Security Operations Analyst Job at Memorial Hermann Health System
At Memorial Hermann, we're about creating exceptional experiences for both our patients and our employees. Our goal is to provide opportunities for our diverse employee population that develop and grow careers in a team-oriented environment focused on patient care.
Every employee, at every level, begins their journey at Memorial Hermann learning about the history of the organization and its established culture built on trust and integrity. Our employees drive this culture, and we want you to be a part of it.
Job Summary
Position responsible for performing security monitoring and incident response tasks and will often be required to work independently. This experienced position uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within the Memorial Hermann environments for the purposes of mitigating threats. Additionally, investigates, analyzes, and responds to cyber incidents within the network environment. This position must be able to leverage correlated security data from a variety of source to aide in incident response activities. Job Description
MINIMUM QUALIFICATIONS
Education: Bachelor's degree preferred or equivalent experience
Certifications: CCNA, Network+, or Security+, or 1 year of relevant experience
Experience: 3-6 years of related experience required
Knowledge:
Skills:
Abilities:
Demonstrates commitment to the Partners-in-Caring process by integrating our culture in all internal and external customer interactions; delivers on our brand promise of "we advance health" through innovation, accountability, empowerment, collaboration, compassion and results while ensuring one Memorial Hermann.
PRINCIPAL ACCOUNTABILITIES
Every employee, at every level, begins their journey at Memorial Hermann learning about the history of the organization and its established culture built on trust and integrity. Our employees drive this culture, and we want you to be a part of it.
Job Summary
Position responsible for performing security monitoring and incident response tasks and will often be required to work independently. This experienced position uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within the Memorial Hermann environments for the purposes of mitigating threats. Additionally, investigates, analyzes, and responds to cyber incidents within the network environment. This position must be able to leverage correlated security data from a variety of source to aide in incident response activities. Job Description
MINIMUM QUALIFICATIONS
Education: Bachelor's degree preferred or equivalent experience
Certifications: CCNA, Network+, or Security+, or 1 year of relevant experience
Experience: 3-6 years of related experience required
Knowledge:
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of cybersecurity and privacy principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of authentication, authorization, and access control methods.
- Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
- Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
- Knowledge of operating systems.
- Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
- Knowledge of Virtual Private Network (VPN) security.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of network services and protocols interactions that provide network communications.
- Knowledge of incident response and handling methodologies.
- Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
Skills:
- Skill of identifying, capturing, containing, and reporting malware.
- Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
- Skill in collecting data from a variety of cyber defense resources.
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
- Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
- Skill in reading and interpreting signatures (e.g., snort).
- Skill in developing and deploying signatures.
- Skill in preserving evidence integrity according to standard operating procedures or national standards.
- Skill in using incident handling methodologies.
Abilities:
- Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
- Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
- Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
- Ability to analyze malware.
Demonstrates commitment to the Partners-in-Caring process by integrating our culture in all internal and external customer interactions; delivers on our brand promise of "we advance health" through innovation, accountability, empowerment, collaboration, compassion and results while ensuring one Memorial Hermann.
PRINCIPAL ACCOUNTABILITIES
- Participates in the research, installation, configuration, implementation, troubleshooting and maintenance of security systems and services.
- Participates in implementing controls and procedures to protect information systems from unauthorized or accidental modification, disclosure, or destruction, under the guidance of Team Leads or Management.
- Provides unassisted support to application owners, project manager, vendors, and end-users.
- Leverages correlated security data from a variety of source to aide in incident response activities.
- Correlates incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
- Ensures that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
- Performs event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
- Characterizes and analyzes network traffic to identify anomalous activity and potential threats to network resources.
- Documents and escalates incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
- Performs analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
- Performs cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
- Performs cyber defense trend analysis and reporting.
- Provides daily summary reports of network events and activity relevant to cyber defense practices.
- Receives and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
- Tracks and documents cyber defense incidents from initial detection through final resolution.
- Provides timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
- Uses cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
- Works on teams and provide task completion for all levels of projects.
- Accountable for meeting and setting project timelines.
- Recommends technical standards.
- Participates in designing and planning of advanced security systems or services.
- Provides guidance and mentoring to Security Analyst(s).
- Researches and makes recommendations regarding the acquisition of new security tools and technology.
- Responsible for covering a 7x24 shift of on call support rotating which is rotated weekly among the Information Security Cyber Operations team.
- Ensures safe care to patients, staff and visitors; adheres to all Memorial Hermann policies, procedures, and standards within budgetary specifications including time management, supply management, productivity and quality of service.
- Promotes individual professional growth and development by meeting requirements for mandatory/continuing education and skills competency; supports department-based goals which contribute to the success of the organization; serves as preceptor, mentor and resource to less experienced staff.
- Other duties as assigned.
Please Note :
caminobluff.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, caminobluff.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.