Security Administrator
Chicago, IL

Job Description

Overview

The Security Administrator handles many aspects of information security systems management and operations. This includes day-to-day management of information security tooling, including support, installation and maintenance of infrastructure components such as IDS, SIEM, WAF, HSM, and packet capture tools. Additionally, this role will work with other internal and external teams tasked with maintaining solutions relied upon by the security team. A secondary responsibility will be to assist with incident response and forensics activities.

Responsibilities

Responsibilities include but are not limited to:

Full administration and management of assigned technologies:

* Configure, maintain, and troubleshoot multiple technologies such as IPS/IDS, SIEM, WAF, HSM, geofiltering, packet capture, and network malware detection solutions
* Collaborate with other information security teams to mature our security portfolio
* Automate security functions wherever possible, including contributing to internally developed and/or open source security tools

Administration of key security technologies not managed by Information Security as assigned

* Monitors the management of tooling managed by other internal and external teams or MSSPs such as web proxies, endpoint AV, EDR, email filtering, and identity solutions
* Tier 1 Incident Response and Threat Detection
* Provide on-call security support on a rotational basis
* Monitors MSSP vendors who provide operational support
* Define and deliver key operational and performance metrics for assigned technologies

Qualifications

Required Basic Qualifications:

* Bachelor's degree or equivalent practical experience• Minimum 2 years' experience administering systems security appliances and/or Unix/Linux environments• Demonstrated ability to program or "script" in languages such as Python, Perl, PowerShell, or Bash• Advanced knowledge of operating systems, network troubleshooting, and common applications • Advanced experience troubleshooting and problem resolution

Preferred Baisc Qualifications:

* Cloud administration experience (AWS/Azure)• Demonstrated proficiency in Unix/Linux systems administration• Experience developing custom automation for common system administration processes• Experience administering Splunk, Elastic Search, or other SIEM/analytics technologies• Experience administering other security tooling such as IDS, Web Proxy, SIEM, WAF, HSM, and/or packet capture tools• SOC/IR experience

Equal Opportunity Employer

Blue Cross Blue Shield Association is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, national origin, age, gender identity, disability, veteran status, genetic information or any other legally protected characteristics