Top 3 Must Have Skill Sets:
IR incident response background
Communication skills & detail orientated
Facilitating meetings and writing reports
The Incident Response (IR) Analyst will be part of a distributed team and will work with their global counterparts to lead all aspects of all day-to-day 24hr operations and functions provided by the Cyber Security Operations Center (CSOC) and other security groups.
You will be directly responsible for coordinating, training and equipping employees and contractors in a manner directly aligned with culture, principles and core values.
In the capacity of Incident Response Analyst you will contribute to all security operations standard operating procedures, field manuals, and operating instructions. As part of the investigation or remedial processes you will have to engage with key business and operational partners in handling the detection, response and remediation of cyber related attacks on global enterprise.
The IR/Cyber Security Operations Analyst is a leader in Cyber Security Organization and is encouraged to contribute to and deliver services and projects that support the mission, priorities and objectives of the organization.
You will contribute to the Americas Global Incident Response (IR) Operations and partner with the Cybersecurity SOC along with the Singapore-based Incident Response Manager to ensure continuity of 24/7 security services. Areas of responsibility include:
Contribute to strategy and continuous improvement for Global Incident Response Program
Fulfills critical role as Incident Response Commander directly responsible for IR activities throughout Americas Region
Provides direction and guidance for workforce job proficiency by contributing to comprehensive professional development plans
Lead security event monitoring, management and response
Deliver accurate incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
Ensure Service Level Agreement (SLA) compliance and process consistency to achieve operational objectives
Contribute to integration of standard and non-standard logs in Security Information and Event Monitoring (SIEM) solution
Revise and develop processes to strengthen Security Operations
Partner with team including staff augmentation (Contract Workers (CW)) and outsourced services pertaining to the CSOC
Lead coordination efforts with necessary partners to better understand activity or actions and their impact to environment.
Maintain and upkeep relevant playbooks for response
Translate complex technical incidents into business language and be able to present the same to different audiences
Demonstrate, integrate, and collaborate on improving existing information security solutions and services to address any gaps or deficiencies in the CSOC to address security risks.
Collaborate with other Information Security teams and provide CSOC insight to where limited information security controls or solutions are present
Lead efforts to integrate critical CSOC data into Information Security’s metrics program to enable critical strategic, operational, and tactical decision making
Provide mentorship and training on areas of expertise to Information Security and teams
Collaborate, maintain and build relationships with other parties that may impact Cybersecurity services and technologies
Have an understanding of the Operational Technology (OT) environment such as Human Machine Interfaces (HMI) and Programmable Logic Controllers (PLC).
Doctorate degree in Engineering, Information Systems, or Computer Science & 2 years of directly related experience
Master’s degree in Engineering, Information Systems, or Computer Science & 5 years of directly related experience
Bachelor’s degree in Engineering, Information Systems, or Computer Science & 7 years of directly related experience
Associate’s degree in Engineering, Information Systems, or Computer Science & 12 years of directly related experience
High school diploma / GED & 15 years of directly related experience
(YEARS OF EXPERIECNE WITHIN ANY INDUSTRY)
Broad knowledge of the workings of security-related controls like firewalls, intrusion detection systems, anti-malware, secure gateways, security monitoring, data encryption and other industry-standard techniques and practices.
Extensive experience with security application tools and systems, such as Cylance, Domain Tools, O365: Security & Compliance Module, QRadar, Phantom, Symantec Endpoint Protection, Tanium, Tufin, ThreatGrid, CrowdStrike (must have experience with a few of these)
Ability to understand and quantify risks. Determine methods of addressing the risks and gaps to implement appropriate security controls
Proficient in Incident Management and Response
Experience in security device management and SIEM (QRadar, Splunk) -
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Proficient in preparation of reports, dashboards and documentation
Good communication and leadership skills
Experience in performing vendor management
Ability to handle high stress situations
Ability to piece together different and complex technologies and solutions to help provide a solution that meets security requirements
Detailed knowledge of digital network telecommunications including TCP/IP and other related network protocols.
Practical Knowledge of Information Security standards and policies like ISO 27001/27002, NIST, and others
Excellent verbal and written communication skills
Effective working in global teams with the ability to effectively communicate and interact with a broad range of people and roles
Accepts responsibility and personal accountability
Successful management of multiple priorities
Must be collaborative, placing priority on the successful completion of team goals
Must be highly motivated and able to work effectively under minimal direction
Experience with complex technologies that impact security
Master Degree in Engineering, Information Systems, or Computer Science
At least 3 years as a security analyst supporting a multinational organization
Working towards a CISSP or equivalent security-related industry certifications
We understand that to successfully sustain and grow as a global enterprise and deliver for patients — we must ensure a diverse and inclusive work environment. Our organization gives Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
"This posting is for Contingent Worker, not an FTE"