All the benefits and perks you need for you and your family:
-Benefits from Day One
-Paid Days Off from Day One
-Student Loan Repayment Program
-Whole Person Wellbeing Resources
-Mental Health Resources and Support
Our promise to you:
Joining AdventHealth is about being part of something bigger. It’s about belonging to a community that believes in the wholeness of each person, and serves to uplift others in body, mind and spirit. AdventHealth is a place where you can thrive professionally, and grow spiritually, by Extending the Healing Ministry of Christ. Where you will be valued for who you are and the unique experiences you bring to our purpose-minded team. All while understanding that together we are even better.
The role you’ll contribute:
The Threat Management Associate Analyst is part of the Information Security Threat Management Team (ISTMT) that will assist in the definition, maintenance, and execution the Computer Security Incident Response Plan. (CSIRP). The CSIRP defines the policies, processes, methodologies, resources, roles, and responsibilities required to investigate and remedy any computer or network security events or incidents within the networks, as well as any networks or entities that interface with the network. The ISTMT analyst will execute the appropriate coordination required to apprise the applicable stakeholders, technical, managerial, and administrative decision makers of incident mitigation requirements in a timely manner. The ISTMT analyst will provide governance and guidance, oversight of, and recommendations concerning, all aspects of the CSIRP. This includes best practices, investments, incident management systems, policies, procedures, definitions of roles and responsibilities, and coordination needed for the effective and efficient mitigation of computer security incidents that impact the organization.
The value you’ll bring to the team:
·Basic analysis of network activity and flow data, monitors and evaluates network flow data for possible malware activity via anomalies
·Accumulate IOC’s from intel sources and monitoring tools, responding to detected events with moderate supervision
·Participates in the analysis of cyber threats, vulnerabilities, and exploits; participating in remediation action plans
·Document, communicate, collaborate and transition incident details to other members and other support groups
·Participates in the Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, Endpoint Analysis, IDS\IPS, and other sources with moderate supervision
·Communicate and provide manager with incident updates, work and project statuses that include concerns and risks in a timely manner
·Works closely with Team Lead or Manager when researching, planning, building, and implementing approved projects.Partners with Team Lead or Manager to oversee the delivery of solutions and appropriately manages and escalates risks and issues.
·Performs other duties as assigned.
The expertise and experiences you’ll need to succeed:
KNOWLEDGE AND SKILLS REQUIRED:
·Enterprise Domain experience is a must.
· 3 years of Operational Security experience
·Basic knowledge of infrastructure assets, including classical routing, switching, firewalls, IDS\IPS, web proxies, and load-balancer technologies
·Basic knowledge of Enterprise log management and SIEM solutions.
·Basic understanding of security vulnerability assessment and exploit toolsets, i.e. Nessus, Nexpose, Qualys, and Metasploit frameworks
·Analytical and problem-solving skills and the ability to "think-out-of-the-box."
·Moderate troubleshooting skills, including protocol analysis and decoding via Wireshark, TcpDump, WinDump, and similar PCAP capturing and protocol decoding technologies
·Understanding of information technology methodologies in multiple disciplines; comfortable with complex undocumented requirements and independent task research
·Ability to parse and analyze Firewall, IDS\IPS, web proxy, system and security logs
·Understanding of network protocols.
·Moderate knowledge of Active Directory, Windows and Linux client and server operating systems; including an understanding of process interactions, inter-process communications and system configuration files (i.e. registry, config files, etc.)
·Basic understanding of Encryption, both Asymmetric and Symmetric technologies
·Interpersonal skills with a positive and enthusiastic attitude
·Advanced oral and written communication skills
·Ability to receive calls and text messages 24 hours a day, seven days per week
·Basic Malware Analysis skills
KNOWLEDGE AND SKILLS PREFERRED:
·Knowledge of SEP, Cisco Security Technologies: Sourcefire IDS\IPS, AMP for Endpoints, IronPort Suites, and ASA Firewalls.
At AdventHealth, Extending the Healing Ministry of Christ is our mission. It calls us to be His hands and feet in helping people feel whole. Our story is one of hope — one that strives to heal and restore the body, mind and spirit. Our more than 80,000 skilled and compassionate caregivers in hospitals, physician practices, outpatient clinics, urgent care centers, skilled nursing facilities, home health agencies and hospice centers are committed to providing individualized, wholistic care.