Information Security Engineer

Wintrust is a financial holding company with approximately $50 billion assets under management and traded on the NASDAQ:WTFC. Built on the "HAVE IT ALL" model, Wintrust offers sophisticated technology and resources of a large bank while focusing on providing service-based community banking to each and every customer. Wintrust operates fifteen community bank subsidiaries with over 170 banking locations in the greater Chicago and southern Wisconsin market areas. Additionally, Wintrust operates various non-bank business units including commercial and life insurance premium financing, short-term accounts receivable financing, out-sourced administrative services, mortgage origination and purchase, wealth management services and qualified intermediary services for tax-deferred exchanges.
Why join us?

• An award-winning culture! We are rated a Top Workplace by the Chicago Tribune (past 8 years) and Employee Recommended award by the Globe & Mail (past 6 years)
• Competitive pay and discretionary bonus eligible
• Comprehensive benefit package including medical, dental, vision, life, a 401k plan with a generous company match and tuition reimbursement to name a few
• Promote from within culture

Why join this team?

• We hold ourselves accountable to high standards, share wins, operate ethically, and have fun
• This role offers the ability to make an impact and interface with IT and the various aspects of Wintrust's business

Job Summary
The ideal candidate will have at least 7 years of technical experience in Information Security and/or Information Technology (System Administration or Network Engineering) with at least 3 of those years in Security Operations (Incident Response/Handling, DFIR). The Security SOC Analyst will perform responsibilities as the technical lead and incident responder for Wintrust's Security Operations Center (SOC), leading technical investigations of security incidents, contributing to process improvements, and driving the implementation of new capabilities.

• Serve as a technical escalation resource for Tier I/II SOC Analysts
• Develop and maintain SOC processes and procedures targeting an audience of Level 1 & 2 analysts
• Involved in a wide range security operations functions such as incident response, tuning of SIEM tools, digital forensics, privacy incident investigations, assisting with fraud investigations and technical contributions to risk assessments and data loss prevention monitoring techniques.
• Provide subject matter expertise to the development of cyber operations - Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.
• Assist in the coordination, validation, and management of all-source collection requirements, plans, and/or activities. Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
• Partner with Security Engineers to implement and improve technologies and processes to enhance SOC monitoring, investigation, and response capabilities
• Partner with Information Technology teams to remediate systems, deploy new SOC tools and ensure monitoring postures are current
• Perform investigation and escalation for complex or high severity security threats or incidents
• Define tool requirements to improve SOC capabilities
• Coordinate evidence/data gathering and documentation and review Security Incident reports
• Provide technical guidance in project planning, task definition, estimating, reporting, scheduling, documentation, and workflow.
• Assist in defining and driving strategic initiatives

Requirements

• BS or equivalent preferred with +5 yrs. related experience or MS +3 years related experience.
• Extensive experience in Incident Response, Incident Handling and Security Operations
• Experience in digital forensics preferred to include processes and procedures for collecting and preserving digital evidence, data acquisition, and forensic analysis of data
• Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats
• Advanced knowledge and expertise in the use of SIEM technologies for event investigation

From our first day in business, Wintrust has been proud to serve a variety of unique communities and people from all walks of life. To be Chicago's Bank® and Wisconsin's Bank®, we need to reflect that diversity both in all the communities we serve, the people we employ, the organizations we work with, and our banking and lending practices. Wintrust Financial Corporation, including community banking and financial services subsidiaries, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity and expressions, genetic information, marital status, age, disability, or status as a covered veteran or any other characteristic protected by law.