Sr. Information Security Analyst
Sunshine State Health Plan - Washington, DC
posted 2 days ago
About the position
As a member of CAQH's Information Security Incident Response team, the Sr. Information Security Analyst- Incident Response will coordinate the response activities for cyber security incidents across the corporate environment. The successful candidate will focus on reviewing, triaging, analyzing, remediating, and reporting on cyber security incidents. The individual will manage validated cyber security incidents, in accordance with the Information Security Incident Response Plan. The successful candidate will perform functions such as log analysis, conduct in-depth technical analysis of network traffic and endpoint systems, enrich data using multiple sources, and be responsible for rapid handling and mitigation of cyber security incidents. This is a full-time, exempt, remote position and reports to the Director, Identity and Access Management.
Responsibilities
- Coordinate response activities for cyber security incidents across the corporate environment.
- Review, triage, analyze, remediate, and report on cyber security incidents.
- Manage validated cyber security incidents according to the Information Security Incident Response Plan.
- Perform log analysis and conduct in-depth technical analysis of network traffic and endpoint systems.
- Enrich data using multiple sources for incident response.
- Rapidly handle and mitigate cyber security incidents.
- Conduct investigations and respond to internal and external information security threats.
- Provide off-hour support as needed for security monitoring and response activities.
Requirements
- 2 years of incident analysis, security architecture, malware research, SOC, or similar incident response experience.
- 3+ years of overall IT experience with a major emphasis on Information Security.
- Knowledge of current cyber threats, adversary tactics, techniques, and procedures (TTPs).
- Experience performing malware analysis.
- Experience conducting investigations in Cloud environments (Azure).
- Experience performing Threat Hunting to uncover malicious activity that evades existing security controls.
- Experience leveraging PowerShell, Python or BASH scripting for automation, alert enrichment or investigations.
- Exposure to major areas of Information Security such as Vulnerability Management, Application Security, Identity and Access Management, GRC, and Penetration Testing/Red Teaming.
- Experience with various databases and query languages.
- Experience leveraging information security technologies such as antivirus, IDS/IPS, SIEM, endpoint detection & response, DLP, data encryption, proxies, and network access control.
Nice-to-haves
- Bachelor's degree preferred.
- Security certifications - CISSP, CEH, GCIH, SSCP certifications preferred.
Benefits
- Medical, dental and vision coverage
- Tuition assistance
- 401k
- Full-time remote work from any location
- Physical office in downtown Washington, DC.
