Senior Cyber Threat Detection Analyst (REMOTE) at Trinity Health #vacancy #remote

Employment Type:

Full time Shift:

Description:

Trinity Health’s Enterprise Information Security group is seeking to add more experts to our cyber security program. We are looking for experienced individuals who have demonstrable experience configuring security monitoring tools in support of the ongoing development and refinement of advance analytic models to detect cyber security threats ranging from sophisticated malware to employee misuse. This position will work on a team of dedicated cyber security professionals reporting directly into the Security Operations Center manager. As part of a growing cyber security program, you will have an opportunity to put your skills to the test in defending a large enterprise network and safeguarding information assets while supporting the needs of our patients, physicians, colleagues and other key stakeholders.

The primary responsibilities include defining data collection requirements, developing and testing analytic models, measuring the detection success rate, and refining the model to improve accuracy. The development of analytic models will require the application of Boolean logic, statistical methods, data mining concepts, and behavior-based machine learning techniques. This position will work closely with the cyber threat intelligence team to understand emerging threats, security monitoring, and incident response teams to identify log collection requirements.

POSITION AVAILABLE AS A 100% REMOTE OPPORTUNITY

Enterprise Information Security continues to expand its capabilities and is looking for a Senior Cyber Threat Detection Analyst. This position will support cybersecurity incident monitoring/detection across Trinity Health and its Ministry organizations.

POSITION PURPOSE

Senior Cyber Threat Detection Analyst will apply advanced experience, technical knowledge, and skills in support of security monitoring capabilities.

Knowledge and administration are desired in the following platforms is desired:

  • CRIBL
  • SIEM – QRadar
  • SOAR – Palo Alto XSOAR
  • ServiceNow
  • UEBA – Exabeam
  • Datalake

ESSENTIAL FUNCTIONS

  • Knows, understands, incorporates, and demonstrates the Trinity Health Mission, Vision, and Values in behaviors, practices, and decisions.
  • Subject matter expert for onboarding SIEM components.
  • Interfaces with external MSSP to help develop detection rules.
  • Supports Incident Response, Cyber Threat Intelligence and Red Teams to create advanced alerts and detections to increase security efficacy, supporting compliance and audit requirements.
  • Create and manage UEBA watch lists for current threats.
  • Perform SIEM administration, health checks, software upgrades, updates and patches as needed while maintaining data log integrity.
  • Configure backups, verify custom reports, manage log source groups, and validate log sources
  • Add/Remove log sources. Troubleshoot log source issues with systems owners or vendor.
  • Assists in the development of SIEM/logging architecture plan with a cybersecurity focus to assure integration and support of overall business requirements and strategic business objectives.
  • Self-development through self-study to increase levels of expertise as subject matter expert for understanding, designing, and implementing network security solutions using best practice approach.
  • Educates and mentors peers.
  • Performs other duties as assigned.
  • Maintains a working knowledge of applicable Federal, State and local laws/regulations; the Trinity Health Integrity and Compliance Program and Code of Conduct; as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior.

MINIMUM QUALIFICATIONS

  • Bachelor’s Degree with at least four (4) years of related experience in infrastructure environments performing enterprise level network security management.
  • Must be available for on-call rotations to support 24x7x365 service availability.
  • Related experience with cybersecurity system monitoring, including event correlation through Security Information Event Management system (SIEM) is preferred.
  • Must possess experience in creating technical documentation, network diagrams, and job-aids with Microsoft applications Visio, Word, Excel and PowerPoint.
  • Ability to work independently, manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects & workload.
  • Must be able to set and organize one’s own work priorities and adapt to them as they change frequently.
  • Relevant industry certification is preferred (CISSP, GCDA, GCIA, GCIH, GSOM, GSOC, GDSA, GCIH, CEH, CCNP or CCSE).
  • Must be team oriented, supportive, and committed to excellence and possess a high level of initiative and self-motivation with a demonstrated work ethic.
  • Must be committed to continual personal and professional growth, possess a pro-active approach with a willingness to “go the extra mile” every time for the customer.
  • Must be comfortable operating in a collaborative, shared leadership environment.
  • Must possess a personal presence that is characterized by a sense of honesty, integrity, and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals, and values of Trinity Health.

PHYSICAL AND MENTAL REQUIREMENTS AND WORKING CONDITIONS

  • This position operates in a typical office environment. The area is well lit, temperature-controlled and free from hazards.
  • Incumbent communicates frequently, in person and over the telephone, with people in a number of different locations on technical issues.
  • Manual dexterity is needed in order to operate a keyboard. Hearing is needed for extensive telephone and in person communications.
  • The environment in which the incumbent will work requires the ability to concentrate, meet deadlines, work on several projects at the same period and adapt to interruptions.
  • The incumbent must be capable of traveling in the course of completing project assignments.
  • Must be available for on-call rotations to support 24x7x365 service availability.
  • Must be able to travel to the various Trinity Health sites (up to 10%) as needed (may or may not apply)

Our Commitment to Diversity and Inclusion

Trinity Health is one of the largest not-for-profit, Catholic healthcare systems in the nation. Built on the foundation of our Mission and Core Values, we integrate diversity, equity, and inclusion in all that we do. Our colleagues have different lived experiences, customs, abilities, and talents. Together, we become our best selves. A diverse and inclusive workforce provides the most accessible and equitable care for those we serve. Trinity Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other status protected by law.

ServiceNow SIEM Cisco Certified Network Professional SOAR Data lake IBM QRadar Certified Ethical Hacker (CEH) Certified Information Systems Security Professional (CISSP)

Leave a Reply