Enterprise CyberSecurity Analyst - Senior
at Adventist Health System

Date Posted: 3/4/2017

Job Description



Job:  Other Non-Clinical Professional

Organization:  Adventist IT

Shift:  Day

Job Posting:  Sep 13, 2016, 9:50:54 AM

The Enterprise Security Operations Center (ESOC) Senior Cybersecurity Analyst will be part of the ESOC Team. This center monitors, analyses and responds to information security threats and vulnerabilities. ESOC Analysts will be responsible for performing the day-to-day monitoring of the AHS environment, analyzing and responding to events as necessary and providing technical support.

PRINCIPAL DUTIES AND JOB RESPONSIBILITIES:


•         Advanced technical analysis of network activity and flow data, monitors and evaluates network flow data for possible malware activity via anomalies


•         Accumulate IOC’s from intel sources and monitoring tools and respond to detected events


•         Analyze cyber threats, vulnerabilities, and exploits; providing remediation action plans


•         Document, communicate, collaborate and transition incident details to other ESOC members and other support groups


•         Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS


•         Communicate and provide manager with incident updates, work and project statuses that include concerns and risks in a timely manner


•         Tune and implement configuration changes related to IDS/IPS, Firewall systems, endpoint security, Web Security Proxies, Email Security Systems, SIEM, and other tools as necessary

Job Requirements

KNOWLEDGE AND SKILLS REQUIRED:


•        Ability to write and recommend security policies, procedures, and related processes


•        Technical knowledge of infrastructure assets, including classical routing, switching, firewalls, IDS\IPS, web proxies, and load-balancer technologies


•        Experience with Enterprise log management and SIEM solutions, i.e. LogRhythm, Splunk, ArcSight, or QRadar


•        Excellent understanding of security vulnerability and exploit toolsets, i.e. Nessus, Nexpose, and Metasploit frameworks


•        Ability to apply vulnerability management best practices and remediation activities


•        Strong analytical and problem solving skills and the ability to 'think-out-of-the-box.'


•        Excellent troubleshooting skills, including protocol analysis and decoding via Wireshark, Tcpdump, WinDump, and similar PCAP capturing and protocol decoding technologies


•        A broad understanding of information technology methodologies in multiple disciplines; comfortable with complex undocumented requirements and independent task research


•        Strong understanding of parsing and analyzing Firewall, IDS\IPS, web proxy, system and security logs


•        Detailed understanding a variety of network protocols including TCP/IP, UDP, DHCP, FTP, SFTP, FTP/S, SNMP, SMTP, SSH, SSL\TLS, IPSec, RDP, HTTP and HTTPS


•        Broad knowledge of Active Directory, Windows and Linux client and server operating systems; including an understanding of process interactions, inter-process communications and system configuration files (i.e. registry, config files, etc.)


•        Familiar with information sharing specifications for cybersecurity


•        Ability to perform role as incident commander for incident response


•        Excellent time management skills to accomplish multiple concurrent tasks


•        Strong interpersonal skills with a positive and enthusiastic attitude


•        Ability to work well with people of varying levels of technical abilities


•        Excellent oral and written communication skills


•        Ability to receive calls and text messages 24 hours a day, seven days per week

KNOWLEDGE AND SKILLS PREFERRED:


•        Knowledge of Volatility framework, Redline, Tripwire, Sourcefire, SEP, SDCS, STIX and TAXII, Cisco Security Technologies, and Data Loss Prevention technologies


•        Experience with HIPAA, HITRUST, NIST, FISMA, FedRAMP, 27001, SOC audit processes


•        Extensive knowledge of scripting languages (i.e. JavaScript, PowerShell, Perl, Python, PHP)


•        Experience with writing SQL queries, parsing, and correlating data from databases


•        Basic and Advanced Malware Analysis skills, utilizing commercial and open source tools and techniques such as behavioral analysis in sandbox environments


•        Memory analysis of suspect systems to detect active and dormant malware


•        File level forensics analysis of Microsoft and Linux operating systems, using tools such as EnCase, FTK, and\or open source equivalent toolsets


•        Reverse Engineering and code analysis of suspect x86 binaries, DLL’s, using static disassemblers such as IDA Pro, and dynamic analysis with debuggers, such and WinDbg, and OllyDbg, to ascertain and validate malware and determine severity and remediation action


•        Working knowledge of healthcare or clinical physician clinical practice

EDUCATION AND EXPERIENCE REQUIRED:


•        Bachelor’s or Master’s degree in Computer Science, Information Systems, Information Security, or related course of study OR equivalent experience

EDUCATION AND EXPERIENCE PREFERRED:


•        8-10 years or more of cybersecurity experience

LICENSURE, CERTIFICATION OR REGISTRATION REQUIRED:


•        CISSP or equivalent knowledge

LICENSURE, CERTIFICATION OR REGISTRATION PREFERRED:


•        Security certifications (i.e. EnCE; SANS-GIAC: GCIA, GREM, GPEN, GCFA\E, or GNFA; GPPA, GXPN or related, OSCP; CEH, CCNP-Security)

Job Snapshot

About Us

About Adventist Health System

Who We Are

We are one of the largest faith-based health care providers in the United States. For 150 years, we have carried on a tradition of providing whole-person care that not only addresses patients' physical ailments, but also supports their emotional and spiritual well-being. We demonstrate the same level of compassion and care for our employees as well, doing all that we can to help them realize their full potential – both personally and professionally.

Who You Are

You are a compassionate, talented professional who wants to work in an environment where you can live out your faith and your values. You are excited about being part of a team that uses the latest technology and medical research to ensure patients receive quality care, but who also recognize that great care is always personal. You enjoy going out of your way to make each patient and their family feel special, and are passionate about guiding them toward optimal health.

Our Community

Our community is global and so is our reach. From coordinating medical mission trips in Ethiopia to planting school gardens in Florida, we are constantly seeking ways to go beyond hospital walls in improving the health of our communities. As a member of our team, you will be encouraged to use your talents in fun, meaningful ways that bring joy and healing to people around the world.

Our Mission

Part of this worldwide network, Adventist Health System was founded in 1973 to support and strengthen the Seventh-day Adventist health care organizations in the Southern and Southwestern regions of the United States. Today it is a national leader in quality, safety and patient satisfaction, comprised of 46 hospital campuses and nearly 77,000 employees.

Although separated by geography, each of our facilities is united by the mission of Extending the Healing Ministry of Christ. Today we continue the tradition of whole-person care by practicing and sharing CREATION Health, a blueprint for living a healthy, happy life based on the principles given in the Bible’s creation story: Choice, Rest, Environment, Activity, Trust, Interpersonal relationships, Outlook and Nutrition.

We provide comprehensive benefits, training and advancement opportunities. We care for our employees as well as we care for our patients.