Senior Information Security Analyst-Remote - (Brentwood, Tennessee, United States)
Location: Brentwood, Tennessee
Internal Number: 32123095120
Healthcare Without Rival Premise Health is the world's leading direct healthcare provider and one of the largest digital providers in the country, serving over 11 million eligible lives across more than 2,500 of the largest commercial and municipal employers in the U.S. Premise partners with its clients to offer fully connected care – in-person and in the digital environment. It operates more than 800 onsite and nearsite wellness centers in 45 states and Guam, delivering care through the Digital Wellness Center and onsite, nearsite, mobile, and event solutions.
Premise delivers value by simplifying complexity and breaking down barriers to give diverse member populations access to convenient, integrated, high-quality care. We offer more than 30 products, delivering the breadth and depth of care required to serve organizations' total populations. The result is healthcare that meets the needs of members and their families, helping them live healthier while lowering costs for organizations.
Premise offers a wide range of dynamic, purpose-driven career opportunities. We are currently looking for a Senior Information Security Analyst to join our team remotely.
About the role: The Sr. Security Analyst demonstrates a working knowledge of a Security Operations Center (SOC) from multiple years of experience. This includes activities related to incident response, forensic analysis, threat detection, and analysis. We are seeking an individual who will bring security analysis and threat detection experience to the organization in order to support, grow and mature our current SOC environment. The Sr. Analyst will perform threat detection and incident response activities including threat hunting, detection creation, endpoint analysis, end-user interviews, and timeline construction. The Sr. Analyst will interact with multiple departments and assist support personnel in determining remediation methods on systems. The Sr. Analyst may be asked to assist in threat modeling, penetration testing exercises, and provide recommendations based on current industry trends.
The successful candidate will be one who demonstrates a tangible passion for security. The information security team is a dynamic team in a rapidly growing department. New ideas, approaches, and solutions are shared actively amongst the team members and opportunities to engage in new areas of interest abound.
Develop advanced queries and alerts to detect adversary actions
Assist in tuning of SIEM tools based on feedback of other analysts
Research the latest information technology (IT) security trends and technologies and make recommendations for use based on business value
Ability to analyze, recommend, and define requirements for automation (SOAR)
Expand and mature existing detection and response processes and activities, including interfacing with internal and external teams
Ability to work with IOC’s to determine validity as it applies to Premise Health
Coordinate response, triage, recovery, and reporting of security incidents.
Prepare reports that document security incidents and the extent of the damage caused by the incident
Utilize implemented incident response tools for the SOC
Mentor and train junior analysts
Analyze attacker tactics, techniques, and procedures (TTPs) and how they apply to Premise Health for the purpose of improving alerting and detection practices
Refine and develop dashboards, queries, and reports to continuously improve security situational awareness
Help plan and carry out an organization’s security policies and procedures
Develop security standards and best practices for their organization
Participate in documenting security standards, guidelines, policies and procedures.
Creates reusable security artifacts.
On-call position which participates in an on-call rotation with other team members.
May require other duties as assigned.
BS degree in Engineering, Computer Science, Information Security, or Information Systems preferred
Professional certifications such as GMON, GCIH, CCNP, CASP+, OSCP, or CISSP preferred
5+ years’ experience supporting a SOC or similar team
Expertise in at least one of the following:
Threat Detection and Engineering
Endpoint Incident Response
Network Traffic Analysis
Cloud Incident Response
Demonstrated Experience with designing use cases for threat detection regarding SIEM technologies (AlienVault, Splunk, Q-Radar, etc.)
Experience in coordinating and supporting Threat detection creation, incident handling and remediation
Experience with 1 or more scripting language such as PowerShell, Python, Bash, VBScript preferred
Experience in the healthcare service industry or other highly regulated industry preferred
Attention to detail
Ability to communicate complex concepts to a variety of technical and non-technical audiences via written or verbal communications
Ability to perform root cause analysis of incidents and determine detection and mitigation techniques
Ability to analyze data and communicate findings to users, technical staff, and upper management.
Strong understanding of IT operations: help desk, end-point management, networking, and server management
Ability to effectively network, participate in interdepartmental teams, and develop key working relationships
Strong understanding of security operations concepts: TTPs, perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment, and security metrics
Strong understanding of data visualization techniques preferred
Work-life balance is at the foundation of how decisions are made and where Premise is headed. We can only help people get, stay, and be well if we do the same for ourselves. In addition to competitive pay, Premise offers benefits packages including medical, dental, vision, life insurance, 401(k), paid holidays and vacation time, a company-sponsored wellness program, and much more our talent acquisition team will be happy to share with you.
Premise Health is an equal opportunity employer; we value inclusion, and we do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status or disability status.
Compensation is between $120,000 to $140,000 annually. Premise offers a comprehensive benefits package to all full-time team members including Medical, Dental, Vision, 401K, Paid Time Off, Paid Holidays, annual CEU/CME allowance, and Tuition Reimbursement. Benefits offered to part-time team members include 401K, Paid Time Off, Paid Holidays and annual CEU/CME allowance. PRN team members may also enroll in 401K.
To support Premise Health’s commitment to the safety, health and wellbeing of our team members, clients and patients, Premise Health encourages all new team members to be fully vaccinated and up to date with a COVID-19 vaccine. Where applicable state or local laws or a client require, individuals who are offered and accept a position with Premise Health will be required to provide proof of vaccination in the form of a CDC vaccination card as part of the pre-employment onboarding process. *Except where a reasonable medical or religious accommodation can be granted.