The Cybersecurity Analyst I must be able to utilize multiple tools to monitor, analyze and respond to infrastructure threats. Responsible for the day-to-day monitoring of Erlanger Health System's (EHS) environment analyzing and responding to events as necessary.
The Analyst I assists in the development and implementation of policies and procedures for monitoring, research, assessment and analysis. The ideal candidate will be familiar with security information and event management (SIEM) systems and best practices. Knowledge of deep packet inspection and network design, various operating systems (Windows/UNIX), working knowledge and experience with Intrusion Detection and Prevention Systems (IDS/IPS), network security products (firewalls, monitoring, etc.), and endpoint security technologies (HIPS, AV, etc.).
The Analyst I must have the ability to convey technical information to audiences of varying degrees of technical understanding; be goal oriented, action-focused, pragmatic, self-disciplined, and organized; be able to interact effectively with peers as well as management. Critical thinking skills and high self-motivation are essential.
This position requires excellent written and verbal communication skills, strong problem-solving skills, the ability to understand business processes and propose appropriate technical solutions, and the ability to function independently as well as in a team environment.
Bachelor's Degree in Computer Science, IT or related field or equivalent combination of education and related work experience. De-escalation training, if applicable.
Advanced degree in Computer Science, IT or related field
Experience or knowledge working in a SOC/NOC environment or a large scale, high-availability IT operation with 24/7/365 accountability and a focus on cyber security
Working knowledge of information/cyber security, infrastructure vulnerabilities, and network security products (hardware and software)
Experience working with Incident Response teams
Ability to read and understand packet level data
Formal education on network design and/or security architecture
Experience with vulnerability assessment, penetration testing, and/or forensic analysis
Knowledge of Automation and Scripting
Familiar with service operations best practices and industry security standards and controls.
At least 1 year of experience working in Cybersecurity Operations or Network Engineering with a cybersecurity focus
Position Requirement(s): License/Certification/Registration
Valid driver's license
Certifications from EC-Council, GIAC, (ISC) are preferred [CISSP, C/EH, GCIA, CCNA]
Department Position Summary:
Performs tasks essential to the daily operations of the SOC (monitors, investigates and responds to infrastructure threats and vulnerabilities)
Follows established incident response procedures to ensure proper escalation, analysis and resolution of security incidents
Ensures the security system topology and configurations are appropriately documented and maintained
Coordinates with multiple teams and performs duties as require as part of the Incident Response team
Assists in vulnerability assessments and forensic analysis efforts
Maintains operational reports for Key Performance Indicators and Weekly and Monthly Metrics
Works in partnership with IT peers, management, vendors, and business units to provide highly reliable, secure, and cost effective network security services
Shares technical and other specialized knowledge with peers
Participates in the ongoing education of staff concerning Information Security