Sr., Cyber Security Incident Responder -security incident response experience required

Parkland Health - Dallas, TX

posted 3 months ago

Full-time
Dallas, TX
Hospitals

About the position

The position at Parkland Health and Hospital System involves providing operational support for the continuous monitoring of designated networks, infrastructure, and systems. The primary focus is on supporting an Incident Response Framework, which includes preparation, detection, analysis, containment, eradication, recovery, and post-incident activities aimed at preventing threats and mitigating cyber incidents. This role is crucial in ensuring the security and integrity of the healthcare systems that serve the community, reflecting Parkland's commitment to the health and well-being of individuals and communities. As part of the responsibilities, the individual will participate in the preparation of incident response actions to ensure that security incidents are properly identified and documented in a timely manner. The role also involves developing and implementing processes to validate indicators of compromise, establishing operational plans for eradication actions, and engaging appropriate resources for system restoration. Additionally, the position requires participation in post-incident activity meetings to enhance incident response capabilities and prevent recurrence of incidents. The candidate will manage security assessments to measure compliance with security rules and regulatory mandates, compile data for summary reports, and document procedures necessary for the implementation of Information Security Policies and Standards. This position is integral to maintaining the security posture of Parkland Health and ensuring that the organization can effectively respond to and recover from security incidents.

Responsibilities

  • Participates in preparation of incident response actions to ensure security incidents are properly identified and created in a timely manner.
  • Develops and implements processes for validating indicators of compromise by investigating ambiguous, incomplete, contradictory or erroneous indicators to confirm actual security incidents.
  • Develops and implements containment strategies associated with incident types.
  • Establishes operational plans and executes eradication actions to eliminate threat components associated with the incident.
  • Engages appropriate resources to perform restoration of systems associated with the incident.
  • Establishes processes and participates in post-incident activity meetings to improve incident response capabilities and prevent recurrence of incidents.
  • Manages security assessments (physical and logical) to measure compliance status with security rules and regulatory mandates.
  • Compiles data and presents summary reports to peers for presentation to leadership.
  • Develops and implements processes to utilize tools for review and monitoring of audit logs, devices, applications, and forensics.
  • Documents procedures necessary for the implementation of Information Security Policies and Standards.

Requirements

  • Must have a Bachelor's degree in Computer Science or related field.
  • Must have five (5) years of experience in an information systems security domain with a background in intrusion detection monitoring, incident response and mitigation, threat research and cyber intelligence analysis or other cyber security domain.
  • Must have one of the following certifications within 6 months of placement in position: CompTIA Security+ Certification or equivalent in industry certification (CISSP or GIAC).
  • Must be able to analyze and correlate security information with other relevant data sources.
  • Must have the ability to perform complex research to determine industry standard products and solutions for security mitigation controls/recommendations.
  • Must have experience in Agile Methodologies.
  • Must have experience in contributing to audit requirements.
  • Must have superior writing skills and the ability to communicate effectively regarding technology.
  • Must have excellent documentation skills.
  • Experience in handling security incidents, including endpoint forensics, network forensics, malware analysis, reviewing raw log files, data correlation, and analysis of disparate data sources (i.e. firewall, network flow, IDS, system logs).
  • Must understand risk assessment models, such as NIST 800-61.
  • Must have a general understanding of technologies such as Microsoft Active Directory, Data Loss Prevention, Encryption Technologies, Vulnerability Management, Intrusion Detection Systems, Intrusion Prevention Systems, Virtual Private Network, Linux Operating Systems, Windows Operating Systems, Communication Protocols, Multi-factor authentication, Cloud Access Security Broker, Endpoint Detection and Response Technologies, Security Information and Event Management Tools.
  • Must have a working knowledge of network and vulnerability assessments.
  • Must have experience with malware analysis, threat intelligence, and vulnerability management.
  • Must have good working knowledge of common security concepts.
  • Must have a working knowledge of the HIPAA Security Rule and PCI.
  • Must have excellent documentation and analytical skills.
  • Must be able to listen and communicate effectively.
  • Must be willing to work in an on-call situation.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service