Cybersecurity Analyst

Position: #Cybersecurity Analyst

Purpose:

This position is responsible for providing first-level frontline technical support and cybersecurity of Aultman Health Foundation server production and development domains. Cybersecurity is a top priority of all data and levels for Aultman. We are looking for a candidate with a strong background in Cybersecurity systems including SIEM, EDR/MDR, SOAR, and Incident Response and IT Infrastructure. Additional experience with Exchange server administration, SCCM administration, Citrix administration is preferred. The candidate must have experience in configuring, troubleshooting, maintaining, supporting and upgrading servers as well as deploying, implanting, and enhancing security protocols in a Windows environment. # Roles/Responsibilities: Work with Tier 1 and Tier 2 support personnel in troubleshooting desktop/server relationship issues at times Proactively monitor servers for abnormal behavior Monitor EDR/MDR for alerts around malicious activity and participate in Incident Response around alerts. Participate in QA testing and integration of new server and desktop software as needed Assist in securing Office 365/Azure environment Assist with SCCM/SCEM planning, setup, deployment of application updates or security hardening Handle Active Directory, DNS and IIS administration Identify, understand impact, and remediate vulnerabilities using common security tools. (i.e. vulnerability scans) Understand threat actors and vectors and how to mitigate common vectors Analyze indicators of compromise and know how to perform threat hunting in SIEM, EDR, and NDR systems Assist with implementation of mitigating threats using SOAR systems to automate tasks Ability to troubleshoot security issues (i.e. logs, permissions, firewalls, certificates, etc.) Experience with cloud/hybrid security Experience with PKI Other projects/duties as assigned

Qualifications:

Education: Associates or Bachelor#s Degree in Computer Science, Computer Engineering, Cybersecurity or related field or equivalent experience Certification in: MCSA, CompTIA Server+, MCSA: SQL Server, CISSP, CISA preferred but not required Experience: 3-5 Years of experience in Cybersecurity Experience in vulnerability management, security assessment, security awareness, and identity access management systems. Experienced in creating and maintaining documentation Strong communication and customer service skills Characteristics: Commit to providing a positive experience for the end-user Promote a team environment Able to work independently Be respectful of others and provide constructive feedback Be punctual Strong conflict management skills Security focused # # # # # # # # Work Conditions: Techs may be assigned any 40-hour shift required for proper customer service. Each specialist should be prepared to fill-in for another shift in case of vacations, sickness, or shifting priorities. Other hours may be required by project activity and production support. Lunch and breaks as per hospital policy Works in well-lit/ventilated office area Sitting/standing/moving intermittently during working hours. Some lifting of light equipment may be required Subject to changes in priorities and stress Subject to frequent interruptions due to questions from staff members, peers, and customers Travel Expectations 0-5%

Position: Cybersecurity Analyst

Purpose:

This position is responsible for providing first-level frontline technical support and cybersecurity of Aultman Health Foundation server production and development domains. Cybersecurity is a top priority of all data and levels for Aultman. We are looking for a candidate with a strong background in Cybersecurity systems including SIEM, EDR/MDR, SOAR, and Incident Response and IT Infrastructure. Additional experience with Exchange server administration, SCCM administration, Citrix administration is preferred. The candidate must have experience in configuring, troubleshooting, maintaining, supporting and upgrading servers as well as deploying, implanting, and enhancing security protocols in a Windows environment.

Roles/Responsibilities:

• Work with Tier 1 and Tier 2 support personnel in troubleshooting desktop/server relationship issues at times

• Proactively monitor servers for abnormal behavior

• Monitor EDR/MDR for alerts around malicious activity and participate in Incident Response around alerts.

• Participate in QA testing and integration of new server and desktop software as needed

• Assist in securing Office 365/Azure environment

• Assist with SCCM/SCEM planning, setup, deployment of application updates or security hardening

• Handle Active Directory, DNS and IIS administration

• Identify, understand impact, and remediate vulnerabilities using common security tools. (i.e. vulnerability scans)

• Understand threat actors and vectors and how to mitigate common vectors

• Analyze indicators of compromise and know how to perform threat hunting in SIEM, EDR, and NDR systems

• Assist with implementation of mitigating threats using SOAR systems to automate tasks

• Ability to troubleshoot security issues (i.e. logs, permissions, firewalls, certificates, etc.)

• Experience with cloud/hybrid security

• Experience with PKI

• Other projects/duties as assigned

Qualifications:

Education:

• Associates or Bachelor's Degree in Computer Science, Computer Engineering, Cybersecurity or related field or equivalent experience

• Certification in: MCSA, CompTIA Server+, MCSA: SQL Server, CISSP, CISA preferred but not required

Experience:

• 3-5 Years of experience in Cybersecurity

• Experience in vulnerability management, security assessment, security awareness, and identity access management systems.

• Experienced in creating and maintaining documentation

• Strong communication and customer service skills

Characteristics:

• Commit to providing a positive experience for the end-user

• Promote a team environment

• Able to work independently

• Be respectful of others and provide constructive feedback

• Be punctual

• Strong conflict management skills

• Security focused

Work Conditions:

• Techs may be assigned any 40-hour shift required for proper customer service. Each specialist should be prepared to fill-in for another shift in case of vacations, sickness, or shifting priorities. Other hours may be required by project activity and production support.

• Lunch and breaks as per hospital policy

• Works in well-lit/ventilated office area

• Sitting/standing/moving intermittently during working hours. Some lifting of light equipment may be required

• Subject to changes in priorities and stress

• Subject to frequent interruptions due to questions from staff members, peers, and customers

• Travel Expectations 0-5%