Security Engineer Specialist- Incident Response Team (Remote)
Job Description
Community Health Systems is a leading operator of general acute care hospitals and outpatient care centers in communities across the United States. CHS affiliates own, lease or operate 84 affiliated hospitals in 16 states with an aggregate of approximately 13,000 licensed beds. Healthcare services are also provided in more than 1,000 outpatient sites of care including affiliated physician practices, urgent care centers, freestanding emergency departments, imaging centers, cancer centers, and ambulatory surgery centers.
Community Health Systems is a leading operator of general acute care hospitals and outpatient care centers in communities across the United States. CHS affiliates own, lease or operate 84 affiliated hospitals in 16 states with an aggregate of approximately 13,000 licensed beds. Healthcare services are also provided in more than 1,000 outpatient sites of care including affiliated physician practices, urgent care centers, freestanding emergency departments, imaging centers, cancer centers, and ambulatory surgery centers.
Summary
As a Security Engineer Specialist, you are expected to have subject matter expertise in the responsibilities listed below, gained through both training, work experience and self study. You can be trusted to work independently with limited supervision, and can drive changes in the technical direction of Incident Response processes.
POSITION SCOPE:
? Subject matter expert with extensive experience investigating malicious activity and perform incident investigations to determine the root cause of the incident while preserving evidence for potential legal action
? Lead collaboration in containment, eradication and remediation efforts with the incident response team by detecting, analyzing and performing remediation on attacks that deny the use of authorized applications, network systems or other resources while working in partnership with the constituents that consist of enterprise legal staff, litigation or Ethics and Compliance
? Develop opportunities for Threat Hunting and Detection Engineering opportunities for team members
? In-depth knowledge of the MITRE ATT&CK, MITRE D3FEND, and Cyber Kill Chain frameworks.
? Required to participate in the team on-call rotation and respond to after hour escalations when needed.
? Demonstrate intuitive problem solving skills and communicate incidents to the appropriate stakeholders for remediation
? Develop and accumulate lessons learned documentation from incidents to identify controls to prevent identified malicious activity from reoccurring
? Partner with technical personnel and additional teams as required in order to contain, eradicate and remediate incidents to drive incidents to closure as part of the incident response life cycle
? Appropriately inform and advise team members and leadership on incidents and incident prevention
? Document, communicate, collaborate and transition incident details to other security teams and team members
? Participate in knowledge sharing with other analysts and develop sound processes and solutions efficiently
? Participate in attack and penetration testing exercises of company infrastructure and assets to improve and ensure confidentiality, integrity and availability of all company infrastructure and data.
? Coordinate with Managed Security Services for critical incident response
Associated Activities:
? Gather and maintain chain of custody of digital evidence for legal or HR needs
? Analyze malware samples for indicators of compromise and lessons learned documentation
Strategic Skills:
? Innovation, problem solving, and critical thinking skills
? Ability to work collaboratively to identify and solve problems
? Great attitude, including developing and maintaining a healthy team environment
? Effective communicator, including technical documentation
Qualifications:
EDUCATIONAL REQUIREMENTS:
High School Diploma required; Bachelor's degree preferred or relevant experience. Appropriate industry certification(s) desired.
EXPERIENCE REQUIREMENTS:
Required
? Expert knowledge of typical IT platforms, operating systems, and configuration methods
? Expert knowledge of Security threat tactics and prevention and detection techniques
? Expert knowledge of system administration concepts
Preferred
? Industry recognized cyber security training or certifications to include SANS, ISC2, EC-Council or CompTIA vendors.
? Experience working with or on a CSIRT or Security Incident Response team
? Security background, with understanding of SANS Preparation Identification Containment Eradication Recovery Lesson Learned (PICERL) or similar Incident Response methodologies
JOB KNOWLEDGE:
Technical competence in areas listed above. Good critical thinking skills. Strong analytical and problem resolution skills and organizational skills. Strong ability to work on and prioritize multiple, concurrent projects while meeting aggressive deadlines in a fast-paced environment. Willingness to participate in cross-functional training and support. Ability to work independently.
Physical Demands:
In order to successfully perform this job, with or without a reasonable accommodation, the following are outlined below:
1. The Employee is required to read, review, prepare and analyze written data and figures, using a PC or similar, and should possess visual acuity.
2. The Employee may be required to occasionally climb, push, stand, walk, reach, grasp, kneel, stoop, and/or perform repetitive motions.
3. The Employee is not substantially exposed to adverse environmental conditions and; therefore, job functions are typically performed under conditions such as those found within general office or administrative work.