Haystack
← Back to Jobs
Other

Principal Cyber Defense / Incident Response

Request Technology, LLCChicago, IL🇺🇸United StatesPosted 10 Jul 2026

Quick Overview

Salary
$150k - $185k/yr
Work Type
On Site
Level
Leader

Job Description

Lead Associate Principal, Cyber Defense - Incident Response

SALARY: $150k - $185k plus 15% bonus

LOCATION: CHICAGO, IL

HYBRID 3 DAYS ONSITE

Looking for a candidate to drive threats and vulnerabilities, incident management and security analysis, cyber threat analysis, digital computer forensics. 24/7 on-call support

Incident Management and Security Analysis:

Security Monitoring & Analysis:

Security Device Administration

  • Subject matter expert on security tools including appliances, hosted systems, and SaaS including health checks, version updates, and content development.
  • Validate content changes to security tools are appropriate from other analysts and teams.
  • Report on and enhance current metrics surrounding security tool capabilities and efficacy.
  • Subject matter expert in the systems lifecycle --- performing upgrades, implementation of new technologies, and enhancement identification.

Qualifications:

  • Implementation and maintenance of security platforms (Splunk, Crowdstrike, Symantec DLP) and vulnerability assessment tools (Qualys, Nessus, nmap), including incident response playbook development and remediation management.
  • Proficiency with network sniffers/packet tracing tools (Ethereal, tcpdump, etc.), preventative/detective technologies (EDR, network-based analysis), and Web Application Firewalls.
  • Strong background in encryption technologies (PGP, PKI, X.509) and directory services/LDAP security (Active Directory, CA Directory).
  • Experience across client/server platforms (Solaris, Windows, Linux) and OS hardening procedures, plus proxy/caching services.
  • Knowledge of LAN/WAN routing and high availability protocols (OSPF, BGP4/iBGP, EIGRP, NSRP), cloud security tools (AWS, Azure, Google Cloud Platform), and SOAR tools/concepts.
  • Some experience scripting and leveraging APIs to integrate security monitoring tools, with knowledge of Generative and Prompt AI.

Education and/or Experience:

  • Minimum five years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response.
  • Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies, and motives.
  • Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure.
  • Industry knowledge of leading-edge security technologies and methods.
  • Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities.
  • Previous people/project management experience is a plus.

Skills

AWS
Encryption
Splunk
Active Directory
Azure
Google Cloud
LDAP
PKI

Similar jobs