Ready to see how much house you can afford?

Chicago Security Analyst

The Federal Savings Bank Security Analyst's primary function is to support the information Security Officer and to engineer, implement, monitor, and investigate security measures for the protection of The Federal Savings Bank computer systems, vendor software, networks and information. The security analyst will also provide security software information and security management support to employees. The Federal Savings Bank Security Analyst is a self-starter possessing sound knowledge and experience in the field if Information security. Experience in financial services, mortgage lending specifically, is strongly preferred. This position will be based out of our Chicago, IL headquarters office located in the West Loop neighborhood and will report directly to the Bank's Information Security Officer.


  • Must reside and Chicago area and able to commute to office
  • Minimum of 3 years of experience as a Security administrator, Security Analyst, or Security Engineer role
  • BA/BS degree in computer science, IS, MIS, Engineering, Computer Science, or related field
  • Good organizational, multi-tasking, and time-management skills
  • Gathering evidence and preparing reports
  • Proven ability to work independently and as a team member
  • Good communication (written and oral) and interpersonal skills
  • Knowledge of Active Directory/LDAP Directory Services and Windows 2008, 2008 R2, 2012,2016 and Office 365 and SQL Server
  • Expert knowledge of Authentication Protocols, MFA
  • Expert knowledge of DNS, DHCP, SMTP, SNMP, TCP/IP, UDP
  • Familiar with common security tools
  • Familiar with penetration testing concepts
  • Familiar with vulnerability scanning
  • Familiar with firewalls/routers/IPS/IDS
  • Proficient in Microsoft applications (Access, Excel, Word, Project)
  • Familiar with a variety of the field’s concepts, practices and procedures
  • Familiar with VOIP technologies and implementations
  • Understanding of computer systems security issues
  • Ability to work well with other technicians
  • Ability to define complex problems and propose solutions


  • Define SOP’s to investigate various types of incidents
  • Perform Security Incident investigation on reported cases and oversee complete security incident management life cycle
  • Validate the legitimacy of a reported incident. Knowledge of TCP/IP
  • Demonstrate and apply knowledge of networking concepts and devices (Firewalls, Routers, Switches, Load Balancers, IDS, IPS, etc.)
  • Integrate outputs of technical research, e.g., network forensics and reverse engineering, into intelligence products
  • Utitlize SIEM tools like RSA Netwitness, QRadar, Splunk, LogRhythm, AlienVault
  • Utilize tools for sifting through and visualizing large technical data sets
  • Utilize vulnerability scanner to identify and remediate vulnerabilities
  • Understand security concepts such as need-to-know; least privilege; DLP, PKI
  • Conduct host and network based forensics, log analysis, and malware triage in support of incident response investigations
  • Work with vendors, submitting requests and ensuring requests are completed correctly and in a timely manner
  • Periodically create and update Network Security documentation, such as Visio diagrams, procedures and presentations
  • Provide on-call support for Network Security technologies
  • Manage firewalls and other network security infrastructure
  • Define and document procedures for conducting information security tasks
  • Conduct risk reviews, certifications and control analysis for the IT environment and perform or oversee IT implementation of remediation
  • Oversee penetration testing and vulnerability assessment activities
  • Conduct vendor risk reviews by gathering and reviewing vendor security documentation, following-up with vendor relationship owners on non-technical tasks, and document the risk review results
  • Assess threat intelligence to determine risks to the Bank that require action
  • Analyze and recommend new security products to implement in the technical environment
  • Manage aspects of the information security awareness program by creating communications and materials for end user consumption; conduct phishing tests
  • Manage InfoSec projects with task lists, timelines, implementation and testing plans, status reports and appropriate project management documentation
  • Work effectively with the IT group and business leaders
  • Understand and apply common information security framework controls and standards to the Bank technical environment

Preferred License, Certification, Association