Incident Response EngineerRequisition Number 21-74 Job Location Brentwood, Tennessee
Welcome to the new standard of healthcare!
Premise Health is the world’s leading healthcare access provider. We deliver purpose-driven career experiences in a culture-centric work environment—ensuring that employees at the nation's best companies get, stay, and be well. In a changing healthcare environment, we know there's a better way for organizations to help their people live healthier lives by delivering the right care at the right time, right where they work. Partnered with visionary organizations around the globe, we offer a broad range of healthcare services and deliver an effortless patient experience that raises the bar, lowers costs, and redefines the meaning of quality care. By shifting the conversation from cost to return and from treatment to prevention, we are committed to help people, their families, and the organizations they work for be at their best.
We are looking for a Incident Response Engineer to work remotely in support of our clients across the US. If you possess a “whatever it takes attitude” keep reading.
It’s hard to pinpoint a “typical” day here (and who wants typical anyway?), but the Incident Response Engineer demonstrates a working knowledge of Security Operations from multiple years of experience. This includes activities related to incident response, forensic analysis, threat hunting, detection, and analysis. We are seeking an individual who will bring security analysis and incident response experience to the organization in order to support, grow and mature our current SOC environment. The Incident Response Engineer will perform incident response activities including host triage, malware analysis, remote system analysis, end-user interviews and remediation efforts. The Engineer will interact with multiple departments and assist support personnel in determining remediation methods on systems. The Engineer may be asked to assist in penetration testing exercises, research security trends, and provide recommendations based on current industry trends.
The successful candidate will be one who demonstrates a tangible passion for security. The information security team is a dynamic team in a rapidly growing department. New ideas, approaches, and solutions are shared actively amongst the team members and opportunities to engage in new areas of interest abound.
What You’ll Do for Us:
- Coordinate response, triage, recovery, and reporting of security incidents.
- Expand and mature existing incident response processes and activities
- Ability to work with IOC’s to determine validity as it applies to Premise Health
- Prepare reports that document security incidents and the extent of the damage caused by the incident
- Utilize implemented incident response tools for the SOC
- Mentor and train junior analysts
- Analyze attacker tactics, techniques, and procedures (TTPs) and how they apply to Premise Health for the purpose of improving alerting and detection practices
- Develop advanced queries and alerts to detect adversary actions
- Research the latest information technology (IT) security trends and technologies and make recommendations for use based on business value
- Ability to analyze, recommend, and implement opportunities for automation (SOAR)
- Develop security standards and best practices for Premise Health
- Participate in documenting security standards, guidelines, policies and procedures.
- Create reusable security artifacts.
- May require other duties as assigned.
- BS degree in Engineering, Computer Science, Information Security, or Information Systems or equivalent experience preferred
- Professional certifications such as GCIH, CCNA, CEH, GCIA, OSCP, or CISSP preferred
- 5+ years experience supporting a SOC or similar team (required)
- Experience in coordinating and supporting incident handling and remediation
- Expertise in at least one of the following:
- Incident Response
- Malware Analysis
- Network Forensics
- Demonstrated Experience with designing use cases for threat detection in regard to SIEM technologies (Arcsight, Splunk, Qradar, etc)
- Experience with 1 or more programming or scripting language such as Python, Bash, VBScript preferred
- Experience in the healthcare service industry or other highly regulated industry preferred
Knowledge and Skills:
- Ability to perform root cause analysis of malware infection and determine proactive mitigation techniques
- Ability to analyze data and communicate findings to users, technical staff and upper management.
- Attention to detail
- Good written and verbal communication skills
- Strong understanding of IT operations: help desk, end-point management, networking, and server management
- Ability to effectively network, participate in interdepartmental teams, and develop key working relationships
- Strong understanding of security operations concepts: perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment, and security metrics
- Strong understanding of data visualization techniques preferred
What We’ll Do for You:
At Premise Health, you’re not an employee – you’re a team member. We have health centers, pharmacies, fitness centers and offices scattered across the country, but we’re all working together to deliver exemplary and delightful service to our clients, their employees and family members. We’re proud of the culture we’ve built, and we aim to assist our team members in living their best life – in and out of the workplace. That’s why you’ll find us taking a yoga class together or starting a book club. We know that we can only help people get, stay, and be well if we do the same for ourselves. We’re also not afraid to share what we’re up to – check out some of our smiling faces.
As an employer, we want to compensate you for the work you do with more than a paycheck (although you’ll get one of those too). Premise Health offers competitive benefits packages including medical, dental, vision, life insurance, 401(k), paid holidays and vacation time, and a company-sponsored wellness program. We are an equal opportunity employer of nice people and value inclusion at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Recently Viewed Jobs
You have not recently viewed any jobs