Job Description
As a Security Operations Center (SOC) Analyst you will be responsible for the identification and tracking of potential security incidents across the CVS Health enterprise. The SOC Analyst is essential, as you are part of the first line of defense for CVS Health's Information Security. The SOC Analyst position is responsible for monitoring and responding to security event alerts, by performing log analysis investigations.
An ideal candidate is detail oriented, has a strong interest in system and network security and has strong written & verbal communication skills.
Additional responsibilities of the Security Operations Center (SOC) Analyst include:
- Using an industry leading SIEM in a shift environment to provide 24/7 Threat Response services
- Performing thorough investigative analysis of potential cyber security threats based on log review, and documenting results that create a timeline that can be read and understood by both technical and non-technical personnel
- Determining when cyber threat containment activity is required, and performing containment
- Identifying and qualifying cyber security incidents and creating incident tickets, driving incident response activity, and tracking follow up through the complete incident response life cycle
- Performing review and validation of daily compliance reports to track business as usual and out of policy activities
- Supporting continual process improvement initiative by suggesting updates to existing playbooks, and using a procedural approach to create new SOP playbooks for new security event alert use cases
- Working alongside senior security engineers and architects to deliver superior security services to CVS Health business units
- Participating in an on-call rotation that provides 24/7 support for Level 1 SOC analysts, and response to ad-hoc requests for SOC investigations.
Example investigations may include:
- Potential phishing emails
- Suspicious network traffic
- Suspicious websites or sites that may infringe upon the organization's intellectual property
- Suspicious processes/services/executables
- Suspicious downloads or unauthorized software
- Policy violations
- Insider threats
Required Qualifications
- 1+ years of experience working in an information technology, security or risk management related field
- Understanding of networking concepts & protocols (TCP/IP, UDP, DNS, DHCP, HTTP, etc)
- Understanding and knowledge of two or more of the following security related technologies: Intrusion Prevention systems, Web Proxies, SIEM, Firewalls, Web application scanner, Vulnerability Scanners, Malware Research Tools or Forensics Tools
- Understanding of Operating System Architecture (Windows, UNIX, LINUX)
COVID Requirements
COVID-19 Vaccination Requirement
CVS Health requires certain colleagues to be fully vaccinated against COVID-19 (including any booster shots if required), where allowable under the law, unless they are approved for a reasonable accommodation based on disability, medical condition, religious belief, or other legally recognized reasons that prevents them from being vaccinated.
You are required to have received at least one COVID-19 shot prior to your first day of employment and to provide proof of your vaccination status or apply for a reasonable accommodation within the first 10 days of your employment. Please note that in some states and roles, you may be required to provide proof of full vaccination or an approved reasonable accommodation before you can begin to actively work.
Preferred Qualifications
- Prior Information Technology work experience
- Prior Security Analyst experience
- Experience in a shift based environment
- SIEM content management & content creation experience (ArcSight, Splunk, etc)
- Possession of industry certifications is preferred (Network+, Security+, CSA+, CEH, GCIA or GCIH, etc)
Education
High School Diploma or GED required
Business Overview
Bring your heart to CVS Health
Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand - with heart at its center - our purpose sends a personal message that how we deliver our services is just as important as what we deliver.
Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable.
We strive to promote and sustain a culture of diversity, inclusion and belonging every day.
CVS Health is an affirmative action employer, and is an equal opportunity employer, as are the physician-owned businesses for which CVS Health provides management services. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.