The L2 Security Analyst is primarily a response analyst expected to handle day-to-day tasks involving Security Operations Center (SOC) (CIRC) monitoring, incident analysis, investigation, and response. The analyst will provide recommendations for remediation, as well as short-notice ad hoc work, and see remediation through to completion with minimal supervision. Security Analysts provide recommendations for continuous improvement and suggestions for implementing best practices and improving standard processes and procedures.
The L2 Security Analyst will also be responsible for the successful day-to-day operations related to security appliance capabilities within the Security Operations Center (SOC)/CIRC infrastructure, and will also be responsible for maintaining the security tool sets. These responsibilities will include systems administration with a deep understanding of security tools. This role supports the SOC/CIRC incident response component during investigations, incidents, and general security operations.
This position is primarily responsible for incident triage, initial remediation and further analysis of incidents that have been escalated by the L1 Security Analysts. Duties include:
Active real-time security monitoring
Security event detection, triage and threat analysis for complex and/or escalated security events
Provide log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions
Perform threat hunting to Identify potential information security incidents and escalate information to appropriate staff.
Assess threat and vulnerability information from all sources (both internal and external) and promptly apply applicable mitigation techniques initiating indications and warnings.
Perform threat and vulnerability assessment and provide subject matter expertise on appropriate threat mitigation.
Develop/Monitor basic IDS/IPS rules to identify and/or prevent malicious activity.
Provide other services as a key member of the Security Operations Center team.
Other responsibilities include the continuous improvement of processes used by the L1 Security Analysts and the Security Operations Center, improve rules and alerts in the incident monitoring systems, proactively scanning assets for indicators, mentoring the L1 Security Analysts, and are well versed in the various utilized technologies.
Detailed technical understanding of security incidents, alerts, and tools;
Command line experience with tools and operations systems used in the environment;
Packet analysis and deep understanding of network protocols and traffic analysis;
Excellent problem solving, collaboration and communication skills;
Must have experience in SOC/NOC or IT Operations environment;
Knowledge and experience in Windows / Linux Operating Systems, baseline security configurations, audit, forensics, Patch Management for these OSs;
Excellent written and verbal communications skills;
Ability to work independently as well as in a team;
Experience with RSA Security Analytics (Netwitness)
Experience with Cisco Sourcefire
Experience with FireEye NX
Experience with Check Point firewall
Experience with Snort and/or Bro IDS
A bachelor's degree or equivalent experience is required. Minimum of two years with relevant experience such as: incident analysis, security architecture, malware research, SOC/CIRC, systems or network engineering or administration, is required. The role requires experience analyzing and inspecting log information, packets, and other security tool information output from a variety of sources. Security industry certifications such as GIAC are preferred.
We reveal and foster God's healing love by improving the health of the people and communities we serve, especially those who are poor and vulnerable.
Inspired by our faith,
•We will be distinguished as the premier person-centered health system and trusted partner.
•We will share accountability with clinicians and other stakeholders to coordinate care across all settin...gs and improve access, quality, health outcomes, and affordability.
•We will grow as community-based health networks to serve more people in partnerships with others who share our vision and values.
Caring Spirit - We honor the sacred dignity of each person.
Excellence - We set and surpass high standards.
Good Humor - We create joyful and welcoming environments.
Integrity - We do the right thing with openness and pride.
Safety - We deliver care that seeks to eliminate all harm for patients and associates.
Stewardship - We are accountable for the resources entrusted to us.