Job Information

AdventHealth IT Threat Management Analyst - Associate in Altamonte Springs, Florida

Description

All the benefits and perks you need for you and your family:

  • Benefits from Day One

  • Paid Days Off from Day One

  • Student Loan Repayment Program

  • Career Development

  • Whole Person Wellbeing Resources

  • Mental Health Resources and Support

Our promise to you:

Joining AdventHealth is about being part of something bigger. It’s about belonging to a community that believes in the wholeness of each person, and serves to uplift others in body, mind and spirit. AdventHealth is a place where you can thrive professionally, and grow spiritually, by Extending the Healing Ministry of Christ. Where you will be valued for who you are and the unique experiences you bring to our purpose-minded team. All while understanding that together we are even better.

Schedule: Full Time

The role you’ll contribute:

The Threat Management Associate Analyst is part of the Information Security Threat Management Team (ISTMT) that will assist in the definition, maintenance, and execution the Computer Security Incident Response Plan. (CSIRP). The CSIRP defines the policies, processes, methodologies, resources, roles, and responsibilities required to investigate and remedy any computer or network security events or incidents within the networks, as well as any networks or entities that interface with the network. The ISTMT analyst will execute the appropriate coordination required to apprise the applicable stakeholders, technical, managerial, and administrative decision makers of incident mitigation requirements in a timely manner. The ISTMT analyst will provide governance and guidance, oversight of, and recommendations concerning, all aspects of the CSIRP. This includes best practices, investments, incident management systems, policies, procedures, definitions of roles and responsibilities, and coordination needed for the effective and efficient mitigation of computer security incidents that impact the organization.

The value you’ll bring to the team:

  • Basic analysis of network activity and flow data, monitors and evaluates network flow data for possible malware activity via anomalies

  • Accumulate IOC’s from intel sources and monitoring tools, responding to detected events with moderate supervision

  • Participates in the analysis of cyber threats, vulnerabilities, and exploits; participating in remediation action plans

  • Document, communicate, collaborate and transition incident details to other members and other support groups

  • Participates in the Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, Endpoint Analysis, IDS\IPS, and other sources with moderate supervision

  • Communicate and provide manager with incident updates, work and project statuses that include concerns and risks in a timely manner

  • Works closely with Team Lead or Manager when researching, planning, building, and implementing approved projects. Partners with Team Lead or Manager to oversee the delivery of solutions and appropriately manages and escalates risks and issues.

  • Performs other duties as assigned.

Qualifications

KNOWLEDGE AND SKILLS REQUIRED:

  • Enterprise Domain experience is a must.

  • Displays strong customer service skills

  • Basic knowledge of infrastructure assets, including classical routing, switching, firewalls, IDS\IPS, web proxies, and load-balancer technologies

  • Basic knowledge of Enterprise log management and SIEM solutions.

  • Basic understanding of security vulnerability assessment and exploit toolsets, i.e. Nessus, Nexpose, Qualys, and Metasploit frameworks

  • Analytical and problem-solving skills and the ability to "think-out-of-the-box."

  • Moderate troubleshooting skills, including protocol analysis and decoding via Wireshark, TcpDump, WinDump, and similar PCAP capturing and protocol decoding technologies

  • Understanding of information technology methodologies in multiple disciplines; comfortable with complex undocumented requirements and independent task research

  • Ability to parse and analyze Firewall, IDS\IPS, web proxy, system and security logs

  • Understanding of network protocols.

  • Moderate knowledge of Active Directory, Windows and Linux client and server operating systems; including an understanding of process interactions, inter-process communications and system configuration files (i.e. registry, config files, etc.)

  • Basic understanding of Encryption, both Asymmetric and Symmetric technologies

  • Interpersonal skills with a positive and enthusiastic attitude

  • Advanced oral and written communication skills

  • Ability to receive calls and text messages 24 hours a day, seven days per week

  • Basic Malware Analysis skills

KNOWLEDGE AND SKILLS PREFERRED:

  • Knowledge of SEP, Cisco Security Technologies: Sourcefire IDS\IPS, AMP for Endpoints, IronPort Suites, and ASA Firewalls.

  • Understanding of obfuscation techniques.

  • Knowledge of Checkpoint Firewalls and DLP

  • Understanding of HIPAA, HITRUST, NIST, FISMA, FedRAMP, 27001, PCI, SOC audit

  • Basic knowledge of scripting languages (i.e. JavaScript, PowerShell, Perl, Python, PHP)

  • Basic understanding of SQL queries, parsing, and correlating data from databases

  • Basic understanding of forensics analysis such as Encase, FTK, SIFT and\or open source equivalent toolsets

  • Working knowledge of healthcare or clinical physician clinical practice

EDUCATION AND EXPERIENCE REQUIRED:

  • Associate degree OR substitute 5+ years of Information Technology experience

EDUCATION AND EXPERIENCE PREFERRED:

  • 3+ years of Information Security experience

This facility is an equal opportunity employer and complies with federal, state and local anti-discrimination laws, regulations and ordinances.

Category: Information Systems

Organization: AdventHealth Information Technology

Schedule: Full-time

Shift: 1 - Day

Travel: AdventHealth Information Tech

Req ID: 22015106

We are an equal opportunity employer and do not tolerate discrimination based on race, color, creed, religion, national origin, sex, marital status, age or disability/handicap with respect to recruitment, selection, placement, promotion, wages, benefits and other terms and conditions of employment.