Enterprise CyberSecurity Analyst - Intermediate
at Adventist Health System

Date Posted: 3/4/2017

Job Description



Job:  Other Non-Clinical Professional

Organization:  Adventist IT

Shift:  Day

Job Posting:  Sep 13, 2016, 9:50:30 AM

The Enterprise Security Operations Center (ESOC) Intermediate Cybersecurity Analyst will be part of the ESOC Team. This center monitors, analyses and responds to information security threats and vulnerabilities. ESOC Analysts will be responsible for performing the day-to-day monitoring of the AHS environment, analyzing and responding to events as necessary and providing technical support.

PRINCIPAL DUTIES AND JOB RESPONSIBILITIES:


•         Technical analysis of network activity and flow data, monitors and evaluates network flow data for possible malware activity via anomalies


•         Accumulate IOC’s from intel sources and monitoring tools and respond to detected events


•         Analyze cyber threats, vulnerabilities, and exploits; providing remediation action plans


•         Document, communicate, collaborate and transition incident details to other ESOC members and other support groups


•         Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS


•         Communicate and provide manager with incident updates, work and project statuses that include concerns and risks in a timely manner.


•         Tune and implement configuration changes related to IDS/IPS, Firewall systems, endpoint security, Web Security Proxies, Email Security Systems, SIEM, and other tools as necessary

Job Requirements

KNOWLEDGE AND SKILLS REQUIRED:


•         Ability to write and recommend security policies, procedures, and related processes


•         General knowledge of infrastructure, including classical routing, switching, firewalls, IDS\IPS, web proxies, load-balancer technologies


•         Experience with Enterprise log management and SIEM solutions, i.e. LogRhythm, Splunk, ArcSight, or QRadar


•         Strong understanding of security vulnerability and exploit toolsets, i.e. Nessus, Nexpose, Qualys, and Metasploit frameworks


•         Ability to apply vulnerability management best practices and remediation activities


•         Analytical and problem solving skills and the ability to 'think-out-of-the-box.'


•         Troubleshooting skills, including protocol analysis and decoding via Wireshark, Tcpdump, WinDump, and similar PCAP capturing and protocol decoding technologies


•         A broad understanding of information technology methodologies in multiple disciplines; comfortable with complex undocumented requirements and independent task research


•         Good understanding of analyzing and parsing Firewall, IDS\IPS, web proxy, system and security logs


•         Good understanding a variety of network protocols including TCP/IP, UDP, DHCP, FTP, SFTP, FTP/S, SNMP, SMTP, SSH, SSL\TLS, IPSec, RDP, HTTP and HTTPS


•         Working knowledge of Active Directory, Windows and Linux client and server operating systems; including an understanding of process interactions, inter-process communications and system configuration files (i.e. registry, config files, etc.)


•         Familiar with information sharing specifications for cybersecurity


•         Excellent time management skills to accomplish multiple concurrent tasks


•         Strong interpersonal skills with a positive and enthusiastic attitude


•         Ability to work well with people of varying levels of technical abilities


•         Excellent oral and written communication skills


•         Ability to receive calls and text messages 24 hours a day, seven days per week 

KNOWLEDGE AND SKILLS PREFERRED:


•         Knowledge of Volatility framework, Redline, Tripwire, Sourcefire, SEP, SDCS, STIX and TAXII, Cisco Security Technologies, and Data Loss Prevention technologies


•         Experience with HIPAA, HITRUST, NIST, FISMA, FedRAMP, 27001, SOC audit processes


•         Good working knowledge of scripting languages (i.e. JavaScript, PowerShell, Perl, Python, PHP)


•         Good understanding of SQL databases, and writing SQL queries


•         Malware Analysis skills, utilizing open source tools and techniques


•         Memory analysis of suspect systems to detect active and dormant malware presence


•         File level forensics analysis of Microsoft and Linux operating systems, using tools such as EnCase, FTK, and\or open source equivalent toolsets


•         Working knowledge of healthcare or clinical physician clinical practice

EDUCATION AND EXPERIENCE REQUIRED:


•         Bachelor’s degree in Computer Science, Information Systems, Information Security, or related course of study OR equivalent experience


•         3-5 years or more of IT security experience

EDUCATION AND EXPERIENCE PREFERRED:


•         5-8 years or more of IT security experience

LICENSURE, CERTIFICATION OR REGISTRATION PREFERRED:


•         Security certifications (i.e. CISSP, EnCE; SANS-GIAC GMON, GPEN, GCFA\E, or GNFA; CEH, CCNA-Security, CCNP-Security)

Job Snapshot

About Us

About Adventist Health System

Who We Are

We are one of the largest faith-based health care providers in the United States. For 150 years, we have carried on a tradition of providing whole-person care that not only addresses patients' physical ailments, but also supports their emotional and spiritual well-being. We demonstrate the same level of compassion and care for our employees as well, doing all that we can to help them realize their full potential – both personally and professionally.

Who You Are

You are a compassionate, talented professional who wants to work in an environment where you can live out your faith and your values. You are excited about being part of a team that uses the latest technology and medical research to ensure patients receive quality care, but who also recognize that great care is always personal. You enjoy going out of your way to make each patient and their family feel special, and are passionate about guiding them toward optimal health.

Our Community

Our community is global and so is our reach. From coordinating medical mission trips in Ethiopia to planting school gardens in Florida, we are constantly seeking ways to go beyond hospital walls in improving the health of our communities. As a member of our team, you will be encouraged to use your talents in fun, meaningful ways that bring joy and healing to people around the world.

Our Mission

Part of this worldwide network, Adventist Health System was founded in 1973 to support and strengthen the Seventh-day Adventist health care organizations in the Southern and Southwestern regions of the United States. Today it is a national leader in quality, safety and patient satisfaction, comprised of 46 hospital campuses and nearly 77,000 employees.

Although separated by geography, each of our facilities is united by the mission of Extending the Healing Ministry of Christ. Today we continue the tradition of whole-person care by practicing and sharing CREATION Health, a blueprint for living a healthy, happy life based on the principles given in the Bible’s creation story: Choice, Rest, Environment, Activity, Trust, Interpersonal relationships, Outlook and Nutrition.

We provide comprehensive benefits, training and advancement opportunities. We care for our employees as well as we care for our patients.