Assists in operational support for continuous monitoring of all designated networks, infrastructure and systems. Supports an Incident Response Framework by ensuring preparation, detection, analysis, containment, eradication, recovery and post-incident activities to prevent threats and mitigate cyber incidents.
Minimum Specifications Education - Must have a Bachelor's degree in Computer Science or related field or the equivalent of education, professional training or work experience.
Experience - Must have one year of experience in an information systems security domain with a background in intrusion detection monitoring, incident response and mitigation, threat research and cyber intelligence analysis or other cyber security domain.
Equivalent Education and/or Experience - May have an equivalent combination of education and experience to substitute for both the education and the experience requirements.
Certification/Registration/Licensure - Must have one of the following certifications within 6 months of placement in position. - Must have a current CompTIA Security+ Certification or equivalent industry certification, background and knowledge. CISSP preferred. Required Tests for Placement
Skills or Special Abilities - Must be able to analyze and correlate security information with other relevant data sources. - Must have the ability to perform complex research in order to determine industry standard products and solutions to facilitate creation of security mitigation controls / recommendations. - Must have experience in Agile Methodologies. - Must have superior writing skills and the ability to communicate effectively regarding technology. - Must understand risk assessment models, such as NIST 800-61. - Must have a general understanding of the following technologies: Microsoft Active Directory, Data Loss Prevention, Encryption Technologies, Vulnerability Management, Intrusion Detection Systems, Intrusion Prevention Systems, Virtual Private Network, Linux Operating Systems, Windows Operating Systems, Communication Protocols, Multi-factor authentication, Cloud Access Security Broker, Endpoint Detection and Response Technologies, Security Information and Event Management Tools - Must have experience with malware analysis, threat intelligence and vulnerability management. - Must have good working knowledge of common security concepts. - Must have a working knowledge of the HIPAA Security Rule and PCI. - Must be able to listen and communicate effectively.
Responsibilities 1. Participates in preparation of incident response actions to ensure security incidents are properly identified and created in a timely manner. 2. Responsible for validating indicators of compromise by investigating ambiguous, incomplete, contradictory or erroneous indicators to confirm actual security incidents. 3. Follow containment strategies associated to incident types. 4. Execute eradication actions to eliminate threat components associated to the incident. 5. Engage appropriate resources to perform restoration of systems associated with the incident. 6. Participates in post-incident activity meetings to improve incident response capabilities and prevent the incident from recurring. 7. Assists in security assessments (physical and logical) to measure compliance status with security rules and regulatory mandates. 8. Provides data and delivers summary reports to peers for presentation to leadership. 9. Utilizes tools for review and monitoring of audit logs, devices, applications, and forensics. 10. Maintains knowledge of applicable rules, regulations, policies, laws and guidelines that impact the Parkland. Participates in the creation of effective security controls designed to promote adherence with applicable laws and accreditation agency requirements. Seeks advice and guidance as needed to ensure proper understanding. 11. Document procedures necessary for the implementation of Information Security Policies and Standards. 12. Identifies ways to improve work processes and improve customer satisfaction. Makes recommendations to supervisor. Implements and monitors results as appropriate in support of the overall goals of the department and Parkland. 13. Stays abreast of the latest developments, advancements, and trends in the field of Cyber Security Incident Response by attending seminars/workshops, reading professional journals, and actively participating in professional organizations. Integrates knowledge gained into current work practices.
Parkland Health and Hospital System prohibits discrimination based on age (40 or over), race, color, religion, sex (including pregnancy), sexual orientation, gender identity, gender expression, genetic information, disability, national origin, marital status, political belief, or veteran status.
Nearest Major Market: Dallas
Nearest Secondary Market: Fort Worth
Job Segment: Healthcare Administration, Patient Care, Healthcare