Penn Medicine - Philadelphia, PA

posted about 2 months ago

Full-time - Senior
Remote - Philadelphia, PA
Ambulatory Health Care Services

About the position

The Lead Cybersecurity Incident Response Analyst at Penn Medicine plays a crucial role in ensuring the effectiveness of cybersecurity operations and incident response activities. This position is pivotal in providing technical direction and mentoring to junior and senior analysts within the Security Operations Center (SOC). The Lead Analyst will coordinate multiple 24x7 cybersecurity incident follow-up activities, conduct technical research and analysis of threats and vulnerabilities affecting information systems, and participate in various cybersecurity program activities, including risk assessment, risk management, and risk remediation. The role requires a strong on-site presence for the first six months, after which remote work may be possible. In this position, the Lead Analyst will be responsible for providing technical leadership and coaching to SOC analysts, ensuring the highest quality in the delivery of response services. This includes assisting management in developing processes, service level agreements (SLAs), metrics creation, and enhancing service maturity. The Lead Analyst will receive escalations from the SOC team, conduct investigations, and perform interviews as necessary. They will investigate suspicious network and endpoint activity, provide feedback on incident response playbooks and plans, and partner with information security engineers to implement and maintain security technologies. Additionally, the Lead Analyst will collaborate with information assurance advisors to address network and endpoint security risks, participate in vulnerability management, and manage the forensic chain of evidence as needed. Maintaining written documentation on investigations and performing duties in accordance with Penn Medicine's values, policies, and procedures is also essential. The role may involve other duties as assigned to support the unit, department, entity, and health system organization.

Responsibilities

  • Provide technical leadership and coaching to multiple junior and senior SOC analysts, ensuring the highest quality in the delivery of response services
  • Assist management in process, service and SLA development, metrics creation and management and maturity enhancements
  • Receive escalations from the SOC team and conduct investigations as requested
  • Conduct interviews as needed
  • Investigate suspicious network and endpoint activity
  • Provide feedback on IR playbooks, runbooks, and plans as needed
  • Partner with information security engineers to implement and maintain security technologies
  • Collaborate with information assurance advisors to address network and endpoint security risks
  • Participate in vulnerability management, including scanning and remediation
  • Manage the forensic chain of evidence as needed
  • Maintain written documentation on investigations
  • Perform duties in accordance with Penn Medicine and entity values, policies, and procedures
  • Other duties as assigned to support the unit, department, entity, and health system organization

Requirements

  • Bachelor's degree (Required)
  • 7+ years of experience in information technologies, especially information security, such as security operations and incident response, regulatory compliance or audit, vulnerability management, security engineering or similar experience (Required)
  • 3+ years of experience with incident response technology, process, and programs (Required)
  • 0-1 years of familiarity with security standards and frameworks such as: HIPAA, PCI DSS, HITRUST, NIST, ISO, etc. (Required)
  • 0-1 years of experience with Incident Response lifecycle and supporting technologies, including hands-on experience with modern SIEM/SOAR platforms, EDR tools, NDR and/or NBAD tools, or the like (Required)
  • Information security certifications, such as Security+, Network+, CCNA Security, GSEC, GCIA, GCFA, GPEN, CEH (Preferred)

Benefits

  • Comprehensive compensation and benefits program
  • Prepaid tuition assistance programs
  • Health and wellness programs
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service