Sr. Cyber Security Analyst TECH-52407
Provide data security support and guidance.
Provides hands-on security administration of a broad range of security duties and requires a high level of technical experience.
Duties and responsibilities include, but are not limited to oversight of design, engineering, analysis, research, testing and monitoring.
Serve as the Technical Analyst senior advisor to the Chief Data Security Officer, IT Security Operations Manager and Sutter Health Support Services organization.
Experience with IT General Controls, Identity Access Management, process improvement and business analytics would be beneficial.
Job Description and Experience Requirement:
Senior analyst will work on the Cyber-security team, providing incident response investigation, containment, remediation, and reporting of major information security incidents supporting all business units.
The team coordinates with IS, Legal, Privacy, and other appropriate business units to gather incident details, assess impact, and coordinate response.
The role is in a large environment of 5K
Microsoft Windows servers and 60K
Microsoft Windows 7 desktops.
It will work closely with the Dell Security Operations Center, responding to and remediating tickets and driving follow up projects.
They will develop close working relationships with departments impacted by tickets generated by SOC to aid in driving security initiatives forward and to allow for smooth incident response.
Health Care Industry experience is a plus.
Sr.
Cyber Security Analyst Core
Responsibilities:
o Provide Incident Response, coordinating tasks and people, documenting and writing reports.
o Respond to Dell Security Operations Center (SOC) notifications and work to resolve them.
o Undertake complex project work that results from SOC incidents to troubleshoot root cause and drive solutions with other teams (Desktops, Servers (Windows and Unix), Network, others as needed).
o Forensic work on servers and workstations (Encase, etc.
).
o Complex analysis of logs provided from various sources to pinpoint issues and drive resolution o Leadsupport computer security incident outbreaks, resolutions and all phases in between.
o Undertake problem ownership.
o Manage vendor relationship and work to ensure timely resolution to enterprise platform issues.
o Participate in On-Call rotation with other team members providing coverage 24x7 o Form strong relationships with IS teams to aid in future initiatives and incident resolution o Provide architecture assurance on security platform initiatives o Maintain security infrastructure, providing stability by following and using the tools, policies, processes and procedures available o Provide a secure environment, managing and mitigating risks o Provide reporting and metrics o Resolve Incidents and/or outages impacting services provided by the team o Create, review, maintain and update documentation o Work with colleagues to provide consistent processes and procedures and provide innovative ideas o Escalate and liaise with additional internal/external groups when required, resulting in satisfactory resolution o Active & Constructive participation within and amongst teams and colleagues o Regularly re-evaluate processes and procedures and Instigate service improvement initiatives o Provide Input into Business Continuity Planning and Practices o Other Duties as Assigned Required Experience o 3
years of progressive experience in information security, computer forensics and investigations, incident response, or related field.
o One or more years of experience responding to information security related incidents such as but not limited to malware, privilege escalation, policy and standard violations, HIPAA and PCI issues including DLP, etc Education - Required:
o Bachelor's Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience required.
o Post-graduate degrees, certificate programs in relevant areas, which demonstrate analytical writing will also be considered Preferred o Two or more technical or security certifications strongly preferred (CISSP, SANS GIAC/GCIH, CISA/CISM vendor-specific, etc).
Special Knowledge, Skills, Abilities:
o Proven ability to drive all phases of the incident response process:
Preparation, Detection, Analysis, Containment, Eradication, Recovery, and Post-Incident Activity (including Lessons Learned) o Preference may be given to candidates with a strong knowledge of healthcare environments o Exceptional ability to analyze and distill relevant findings and determine root cause o Understanding of forensic evidence practices and procedures o Excellent technical skills able to troubleshoot large difficult problems across multiple systems and platforms o Strong understanding of information systems security; network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems, such as Exchange; Microsoft Office applications; intrusion tools; and computer forensic tools.
o Ability to envision solutions to complex deep rooted problems and drive them to resolution across multiple departments and teams o Knowledge and experience with the following operating systems:
Windows, MacOS, UNIX/Linux/BSD, and MSDOS.
