Senior Cyber Security Engineer, Incident Response
FRANKLIN, Tennessee, United States
Community Health Systems
Community Health Systems is one of the nation’s leading healthcare providers. Developing and operating healthcare delivery systems in 40 distinct markets across 15 states, CHS is committed to helping people get well and live healthier. CHS operates 71 acute-care hospitals and more than 1,000 other sites of care, including physician practices, urgent care centers, freestanding emergency departments, occupational medicine clinics, imaging centers, cancer centers and ambulatory surgery centers.
Summary:
As a Senior Security Engineer, you are expected to have in-depth knowledge in the responsibilities listed below, gained through both training, work experience and self-study. You can be trusted to work independently with minimal supervision, and can take a leadership role during challenging situations.
Technical competence in areas listed below. Good critical thinking skills. Strong analytical and problem resolution skills and organizational skills. Strong ability to work on and prioritize multiple, concurrent projects while meeting aggressive deadlines in a fast-paced environment. Willingness to participate in cross-functional training and support. Ability to work independently.
Essential Duties and Responsibilities:
- Investigate malicious activity and perform incident investigations to determine the root cause of the incident while preserving evidence for potential legal action
- Lead collaboration in containment, eradication and remediation efforts with the incident response team by detecting, analyzing and performing remediation on attacks that deny the use of authorized applications, network systems or other resources while working in partnership with the constituents that consist of enterprise legal staff, litigation or Ethics and Compliance
- Conduct research to create Threat Hunting and Detection Engineering opportunities for team members
- In-depth knowledge of the MITRE ATT&CK, MITRE D3FEND, and Cyber Kill Chain frameworks.
- Required to participate in the team on-call rotation and respond to after hour escalations when needed.
- Demonstrate intuitive problem solving skills and communicate incidents to the appropriate stakeholders for remediation
- Develop and accumulate lessons learned documentation from incidents to identify controls to prevent identified malicious activity from reoccurring
- Partner with technical personnel and additional teams as required in order to contain, eradicate and remediate incidents to drive incidents to closure as part of the incident response life cycle
- Appropriately inform and advise team members and leadership on incidents and incident prevention
- Participate in knowledge sharing with other analysts and develop sound processes and solutions efficiently
Qualifications:
- Required Education: High School diploma
- Preferred Education: Bachelor’s degree preferred or relevant experience. Appropriate industry certification(s) desired.
- Required Experience:
- Deep knowledge of typical IT platforms, operating systems, and configuration methods
- Deep knowledge of Security threat tactics and prevention and detection techniques
- Deep knowledge of system administration concepts
- Preferred Experience:
- Industry recognized cyber security training or certifications to include SANS, ISC2, EC-Council or CompTIA vendors.
- Experience working with or on a CSIRT or Security Incident Response team
- Security background, with understanding of SANS Preparation Identification Containment Eradication Recovery Lesson Learned (PICERL) or similar Incident Response methodologies
- Required License/Registration/Certification: None
- Computer Skills Required: Productivity suite software required
Physical Demands:
In order to successfully perform this job, with or without a reasonable accommodation, the following are outlined below:
- The Employee is required to read, review, prepare and analyze written data and figures, using a PC or similar, and should possess visual acuity.
- The Employee may be required to occasionally climb, push, stand, walk, reach, grasp, kneel, stoop, and/or perform repetitive motions.
- The Employee is not substantially exposed to adverse environmental conditions and; therefore, job functions are typically performed under conditions such as those found within general office or administrative work.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Compliance CompTIA CSIRT Cyber Kill Chain Incident response MITRE ATT&CK SANS
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs