Jones Lang LaSalle Incorporated
Senior Security Operations Center (SOC) Analyst
Jones Lang LaSalle Incorporated, Chicago, Illinois, United States, 60290
Jones Lang LaSalle, an international commercial real estate firm, is looking for a Senior Security Operations Center (SOC) Analyst to respond to threats faced by the organization. This position is accountable and responsible for responding to alerts and incidents generated by JLL security controls and employee submissions.
The position is also responsible for escalating identified critical issues to the Incident Response Team. This analyst will support pivotal Global Cyber Defense capabilities by responding to any and all cyber threats that JLL faces. This role is a highly dynamic role that will require not only strong leadership and interpersonal skills, but also advanced technical ability and understanding to support threat response and incident investigations. Additionally, with the level of integration between core ops functions, they must facilitate robust communications between other teams within the cybersecurity organization.* Responding to security control alerts and employee submissions while performing the collection, triaging, and analysis of evidence generated by JLL systems.* Assisting other SOC Analysts and Incident Responders while responding to advanced attacks/incidents.* Staying up to date with emerging threats and vulnerabilities to improve JLL’s threat response capabilities.* Tracking key metrics and continually improving ability to measure and monitor the maturity and performance of the overall threat response program.* Recommending control and defensive measures to protect the organization from advanced threat actor tactics.* Coordinating efforts to automate repeatable scenarios using SOAR playbooks and native programming tools like Python.* Assisting with defining, creating, and maintaining SIEM detection rules and dashboards* Bachelor’s degree in information technology or Cybersecurity field (or equivalent experience)* 1-3 years Cybersecurity experience, preferably in a highly technical or SOC role.* Strong appreciation and demonstrated ability to harness automation, AI, and custom tooling to streamline response and data collection.* Advanced working knowledge of Cybersecurity prevention, detection, and response capabilities such as, but not limited to: AV, EDR, SIEM, digital forensics suites, IPS, and WAF.* Proficiency with multiple operating systems, as well as multiple cloud environments such as but not limited to: Windows, Mac, Linux, Azure, GCP, AWS, and O365.* Familiarity with Cybersecurity industry best practices, frameworks, and methodologies such as but not limited to: NIST 800-53, ISO 27001, MITRE ATT&CK, and CIS.* Industry recognized certifications (or industry experience/education) such as but not limited to: BTL1, C|SA, GSOC, GCFE, GCIH, and CEH.* Excellent communication and collaboration skills.* undefined* Ability to respond to highly technical alerts and incidents* Ability to trace down an endpoint on the network, based on ticket or alert information* Familiarity with system log information and what it means* Understanding of common network services (web, mail, DNS, RDP, SFTP, etc.) General Desktop OS and Server OS knowledge* TCP/IP, Internet Routing, UNIX / LINUX, Mac, & Windows* Ability to investigate and utilize SOAR, creation of SOAR playbooks/automations is a plus* Experience in automation and AI usage in response to security incidents is a plus* Experience in programming with tools like Python and JavaScript is a plus* Knowledge about various industry tools and standards such as SIEM, PCAP analysis, IDS/IPS, network monitoring tools, digital forensics suites, sandboxing, ticketing platforms, AV, EDR, and SOAR* In-depth knowledge of security concepts such as cyber-attacks, techniques, threat vectors, risk management, incident management, vulnerabilities, zero-days, etc.