o Strong documentation skills, able to developmaintain procedure documents and run-books o Able to coordinate multiple IT resources effectively and document work done and present it.
o Interpersonal Skills - Communication, flexibility, self-driven, team player, persistence o Extensive Windows Operating System knowledge (up to and including debugging) o Ability to work extremely well under pressure while maintaining a professional image and approach o Team player with proven ability to work effectively with other business units, IT management and staff, vendors and consultants o Ability to simultaneously manage multiple efforts o Ability to exercise discretion and maintain confidentiality o Ability to conduct investigations on compromised computers and servers o Proficiency in conducting live assessments on networks, and multiple platforms is desired o Must show demonstrable commitment to the Information Security profession, maintaining an expert knowledge of best practices and compliance requirements as well as the latest malware, attack vectors and security trends in the industry and have the ability and drive to translate into operational action items, policies, procedures, standards and guidelines.
Preferred Skills o Familiar with Encase and other forensic tools (Volatility, FTK, etc.
) o In depth understanding of computer forensic practices and procedures, basic investigations, and evidence handling (Chain of Custody, etc) o Strong Windows Desktop experience and ability to analyze forensically (memory analysis and hard drive analysis) o Linux experience o Unix server experience (logs and hardening) o Good fundamental infrastructure knowledge (DNS/WINS/TCP/IP/Routing) o Extensive networking experience o Experience with Credant (Dell DDP), FireEye, Rapid7, Websense, or Archer o Knowledge of Networks and Firewall infrastructure, especially understanding of what is needed during a Computer Security Incident o Project Management About Nelson For a full listing of jobs, go to www.
nelsonjobs.
com , our premier job search engine for candidates.
Comprised of three major business units-Nelson & Associates, Nelson Staffing, and Nelson Technology-this company with 40
years in staffing provides recruiting services to clients and candidates in accounting & finance, clerical, administration, human resources, technology, light industrial, manufacturing, legal, engineering, computer gaming, digital media, and the wine and beverage industries.
Nelson places job candidates quickly in a number of fields in full-time, executive, consultative, and temporary positions.
Additional Skills and Other Requirements.
Estimated Salary: $20 to $28 per hour based on qualifications.
Provides hands-on security administration of a broad range of security duties and requires a high level of technical experience.
Duties and responsibilities include, but are not limited to oversight of design, engineering, analysis, research, testing and monitoring.
Serve as the Technical Analyst senior advisor to the Chief Data Security Officer, IT Security Operations Manager and Sutter Health Support Services organization.
Experience with IT General Controls, Identity Access Management, process improvement and business analytics would be beneficial.
Job Description and Experience Requirement:
Senior analyst will work on the Cyber-security team, providing incident response investigation, containment, remediation, and reporting of major information security incidents supporting all business units.
The team coordinates with IS, Legal, Privacy, and other appropriate business units to gather incident details, assess impact, and coordinate response.
The role is in a large environment of 5K
Microsoft Windows servers and 60K
Microsoft Windows 7 desktops.
It will work closely with the Dell Security Operations Center, responding to and remediating tickets and driving follow up projects.
They will develop close working relationships with departments impacted by tickets generated by SOC to aid in driving security initiatives forward and to allow for smooth incident response.
Health Care Industry experience is a plus.
Sr.
Cyber Security Analyst Core
Responsibilities:
o Provide Incident Response, coordinating tasks and people, documenting and writing reports.
o Respond to Dell Security Operations Center (SOC) notifications and work to resolve them.
o Undertake complex project work that results from SOC incidents to troubleshoot root cause and drive solutions with other teams (Desktops, Servers (Windows and Unix), Network, others as needed).
o Forensic work on servers and workstations (Encase, etc.
