Healthcare Without Rival

Premise Health is the world's leading direct healthcare provider and one of the largest digital providers in the country, serving over 11 million eligible lives across more than 2,500 of the largest commercial and municipal employers in the U.S. Premise partners with its clients to offer fully connected care – in-person and in the digital environment. It operates more than 800 onsite and nearsite wellness centers in 45 states and Guam, delivering care through the Digital Wellness Center and onsite, nearsite, mobile, and event solutions. 

 Premise delivers value by simplifying complexity and breaking down barriers to give diverse member populations access to convenient, integrated, high-quality care. We offer more than 30 products, delivering the breadth and depth of care required to serve organizations' total populations. The result is healthcare that meets the needs of members and their families, helping them live healthier while lowering costs for organizations. 

Premise offers a wide range of dynamic, purpose-driven career opportunities. We are currently looking for aSenior Security Operations Analyst to join our team remotely.

About the role: The Sr. Security Analyst demonstrates a working knowledge of a Security Operations Center (SOC) from multiple years of experience. We are seeking an individual who will bring security analysis, incident response and/or detection engineering experience to the organization in order to support, grow and mature our current SOC environment. The Sr. Analyst will perform incident detection and response activities including host triage, system analysis, end-user interviews and remediation efforts. The Sr. Analyst will also manage aspects of data onboarding and threat modeling to ensure we have effective alerts and controls in place. The Sr. Analyst will interact with multiple departments and assist support personnel in determining remediation methods on systems. The Sr. Analyst may be asked to assist in Purple Team exercises, research security trends and provide recommendations based on current industry trends. 

The successful candidate will be one who demonstrates a tangible passion for security. The information security team is a dynamic team in a growing department. New ideas, approaches, and solutions are shared actively amongst the team members and opportunities to engage in new areas of interest abound.

Essential Functions:  

• Develop advanced queries and alerts to detect adversary actions 
• Assist in tuning of SIEM tools based on feedback of other analysts 
• Research the latest information technology (IT) security trends and technologies and make recommendations for use based on business value and threat analysis. 
• Ability to analyze, recommend, and implement opportunities for automation (SOAR) 
• Identify data enrichment opportunities to add valuable contextual information to detections and alerts via automation. 
• Expand and mature existing incident response processes and activities. 
• Coordinate response, triage, recovery, and reporting of security incidents. 
• Prepare reports that document security incidents and the extent of the damage caused by the incident 
• Utilize implemented incident response tools for the SOC 
• Participates in purple teaming and threat modeling exercises to identify new high value detections as well as gaps with existing detections. 
• Mentor and train junior analysts. 
• Analyze attacker tactics, techniques, and procedures (TTPs) and how they apply to Premise Health for the purpose of improving alerting and detection practices 
• Refine and develop dashboards, queries, and reports to continuously improve security situational awareness 
• Help plan and carry out an organization’s security policies and procedures 
• Participate in documenting security standards, guidelines, policies and procedures. 
• Creates reusable security artifacts. 
• Able to participate on an on-call rotation.  
• May require other duties as assigned. 

Job Requirements: 

• BS degree in Engineering, Computer Science, Data Science, Information Security, or Information Systems preferred.
• Professional certifications such as GCIH, GMON, AZ-900, CCNA, or CISSP preferred.
• 5+ years experience supporting a SOC, Security, or  IT team
• Expertise in at least one of the following:

1. Detection Engineering
2. Incident Response
3. Cloud Security
4. Network Forensics

• Demonstrated Experience with designing use cases for threat detection in regards to SIEM technologies (Arcsight, Splunk, Qradar, etc)
• Experience in coordinating and supporting incident handling and remediation
• Experience with 1 or more scripting or query language such as Python, Powershell, Splunk Query Language (SPL), or Kusto Query Language (KQL), preferred.
• Experience in the healthcare service industry or other highly regulated industry preferred

Preferred Experience: 

• Knowledge of cyber security frameworks and methodologies, such as Mitre ATT&CK, NIST CSF and others. 
• Ability to perform root cause analysis of security incidents and determine proactive mitigation techniques. 
• Ability to analyze data and communicate findings to users, technical staff and upper management. 
• Attention to detail 
• Good written and verbal communication skills 
• Strong understanding of IT operations: help desk, end-point management, networking, server management and cloud resources. 
• Ability to effectively network, participate in interdepartmental teams, and develop key working relationships. 
• Strong understanding of security operations concepts: perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment, and security metrics 
• Strong understanding of data visualization techniques preferred 

Work-life balance is at the foundation of how decisions are made and where Premise is headed. We can only help people get, stay, and be well if we do the same for ourselves. In addition to competitive pay, Premise offers benefits packages including medical, dental, vision, life insurance, 401(k), paid holidays and vacation time, a company-sponsored wellness program, and much more our talent acquisition team will be happy to share with you. 

Premise Health is an equal opportunity employer; we value inclusion, and we do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status or disability status.

For individuals living in California, Colorado, Washington; as well as, for individuals living in or reporting to New York State only, Premise Health is required to include an estimate of the salary and benefits for this role. While a number of factors influence salary, our estimated California, Colorado, Washington, and New York compensation is $95,000 - $135,000. Please note, this is a general guideline and your experience qualifications, geographic location, and other factors will be taken into consideration. For more information regarding the benefits we offer, please visit our career site, jobs.premisehealth.com/benefits.