and prioritize intrusion attempts, including tuning the rules to eliminate false positives.
- Ability to maintain threat management platform, elated toolset's and associated environment.
- Coordinate work of third parties who may conduct additional penetration tests and vulnerability assessments.
- Recommend and scope technical solutions not already in place in addressing security vulnerabilities.
- Posses the knowledge and understand how integration of multiple toolset's and processes will address threats and vulnerabilities.
- Assist in Data Leakage Protection scans and quarantines to ensure data is protected
- Translating Company information protection policies and standards into technical implementation guidance.
Qualification
Required Skills: (skills individual must bring to the job) and skill levels required:
- Advanced Operating System Control Security Knowledge (AS400, OS390, Windows, Unix, Oracle).
- Advanced Perimeter controls security knowledge (IDS/IPS, SIMM, Data Leakage, Firewall, Mail/Gateway security, AV, Proxies, VPN's and Zoning).
- Advanced Endpoint Security Controls (AV, HIPS and security incident mitigation)
- Advanced understanding of security architecture and related components
- Advanced understanding of Application Security and techniques to mitigate threats in application code and functions
- Intermediate Enterprise Project Management.
- Experience using enterprise security analysis tools and techniques (application and system)
- Excellent written and verbal skills, including translation of technical concepts in relation to business requirements.
- Process development and mapping experience/aptitude.
- CISSP or GIAC
 |
|
|
|
|
|
|
|
|
|
|
|
Show Printable Job
© 2025