#At JLL, we give you the opportunity, knowledge and tools to own your success, because we value what makes each of us unique. We help our people thrive, grow meaningful careers and find a place where they belong. Together, we strive to be exceptional and shape a better world.For over 200 years, JLL (NYSE: JLL), a leading global commercial real estate and investment management company, has helped clients buy, build, occupy, manage and invest in a variety of commercial, industrial, hotel, residential and retail properties. A Fortune 500 company with operations in over 80 countries around the world, our employees bring the power of a global platform combined with local expertise. Driven by our purpose to shape the future of real estate for a better world, we help our clients, people and communities SEE A BRIGHTER WAYSM. JLL is the brand name, and a registered trademark, of Jones Lang LaSalle Incorporated. For further information, visit . #J-18808-Ljbffr
The position is also responsible for escalating identified critical issues to the Incident Response Team. This analyst will support pivotal Global Cyber Defense capabilities by responding to any and all cyber threats that JLL faces. This role is a highly dynamic role that will require not only strong leadership and interpersonal skills, but also advanced technical ability and understanding to support threat response and incident investigations. Additionally, with the level of integration between core ops functions, they must facilitate robust communications between other teams within the cybersecurity organization.* Responding to security control alerts and employee submissions while performing the collection, triaging, and analysis of evidence generated by JLL systems.* Assisting other SOC Analysts and Incident Responders while responding to advanced attacks/incidents.* Staying up to date with emerging threats and vulnerabilities to improve JLL’s threat response capabilities.* Tracking key metrics and continually improving ability to measure and monitor the maturity and performance of the overall threat response program.* Recommending control and defensive measures to protect the organization from advanced threat actor tactics.* Coordinating efforts to automate repeatable scenarios using SOAR playbooks and native programming tools like Python.* Assisting with defining, creating, and maintaining SIEM detection rules and dashboards* Bachelor’s degree in information technology or Cybersecurity field (or equivalent experience)* 1-3 years Cybersecurity experience, preferably in a highly technical or SOC role.* Strong appreciation and demonstrated ability to harness automation, AI, and custom tooling to streamline response and data collection.* Advanced working knowledge of Cybersecurity prevention, detection, and response capabilities such as, but not limited to: AV, EDR, SIEM, digital forensics suites, IPS, and WAF.* Proficiency with multiple operating systems, as well as multiple cloud environments such as but not limited to: Windows, Mac, Linux, Azure, GCP, AWS, and O365.* Familiarity with Cybersecurity industry best practices, frameworks, and methodologies such as but not limited to: NIST 800-53, ISO 27001, MITRE ATT&CK, and CIS.* Industry recognized certifications (or industry experience/education) such as but not limited to: BTL1, C|SA, GSOC, GCFE, GCIH, and CEH.* Excellent communication and collaboration skills.* undefined* Ability to respond to highly technical alerts and incidents* Ability to trace down an endpoint on the network, based on ticket or alert information* Familiarity with system log information and what it means* Understanding of common network services (web, mail, DNS, RDP, SFTP, etc.) General Desktop OS and Server OS knowledge* TCP/IP, Internet Routing, UNIX / LINUX, Mac, & Windows* Ability to investigate and utilize SOAR, creation of SOAR playbooks/automations is a plus* Experience in automation and AI usage in response to security incidents is a plus* Experience in programming with tools like Python and JavaScript is a plus* Knowledge about various industry tools and standards such as SIEM, PCAP analysis, IDS/IPS, network monitoring tools, digital forensics suites, sandboxing, ticketing platforms, AV, EDR, and SOAR* In-depth knowledge of security concepts such as cyber-attacks, techniques, threat vectors, risk management, incident management, vulnerabilities, zero-days, etc.
#At JLL, we give you the opportunity, knowledge and tools to own your success, because we value what makes each of us unique. We help our people thrive, grow meaningful careers and find a place where they belong. Together, we strive to be exceptional and shape a better world.For over 200 years, JLL (NYSE: JLL), a leading global commercial real estate and investment management company, has helped clients buy, build, occupy, manage and invest in a variety of commercial, industrial, hotel, residential and retail properties. A Fortune 500 company with operations in over 80 countries around the world, our employees bring the power of a global platform combined with local expertise. Driven by our purpose to shape the future of real estate for a better world, we help our clients, people and communities SEE A BRIGHTER WAYSM. JLL is the brand name, and a registered trademark, of Jones Lang LaSalle Incorporated. For further information, visit . #J-18808-Ljbffr