).
o Complex analysis of logs provided from various sources to pinpoint issues and drive resolution o Leadsupport computer security incident outbreaks, resolutions and all phases in between.
o Undertake problem ownership.
o Manage vendor relationship and work to ensure timely resolution to enterprise platform issues.
o Participate in On-Call rotation with other team members providing coverage 24x7 o Form strong relationships with IS teams to aid in future initiatives and incident resolution o Provide architecture assurance on security platform initiatives o Maintain security infrastructure, providing stability by following and using the tools, policies, processes and procedures available o Provide a secure environment, managing and mitigating risks o Provide reporting and metrics o Resolve Incidents and/or outages impacting services provided by the team o Create, review, maintain and update documentation o Work with colleagues to provide consistent processes and procedures and provide innovative ideas o Escalate and liaise with additional internal/external groups when required, resulting in satisfactory resolution o Active & Constructive participation within and amongst teams and colleagues o Regularly re-evaluate processes and procedures and Instigate service improvement initiatives o Provide Input into Business Continuity Planning and Practices o Other Duties as Assigned Required Experience o 3
years of progressive experience in information security, computer forensics and investigations, incident response, or related field.
o One or more years of experience responding to information security related incidents such as but not limited to malware, privilege escalation, policy and standard violations, HIPAA and PCI issues including DLP, etc Education - Required:
o Bachelor's Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience required.
o Post-graduate degrees, certificate programs in relevant areas, which demonstrate analytical writing will also be considered Preferred o Two or more technical or security certifications strongly preferred (CISSP, SANS GIAC/GCIH, CISA/CISM vendor-specific, etc).
Special Knowledge, Skills, Abilities:
o Proven ability to drive all phases of the incident response process:
Preparation, Detection, Analysis, Containment, Eradication, Recovery, and Post-Incident Activity (including Lessons Learned) o Preference may be given to candidates with a strong knowledge of healthcare environments o Exceptional ability to analyze and distill relevant findings and determine root cause o Understanding of forensic evidence practices and procedures o Excellent technical skills able to troubleshoot large difficult problems across multiple systems and platforms o Strong understanding of information systems security; network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems, such as Exchange; Microsoft Office applications; intrusion tools; and computer forensic tools.
o Ability to envision solutions to complex deep rooted problems and drive them to resolution across multiple departments and teams o Knowledge and experience with the following operating systems:
Windows, MacOS, UNIX/Linux/BSD, and MSDOS.
o Strong documentation skills, able to developmaintain procedure documents and run-books o Able to coordinate multiple IT resources effectively and document work done and present it.
o Interpersonal Skills - Communication, flexibility, self-driven, team player, persistence o Extensive Windows Operating System knowledge (up to and including debugging) o Ability to work extremely well under pressure while maintaining a professional image and approach o Team player with proven ability to work effectively with other business units, IT management and staff, vendors and consultants o Ability to simultaneously manage multiple efforts o Ability to exercise discretion and maintain confidentiality o Ability to conduct investigations on compromised computers and servers o Proficiency in conducting live assessments on networks, and multiple platforms is desired o Must show demonstrable commitment to the Information Security profession, maintaining an expert knowledge of best practices and compliance requirements as well as the latest malware, attack vectors and security trends in the industry and have the ability and drive to translate into operational action items, policies, procedures, standards and guidelines.
Preferred Skills o Familiar with Encase and other forensic tools (Volatility, FTK, etc.
) o In depth understanding of computer forensic practices and procedures, basic investigations, and evidence handling (Chain of Custody, etc) o Strong Windows Desktop experience and ability to analyze forensically (memory analysis and hard drive analysis) o Linux experience o Unix server experience (logs and hardening) o Good fundamental infrastructure knowledge (DNS/WINS/TCP/IP/Routing) o Extensive networking experience o Experience with Credant (Dell DDP), FireEye, Rapid7, Websense, or Archer o Knowledge of Networks and Firewall infrastructure, especially understanding of what is needed during a Computer Security Incident o Project Management About Nelson For a full listing of jobs, go to www.
nelsonjobs.
com , our premier job search engine for candidates.
Comprised of three major business units-Nelson & Associates, Nelson Staffing, and Nelson Technology-this company with 40
years in staffing provides recruiting services to clients and candidates in accounting & finance, clerical, administration, human resources, technology, light industrial, manufacturing, legal, engineering, computer gaming, digital media, and the wine and beverage industries.
Nelson places job candidates quickly in a number of fields in full-time, executive, consultative, and temporary positions.
Additional Skills and Other Requirements.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
