| Unit Description|
Care Site Description
SCL Health is a faith-based, nonprofit health care organization headquartered in Broomfield with facilities located in Colorado, Kansas and Montana. SCL Health operates:
4 safety net clinics
1 children's mental health treatment center
190+ ambulatory service centers
Interested in making a difference? Then check us out. Our rich heritage and mission, and our focus on health care delivery that values person-centered care, excellence and accountability are a winning combination as we bring healthâ??and hopeâ??to our patients.
Our ministry is dedicated to improving the health of the communities and individuals we serve, especially those who are poor and vulnerable.
The L2 Security Analyst is a response analyst that conducts secondary triage and analysis using security technologies, primary remediation, is responsible for proactively searching and scanning the environment, and mentors or guides L1 response analysts. Someone in the role should also be able to profile and trend events in the environment to determine if an incident needs to be created after searching. While the L2 Security Analyst will spend time working off of a pre-documented playbook, security analytics should be a large portion of their work.
The L2 Security Analyst will be responsible for the successful day-to-day operations related to security appliance capabilities within the Security Operations Center (SOC)/CIRC infrastructure, and will also be responsible for maintaining the security tool sets. This will be considered a System Administrator with a deep understanding of security tools. This role supports the SOC/CIRC incident response component during investigations, incidents, and general security operations.
This position is primarily responsible for incident triage, initial remediation and further escalation of incidents that have been escalated by the L1 Security Analysts. Other responsibilities include the continuous improvement of processes used by the L1 Security Analysts and the Security Operations Center, improve rules and alerts in the incident monitoring systems, proactively scanning assets for indicators, mentoring the L1 Security Analysts, and are well versed in the various utilized technologies.
- Detailed technical understanding of security incidents, alerts, and tools;
- Basic command line experience with tools and operations systems used in the environment;
- Packet analysis and deep understanding of network protocols and traffic analysis is necessary;
- Excellent problem solving, collaboration and communication skills;
- Understanding of malware
A bachelorâ??s degree or equivalent experience is required. Individuals with a minimum of two years of incident analysis, security architecture, and malware research, SOC/CIRC, or similar experience is required. The role requires experience analyzing and inspecting log information, packets, and other security tool information output from a variety of sources. Exposure to network devices, Microsoft Windows systems, UNIX systems, and SIEM as well as other security products utilized in an environment is essential. Candidates should be familiar with reverse engineering and understanding malware, rootkits, TCP/UDP packets, SMTP, HTTP.