The Cyber Security specialist position will support multiple security initiatives involving: vulnerability management, SIEM, NGAV, different tool set, compliance, security frameworks and threat management. This person will be reviewing a variety of threat information while investigating suspected incidents. This team member is responsible for ensuring that the handling of sensitive company and client information follows company and industry standards. Maintains and fosters the ongoing service relationships throughout the organization

Essential Duties:

• Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns
• Analyze system logs and other event logs to detect nefarious activity
• Track reports, including computer security incidents and guides the investigation and resolution of such incidents
• Recommends, tests, schedules and implements upgrades and patches that may affect UH as well as the enterprise security applications and the servers they reside on.
• Coordinate with system and application owners to remediate threat vulnerabilities and develop methods to measure and report on remediation progress.
• Hands-on security applications tool management, and security policy administration
• Review IPS and Network Monitoring alerts.  Initiate Incident Response Team as needed and coordinate with teams as necessary.  Perform forensic research and images as needed.
• Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns
• Research and resolve first tier problems via Service Desk Trouble Tickets.
• Document processes for IT security operations (IPS/NGAV/URL filtering/DLP firewall changes and maintenance, etc)
• Design and implement processes to monitor and manage server security, from file sharing to remote console access to application security.
• Hours commensurate with standard system administration responsibilities including 24 x 7 production support on a rotating basis. Performs occasional night/weekend work as assigned/needed.
• Ability to coordinate, analyze, observe, make decisions, and meet deadlines in a detail-oriented manner. Partner with other teams as needed.
• Contribute to the vision of information security tools and processes with an eye toward the future

The Cyber Security specialist position will support multiple security initiatives involving: vulnerability management, SIEM, NGAV, different tool set, compliance, security frameworks and threat management. This person will be reviewing a variety of threat information while investigating suspected incidents. This team member is responsible for ensuring that the handling of sensitive company and client information follows company and industry standards. Maintains and fosters the ongoing service relationships throughout the organization

Essential Duties:

• Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns
• Analyze system logs and other event logs to detect nefarious activity
• Track reports, including computer security incidents and guides the investigation and resolution of such incidents
• Recommends, tests, schedules and implements upgrades and patches that may affect UH as well as the enterprise security applications and the servers they reside on.
• Coordinate with system and application owners to remediate threat vulnerabilities and develop methods to measure and report on remediation progress.
• Hands-on security applications tool management, and security policy administration
• Review IPS and Network Monitoring alerts.  Initiate Incident Response Team as needed and coordinate with teams as necessary.  Perform forensic research and images as needed.
• Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns
• Research and resolve first tier problems via Service Desk Trouble Tickets.
• Document processes for IT security operations (IPS/NGAV/URL filtering/DLP firewall changes and maintenance, etc)
• Design and implement processes to monitor and manage server security, from file sharing to remote console access to application security.
• Hours commensurate with standard system administration responsibilities including 24 x 7 production support on a rotating basis. Performs occasional night/weekend work as assigned/needed.
• Ability to coordinate, analyze, observe, make decisions, and meet deadlines in a detail-oriented manner. Partner with other teams as needed.
• Contribute to the vision of information security tools and processes with an eye toward the future

Experience & Knowledge:

• Five years IT experience and two year of IT security preferred.
• Prior experiencing working in a security operations center environment.
• Prior experience analyzing security events (IPS,NAC,email security,NGAV, Vulnerability Management  DLP, URL filtering SIEM,)
• Strong analytical, interpersonal and communication skills required to work effectively with IT&S, Law, Compliance, and clients
• Ability to effectively document processes required.
• Demonstrated initiative to learn new technologies.
• Excellent written and verbal interpersonal skills, including strong presentation skills.
• Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams
• Must be self-starter who is inspired by technology, highly organized, and ability to work with minimal supervision
• Excellent skills with Microsoft Office Suite required.
• Must have strong written and verbal communication skills.
• Healthcare experience preferred, especially in a large hospital setting.
• Passion for information security and information assurance

Special Skills & Tools Knowledge:

• Proficiency in operating systems (Windows, Mac, Linux/Unix, mobile), network theory/design, penetration testing, endpoint security monitoring, coding and scripting, reverse engineering of malware, enterprise risk methodologies
• Experience with firewall preferred.
• Experience with Windows Server and Unix preferred.

• Experience with scripting languages (e.g. Powershell, VB, C#) preferred.
• Previous experience with end point protection tools (e.g. Antivirus, Antispam) preferred.
• Previous experience with IPS, network monitoring tools, and FW rule sets preferred
• Previous experience with Web Filtering products preferred.

Education:

• High school diploma or equivalent required. Bachelor’s Degree preferred.

Credentials, Licensure or Certification (i.e. RN, RRT):

• Microsoft (MCP, MCSE), Citrix, CISSP, Cisco, VMWare, A+, Security+, or similar preferred but not required.