Senior Cybersecurity Threat Analyst (Cloud)- Remote

Posted 18 Days Ago
Be an Early Applicant
Jacksonville, FL
Senior level
Healthtech
The Role
The Senior Cybersecurity Threat Analyst will design, implement, and support logging and monitoring across cloud platforms in the SIEM. They will collaborate with various teams to track security issues, provide expertise on security policies, and lead audit activities, while also developing comprehensive security monitoring programs. The analyst will research cyber threats and enhance security measures, serving as a technical resource for team members.
Summary Generated by Built In

Sr. Security Threat Analyst - Cloud

The IT Security Threat Analyst will be part of the threat operations and security monitoring team. They will have primary responsibility for working with cloud support teams, cybersecurity incident responders, threat hunters and security architects to design, implement, and support logging, monitoring, and alerting across multiple cloud platforms in the SIEM. The analyst will be working with administrators of the SIEM to produce data sets and alerts for each cloud tenant they support. These alerts will be actioned by the SOC and CSIRT teams. They will independently develop, maintain, and implement comprehensive information security monitoring programs including defining security policies, processes and standards for large and complex environments. Provide consultative guidance on the development of information security strategies and programs through demonstrated expertise and knowledge of industry trends and changes with respect to advanced and sophisticated cyberattacks and threats. Lead efforts, oversee work results, provide formal training and serve as a technical resource for Information Security team members.

Essential functions:

  • Participates in design, implementation, of logging and monitoring processes across various cloud environments
  • Tracks and documents security issues and requests, actively monitors work queue.
  • Accountable for follow-up of all security work requests including collaborating with other IT areas to ensure timely completion/resolution and obtainment of appropriate approval levels
  • Works closely with business areas and IT partners on troubleshooting, pre-implementation activities and to assess application security
  • Maintains and creates operational procedures
  • Acts as lead liaison for internal and external audit requests and activities. Leads remedial activities as the result of audit findings
  • Defines scope of operational initiatives and adjusts priorities to support workload
  • Provides subject matter expertise, leadership, and guidance to work teams and end users on security policies, standards, procedures, and processes
  • Investigates business processes to understand and implement security requirements weighing business needs and security risks and resolving issues
  • Research solutions and work with vendors to enhance Security Monitoring Program
  • Develops training content as needed
  • Design, monitor, and build alerting capabilities for our systems and tools
  • Correlates and analyzes threat data from various sources
  • Independently conducts industry research and technical evaluation of all-sources and vendor supplied intelligence--with specific emphasis on network operations and advanced and sophisticated cyber tactics, techniques, and procedures
  • Subject matter expert in the detection and identification of cyberattack signatures, tactics, techniques, and procedures associated with advanced threats
  • Leading assessments and development of cyber threat profiles of current events based on collection, research, and analysis of open-source information

Required Experience:

  • 3+ years of related work experience working with Cloud technologies (Oracle, AWS, Azure, Google), preferably within Cloud security, logging, monitoring, and alerting
  • 6+ years' experience in IT Security or combination of IT related fields
  • CISSP (or attainable with 6 months of employment) or CEH, CISM, etc.
  • Hands on experience with security architecture, security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances tools, and controls with specific demonstrated experience in proactive detection of advanced cyberattacks and/or threats
  • Proven success in information threat analysis and detection concepts and principles and impact
  • Experience working and managing vendor performance and service level agreements
  • Demonstrated success in regularly communicating highly complex technical information clearly and articulately for all levels and audiences.
  • Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
  • Ability to adapt to a rapidly changing IT Security landscape and quickly identify new trends and industry changes
  • High critical thinking skills required to evaluate complex, multi-sourced security intelligence information, analyze, and confirm root cause, an independently identify mitigation alternatives and solutions that safeguard our technical environment.
  • Ability to communicate technical information clearly and articulately, to all levels and audiences within the company
  • Understanding of the systems development life cycle
  • Advanced analytical thinking, problem solving, quantitative analysis ability
  • Must have an advanced understanding of Information Security concepts, protocols, industry best practices, and regulatory requirements
  • Must have advanced proficiency with Active Directory groups and user accounts, Windows folder structures and folder security
  • Proficiency with Windows skills are required, e.g., Windows Explorer, Word, Excel, PowerPoint, Outlook, etc.
  • Proficiency with database security and tools used to administer security within the various databases, e.g., UDB, DB2, SQL, Oracle, etc. is a plus
  • Bachelor's degree or equivalent experience

Preferred Experience/ Qualifications

  • Experience w/ Cloud logging, monitoring, and multi-provider security monitoring, including CASB

    Experience performing SIEM rule development

  • Strong math and/or statistical analysis experience
  • Strong knowledge of network communications
  • Demonstrated success in detailed documentation

General Physical Demands

Exerting up to 10 pounds of force occasionally to move objects

Jobs are sedentary if traversing activities are required only occasionally.

We are an Equal Opportunity/Protected Veteran/Disabled Employer committed to creating a diverse, inclusive, and equitable culture for our employees and communities

Top Skills

AWS
Azure
Cloud Technologies
Google
Oracle
SIEM
The Company
Jacksonville, FL
200 Employees
On-site Workplace
Year Founded: 2014

What We Do

GuideWell Mutual Holding Corporation is a not-for-profit mutual holding company that is the parent to a family of forward-thinking companies focused on transforming health care.

We’re at the forefront, forging ahead by innovating, collaborating and advocating for better health. We help people make sense of this new world, forming an integrated ecosystem of products and services and ensuring they get the best experience. We’re relentlessly building and refining to drive higher efficiency and exceptional care.

GuideWell – Built for the future of health.

Similar Jobs

BAE Systems, Inc. Logo BAE Systems, Inc.

Cyber Security Analyst I

Aerospace • Hardware • Information Technology • Security • Software • Cybersecurity • Defense
Hybrid
Fort Walton Beach, FL, USA
40000 Employees
51K-86K Annually
MacDill Estates, Tampa, FL, USA
875 Employees
Orlando, FL, USA
179 Employees

Similar Companies Hiring

Sage Thumbnail
Software • Healthtech • Hardware • Analytics
New York, NY
44 Employees
Zealthy Thumbnail
Telehealth • Social Impact • Pharmaceutical • Healthtech
New York City, NY
13 Employees
Cencora Thumbnail
Pharmaceutical • Logistics • Healthtech
Conshohocken, PA
46000 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account