Senior Cyber Engineer

The Senior (Tier 2) CTOC Analyst is a key player in monitoring, analyzing, and responding to security events across the organization. This role involves handling complex incidents, conducting threat hunts, and supporting all phases of the incident response lifecycle. The Senior Analyst will also mentor junior analysts, providing day-to-day guidance on analysis techniques, tool utilization, and best practices for incident response to build a stronger, more resilient CTOC team. Additionally, this role includes managing moderately large projects, with minimal supervision, and employing creative problem-solving to address a wide variety of security challenges. Reporting to the CTOC Manager, you will collaborate with cross-functional teams and external partners, ensuring alignment with industry standards such as NIST, MITRE ATT&CK, and CIS Controls.

What you’ll do at Avant:

• 24/7 Security Event Monitoring: Actively monitor and respond to security alerts and incidents, conducting both initial triage and advanced analysis to assess escalation needs. Participate in a 24/7 response rotation.

• Incident Response and Threat Hunting: Execute containment, eradication, and recovery actions for incidents, and conduct proactive threat hunting based on threat intelligence and dark web insights to identify potential threats across the environment.

• Mentorship of Junior Analysts: Provide day-to-day mentorship to junior analysts, enhancing their technical skills, analysis techniques, and understanding of threat landscapes. Conduct training sessions, review their work, and provide actionable feedback to boost team effectiveness.

• Advanced Analysis and Documentation: Perform in-depth root cause analysis on security incidents, document findings comprehensively, and offer actionable insights to support cross-functional teams in decision-making.

• Tool Optimization and Automation: Leverage and optimize SIEM, EDR, and security orchestration tools to improve detection and response efficiency. Identify and implement automation opportunities to streamline routine tasks, enhancing overall CTOC productivity. 

• Threat Intelligence Integration: Analyze and integrate threat actor tactics, techniques, and procedures (TTPs) into CTOC processes, focusing on high-priority threats such as ransomware, insider threats, and advanced persistent threats (APTs). Engage with MISP, ISACs, and threat intelligence sources to stay informed on evolving threats.

• Collaboration and Information Sharing: Participate in information-sharing initiatives with peers, ISACs, and other partners to enhance situational awareness, improve response strategies, and strengthen collaboration.

• Playbook Development and SOP Enhancement: Assist in creating and refining incident response playbooks and SOPs, ensuring alignment with NIST CSF, CIS Controls, and other frameworks to bolster CTOC resilience and effectiveness.

• Project Leadership and Autonomy: Manage moderately large projects independently, from planning to execution, ensuring timely delivery of outcomes. Operate effectively with minimal supervision, demonstrating initiative and accountability.

• Post-Incident Review and Continuous Improvement: Lead post-incident reviews to identify lessons learned, suggest process improvements, and drive changes that capabilities. response future enhance
   

Why you're a fit at Avant:

• Experience: 3-5 years in information security, preferably within a 24/7 CTOC or similar environment, monitoring cloud-native infrastructure.

• Bachelor's degree in Information Security, Computer Science, or a related field, or comparable experience.

• Technical Skills: Proficiency with operational security controls such as SIEM platforms, EDR, IDS/IPS, DLP, and data analysis. Experience with threat intelligence platforms and security orchestration tools preferred.

• Knowledge Base: Comprehensive understanding of cybersecurity principles, network protocols, and regulatory compliance (e.g., PCI, FTC Safeguards). Familiarity with frameworks such as MITRE ATT&CK, CIS Controls, and NIST CSF.

• Mentorship and Leadership Skills: Proven experience mentoring junior analysts, focusing on technical skill development and enhancing analytical thinking.

• Certifications: GCED, GCIH, GCIA, CISSP, or equivalent certification(s) is preferred.
   

Preferred Qualifications:

• Proficiency in Python & SQL preferred, and a data-driven approach to problem-solving.
  Ability to communicate complex security concepts clearly to stakeholders at all levels.

• Strong organizational skills, adaptability, and the ability to make sound decisions under pressure.

• Demonstrated integrity, commitment to continuous improvement, and the ability to handle a wide variety of issues creatively and independently.
   

This role offers the opportunity to apply advanced cybersecurity expertise, mentor junior talent, lead projects independently, and contribute to the strength and adaptability of the CTOC in a rapidly changing threat environment.

This role is based on our downtown Chicago Office, located in the Merchandise Mart. We highly value collaboration and our hybrid schedule (M, T, Th in-office) enables flexibility to balance work and individual priorities.

Compensation Range:

The base salary range for this job is USD $64,000 - USD $95,000 / Year

Employees new to Avant typically come in below the midpoint of the pay range. The compensation range is based on the level outlined in the job posting, and compensation decisions are dependent on each applicant's experience, skills and abilities. 

[If an outstanding applicant's experience and skill level is above or below the qualifications outlined in the job posting, we reserve the right to make an offer at a different level than the one listed in this job posting, which may have a different compensation range.]

This role is eligible for additional incentives, including an annual bonus. These rewards are allocated based on level, impact and performance in the role.

Our benefits include:

• Choice of great Medical, Dental, and Vision Insurance Plan options

• 401(k) match

• Flexible Time Off

• Flexible Work Environment - (i.e. Mon/Tues/Thurs in-person)

• Generous Paid Parental Leave, Adoption Assistance and Post-parental leave ramp-up program 

• Lunch Allowance (Fooda) and In-office Snacks

• Summer Fridays 

• Fun In-Office and Virtual Social Events

• And who doesn’t love the swag

Check out our Avant Blog!

We believe that a diverse set of backgrounds and experiences helps us create the most innovative solutions for our customers. We invite you to apply to our positions even if you do not meet 100% of the qualifications listed in the description. If you’re passionate about our mission and aligned to our values, we hope you’ll come contribute to our awesome culture.

Why Avant is the place for you:

At Avant, we believe our values make a difference:

Authenticity. We show up to work as our whole selves and make sure others can too.

Collaboration. We can only succeed when we do so as a team.

Problem-Solving. The harder the problem, the more satisfying the solution.

Customer. We are all owners of the customer experience.

Initiative. Plan. Adapt. Get Sh!t Done.

We believe that great ideas come from anyone and anywhere, that everyone is an owner who drives change, and that we have more fun when we work together. We're problem solvers who love collaborating with intelligent and highly-motivated people to reshape the face of digital banking. Avant offers terrific perks and benefits, fun social events with employees who actually like hanging out together, and a flexible growth environment where trying your hand at new projects and being the active owner of your career path is encouraged and supported.