Cyber Defense Analyst I

At Memorial Hermann, we pursue a common goal of delivering high quality, efficient care while creating exceptional experiences for every member of our community. When we say every member of our community, that includes our employees. We know that when our employees feel cared for, heard and valued, they are inspired to create moments that exceed expectations, while prioritizing safety, compassion, personalization and efficiency. If you want to advance your career and contribute to our vision of creating healthier communities, now and for generations to come, we want you to be a part of our team.

Job Summary

Position responsible for performing security monitoring and incident response tasks and will often be required to work independently. Position uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within the Memorial Hermann environments for the purposes of mitigating threats. Additionally, investigates, analyzes, and responds to cyber incidents within the network environment.Job Description

MINIMUM QUALIFICATIONS

Education:  Bachelor’s degree preferred or equivalent experience

Certifications: Linux+, MCSA, or 1 year of relevant experience

Experience:  1-3 years of related experience required

Knowledge:

• Knowledge of computer networking concepts and protocols, and network security methodologies.

• Knowledge of cybersecurity and privacy principles.

• Knowledge of cyber threats and vulnerabilities.

• Knowledge of authentication, authorization, and access control methods.

• Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).

• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.

• Knowledge of operating systems.

• Knowledge of key concepts in security management (e.g., Release Management, Patch Management).

• Knowledge of Virtual Private Network (VPN) security.

Skills:

• Skill of identifying, capturing, containing, and reporting malware.

• Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).

• Skill in collecting data from a variety of cyber defense resources

• Skill in recognizing and categorizing types of vulnerabilities and associated attacks.

• Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).

• Skill in reading and interpreting signatures (e.g., snort).

Abilities:

• Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.

• Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.

• Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).

PRINCIPAL ACCOUNTABILITIES

• Participates in the research, installation, configuration, implementation, troubleshooting and maintenance of security systems and services.

• Participates in implementing controls and procedures to protect information systems from unauthorized or accidental modification, disclosure, or destruction, under the guidance of Team Leads or Management.

• Provides unassisted support to application owners, project manager, vendors, and end-users.

• Characterizes and analyzes network traffic to identify anomalous activity and potential threats to network resources.

• Documents and escalates incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.

• Performs analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.

• Performs cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.

• Performs cyber defense trend analysis and reporting.

• Provides daily summary reports of network events and activity relevant to cyber defense practices.

• Receives and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.

• Tracks and documents cyber defense incidents from initial detection through final resolution.

• Provides timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

• Uses cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.

• Works on teams and provide task completion for all levels of projects.

• Accountable for meeting and setting project timelines.

• Recommends technical standards.

• Participates in designing and planning of advanced security systems or services.

• Provides guidance and mentoring to Security Analyst(s).

• Researches and makes recommendations regarding the acquisition of new security tools and technology.

• Responsible for covering a 7x24 shift of on call support rotating which is rotated weekly among the Information Security Cyber Operations team.

• Ensures safe care to patients, staff and visitors; adheres to all Memorial Hermann policies, procedures, and standards within budgetary specifications including time management, supply management, productivity and quality of service.

• Promotes individual professional growth and development by meeting requirements for mandatory/continuing education and skills competency; supports department-based goals which contribute to the success of the organization; serves as preceptor, mentor and resource to less experienced staff.

• Demonstrates commitment to caring for every member of our community by creating compassionate and personalized experiences. Models Memorial Hermann’s service standards by providing safe, caring, personalized and efficient experiences to patients and colleagues.

• Other duties as assigned.