Sponsorship is not available, must be a US Citizen.
We will not relocate. Can be remote, but must be close to our Kettering, OH office.
8-hour day Mon-Fri with occasional weekend work, On call as required for Infrastructure support
SUMMARY
The Senior Security Analyst is responsible for monitoring, tracking, and reporting relevant security events, types, and sources. The Senior Security Analyst is also responsible for applying technical and functional expertise to collect, normalize, characterize cyber incident, and event data to identify anomalous or malicious activity including intrusions, attacks, data loss or other prohibited activities. The Senior Security Analyst will analyze and correlate incidents and events that may involve data breaches or malicious activity against our network.
QUALIFICATIONS & ATTRIBUTES:
Bachelor's degree in Computer Science or Technology, Engineering, Information Security, or related fields is required.
Security+ certificate or equivalent required. CISSP certification is highly desirable.
Four to five years of information security experience in a healthcare environment working with end point management, Network Detection Systems (NDS), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), vulnerability scanning, patch management, event log monitoring, multi-factor authentication, disaster recovery and business continuity planning, incident response, firewall configuration(s) and cloud security.
3+ years' processing working with a ticketing system including publishing knowledge base articles.
3+ years experience collecting, analyzing, actioning, and reporting on security logs.
3+ years experience identifying security vulnerabilities and supporting actions to address risks.
3+ years experience supporting disaster recovery and business continuity exercises.
Demonstrated ability to successfully establish and maintain professional relationships across the organization and with external parties.
Intermediate skills in Microsoft Office software suite - Word, Excel, Outlook, PowerPoint
Knowledgeable on computer hardware and software, technical understanding and comprehension, and networking familiarity.
Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience.
Strong interpersonal skills and good judgment with the ability to work alone or as part of a team.
Disciplined style of work ethic with the ability to prioritize and be timely.
MAJOR AREAS OF RESPONSIBILITY:
Support studies to evaluate, recommend, and implement security solutions that enhance core information and physical security capabilities.
Focus areas include security infrastructure, access management, networking, and databases.
Identify potential impact to the ASHN corporate and agency environments by analysis of intelligence reports, forensic reports, and reverse engineering of malware reports.
Determine associated indicators of compromise (IOC's) to develop and distribute countermeasures to detect and prevent identified threats.
Evaluation of IOCs from incidents to determine association with known computer network exploitation (CNE) groups.
Investigate the IOCs for other infrastructure related to the CNE teams (domain registration, IP ownership, VPN infrastructure, strains of malware, etc. for the possible addition of proactive defensive measures.
Assist the InfoSec and Infrastructure teams responsible for preventing and mitigating the potential impact of cyber-attacks by developing, distributing, and sharing countermeasures that may impact networks and information systems.
Provide expertise in security operations, incident analysis, and vulnerability management.
Analyze logs from various security sensors, including network packet captures, DNS, EDR, proxy, and host-based security.
Assist with identifying and mitigating security risks at the system level, especially those from project-level risks.
Interview stakeholders to define and document business and/or technology requirements.
Establish strong working relationships with business partners across different domains.
Evaluate existing Information and Physical Security processes and document them.
Identify opportunities for process enhancements.
Ensure value and consistency for users and customers.
Stay informed about internal and external threats related to information security.
Provide advice and support for managed systems and vendors.
Assist with the ASHN Information Security Program awareness and training.