$35.70/hr - $59.50/hr, based on education & experience
In accordance with Colorado???s EPEWA Equal Pay Transparency Rules.
Help lead healthcare IT into the future. Our Information Technology professionals play a key role in excellent patient care.?? If you like the idea of making a positive change in people???s lives ??? apply today.
Banner Health is seeking a remote Cybersecurity Incident Response Analyst. As Banner continues to leverage technology to deliver the highest quality of possible care cybersecurity is a top priority. The Cyber Security Operations Center (CSOC) is responsible for monitoring and responding to cyber security threats targeting Banner Health and its patients. This position helps detect and secure Banner's computing environment against both insider and outsider threats.
As a Cybersecurity Incident Response Analyst II, you will be at the frontlines of this effort. Response Analysts respond to threats in real-time through effective analysis, triage, and handling of cybersecurity alerts and events, help investigate and remediate cybersecurity incidents, escalate cybersecurity incidents as defined by procedure, and help liaise closely with other teams to ensure the correct response and remediation of cybersecurity incidents. The location for this role will be remote and does include on-call rotation duties. The typical schedule for this role is Monday-Friday 10 am-6 pm AZ time.
The ideal candidate will possess a bachelor's degree and 4 years of experience as cybersecurity operations center analyst, participating in 24/7 incident response. Experience working within a Security Operations Center to include an in-depth understanding of cyber incident response and the ability to effectively triage security events.
Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.
POSITION SUMMARY This position helps secure Banner's computing environment against both insider and outsider threats. The incumbent will utilize Banner's various security tools and processes to complete real-time monitoring & alert triage, log correlation analysis, incident analysis & response, intrusion detection, cloud security, trade craft analysis, traffic analysis, malware analysis, forensic artifact handling & analysis, and blue teaming. The incumbent will work collaboratively to develop new procedures and runbooks.
CORE FUNCTIONS 1.??Respond to threats in real-time through effective analysis, triage and handling of cybersecurity alerts and events.
2.??Perform cyber security investigations and recommend remediation actions.
3.??Take ownership of escalated cybersecurity incidents and work until conclusion.
4. Evaluate cyber incidents for legal concerns and where appropriate engage internal forensics and compliance teams.
5. Assist in updating/developing, implementing and operating requisite processes and procedures.
6. Establish and evaluate appropriate Key Performance Indicators, or Key Risk Indicators for accuracy and value.
7. Identify gaps in incident handling use cases and drive/lead the effort to develop process and alerting rules within SIEM technologies.
8. This position is responsible for Cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management.
Performs all functions according to established policies, procedures, regulatory and accreditation requirements, as well as applicable professional standards. Provides all customers of Banner Health with an excellent service experience by consistently demonstrating our core and leader behaviors each and every day.
Must possess strong knowledge of business, cybersecurity and/or computer science as normally obtained through the completion of a bachelor's degree.
Four years of experience as cybersecurity operations center analyst, participating in 24/7 incident response. Experience working within a Security Operations Center to include an in-depth understanding of cyber incident response and ability to effectively triage security events. Strong understanding of system, network, and/or application security experience, Linux, virtualization, and networking concepts. Technical proficiency in SIEM (Security information and event management) tools, such as Splunk. Strong Technical proficiency in Endpoint Detection and Response security tools, CASB (cloud access security broker) tools, and DLP (Data Loss Prevention) solutions. Knowledge of utilizing enterprise managed Antivirus and encryption tools. Strong technical competence up and down the technology stack - user interface, applications, communications, infrastructure, database, network, storage, etc. Strong communication skills to work with both collaborative cross-functional team of peers and departments within the company (product development, operations, networking, etc.). Must possess strong critical thinking, analytical, troubleshooting and problem-solving skills. Must be a team player with ability to work autonomously. Ability to prioritize and reprioritize work as required. Experience with Vulnerability Assessment tools and processes and experience leveraging their output to support incident handling. Technical proficiency for creating and updating standard operating procedures. Ability to work calmly under pressure in the face of adversity and threat activity. Ability to establish positive working relationships and garner influence with other teams and team members. Strong desire and aptitude for continuous learning and keeping abreast of new and emerging technology. A collaborative attitude and strong desire to succeed as part of the team. Self-motivated and a strong passion for learning. Knowledge of MITRE ATT&CK Framework and Lockheed Martin Cyber Kill Chain. Knowledge of security threat and attack countermeasures. Experience in automation of tasks through scripting or programming with Bash, Python, Perl, etc.
What might draw you to Banner Health? A great health care career, of course—and a great place to live, no matter what stage of life you’re in. With facilities across the West, there is a health care career for everyone, from big city living in the Phoenix area to friendly small towns in the mountains and plains. As one of the largest nonprofit health systems in the country, Banner Health offers both the stability that comes with success and the possibility of exploring new areas of the country. If you’re looking to be a key contributor to a forward-looking organization, you’ll experience a wide variety of professional advantages:
Our expansive system offers you an unmatched variety of clinical settings – from large urban trauma center to small rural hospital, ambulatory to home health.
Our commitment to healthcare innovation means you always have the latest technologies at your fingertips to help you provide the finest care possible.
The size, success and growth of our system provide you with the stability and options to pursue your desired career path.
Competitive compensation and comprehensive benefits offer you options to complement your unique needs.