Full time position with strong experience and/or education in tactical cyber-attack monitoring, evaluation, exploit testing, analysis, and cyber intelligence:
- As an Information Security Analyst, design and implement IT security systems to protect the organization's computers and user networks, with a well-rounded understanding of endpoint/network defenses and detection methodologies.
- The team member will need to have experience in conducting technical research and identifying methods to detect emerging cyber threats, emulating full-life cycle cyber-attack methodologies expertise in how cyber threat actors think and attack.
- Develop/update organization-wide best practices for IT security. Regular collaboration with multiple teams will be critical to success: the ideal candidate will have experience partnering with internal and external parties to resolve identified capability gaps.
- Excellent written and oral communication skill are critical. Ability to conduct training, present findings, explain risks to users with varying technical skillsets.
This position reports directly to the Vice President, Information Technology.
Essential Duties and Responsibilities include the following, but not limited to:
- Advanced experience with security tools (SIEM, antivirus software, IDS/IPS, Firewalls, mobile devices)
- Design, analyze and implement efficient IT security systems
- Define effective processes for managing network security
- Manage information security software and controls
- Perform risk assessment of new technologies introduced in existing environment
- Disaster Recovery Planning
- Monitor for malware and perform cyber forensics as needed
- Maintain security records of monitoring and incident response activities
- Monitoring compliance with information security policies and procedures
- Collaborate on requests for specialized cyber threat reports
- Produce situational and incident-related reports
- Gather feedback from end users and remain current on latest technologies for continuous improvement
- Train organization on security measures
Desired Skills, and Abilities:
- 4+ years of information security experience including experience in one or more of the following security disciplines: information security monitoring, incident response, vulnerability management, host/network forensics, cyber-crime investigation, penetration testing, business continuity, or cyber threat intelligence
- Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
- Advanced knowledge of Microsoft email environments
- 3 + years of executing ethical penetration testing including exploitation and post-exploitation experience
- Strong investigative mindset with an attention to detail
- Highly refined and professional verbal and written communications
- Knowledge and understanding of healthcare industry
Education and Certification:
- Bachelor degree in Computer Science or related Cybersecurity field
- A minimum of one certification from the list below:
- ISO 27001
- Certified Ethical Hacker
- Certified Information Systems Security Professionals (CISSP)
- Certified Information Systems Auditor
- Licensed Penetration Tester (LPT)
- CREST – Intrusion Analyst, Cyber Threat Intelligence