HonorHealth is a non-profit, local healthcare organization known for community service and outstanding medical quality. HonorHealth encompasses five acute care hospitals with approximately 11,500 employees and 4,500 volunteers, over 70 primary and specialty care practices, clinical research, medical education, an inpatient rehabilitation hospital, an Accountable Care Organization, two foundations, and extensive community services.HonorHealth is a leader in medical innovation, talent and technology with a genuine commitment to your growth. The health system's vibrant careers take place in an environment filled with opportunity and respect because we see the HONOR in you.
EducationBachelor's Degree or 4 years' work related experience in the field of computer science, information sciences Required Experience Six (6) years experience within information security engineering or architecture, information technology engineering. Required Licenses and Certifications One or more of the following - CISSP, CEH, CCNP, GSEC, GCIH, GPEN, GCIA, OSCP Required
Job SummaryThe CyberSecurity Threat Hunter Engineer is a key member of the Security Operations Center (SOC) and and is responsible for participating in threat actor-based investigations, creating new detection methodology and providing expert support to the Security Monitoring/IR Team. In addition, the CyberSecurity Threat Hunter Engineer will detect, disrupt and eradicate threat actors from enterprise/cloud networks, use data analysis, threat intelligence, cutting-edge security technologies and research to uncoverthe unknown about cyber security threats and threat actors.
Hunt for and identify threat actors by analyzing and researching the techniques, tools and processes used by threat actors.
Provides leadership, mentoring, and training to junior Security team staff
Leads and participates in hunt missions using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors on the HonorHealth network.
Provide expert analytic investigative support of large scale and complex security incidents
Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, as well as logs from various types of security sensors, applications and operating systems.
Perform analysis of security incidents & threat actors for further enhancement of Detection Catalog and Hunt missions. Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed.
Document best practices with the Security Operations Center staff using available collaboration tools and workspaces.
Performs other duties as assigned.
John C. Lincoln Hospitals