Title: Information Security Research Specialist
Location: Chicago IL
Duration: Full Time/Permanent

Basic Function:
The position is responsible for conducting security vulnerability reverse engineering, malware analysis, protocol analysis and debugging; reporting security vulnerabilities to management; and executing mitigating solutions to vulnerabilities.
Consult with management, and technical staff regarding information security vulnerabilities and the related risk those vulnerabilities pose to the enterprise and related systems.
Participant in vulnerability assessments, with special concentration on identifying unknown vulnerabilities through activities such as network enumeration, protocol analysis, reverse engineering, ‘black/grey’ box testing, web testing, and other ethical hacking activities.
Assist in the development of vulnerability assessment process and related framework, e.g., toolsets/lab, report templates delivery vehicle, marketing strategy.
Perform malware analysis as requested, which includes protocol analysis, reverse engineering through disassembly and debugging.
Comply with HIPAA, Diversity Principles, Corporate Integrity and Compliance Program policies.
Maintain complete confidentiality of company related business.
Maintain effective communication with management regarding development within areas of assigned responsibilities and perform special projects as required or requested.

Job Requirements:
Bachelors Degree in Computer Science or Information Systems and 4-6 years Information Technology Security experience;
Experience in the following: computer architecture, including operating systems, inter-process communications, networking protocols and their related implementations,
Experience with compiled and interpreted programs and the types of security issues,
Experience with database systems, web servers, application servers, mainframes, firewalls, routers, load balancers, switches, and different types of middleware,
Experience with source code reviews (at least c/c++ programming language) for security vulnerabilities,
Experience with reverse engineering binaries (at least x86) for security vulnerabilities.
Experience with debuggers and disassemblers,
Experience performing malware analysis through reverse engineering, protocol analysis, and log analysis,
Experience performing intrusion analysis through reverse engineering, log analysis, forensic disk examination, and system review.

Preferred Job Requirements:
Experience with business governance and security control frameworks;
Experience with HIPAA;
Experience in a managed health care or other insurance or financial services organization;
CISSP or other relevant Information Security Certification.