Description
What's the Job?
- Lead investigations into cybersecurity incidents impacting clinical systems, EHRs, medical devices, and protected health information (PHI).
- Respond to escalated alerts from the Security Operations Center (SOC) and coordinate containment and recovery efforts across various teams.
- Perform incident triage, containment, root cause analysis, and recovery across enterprise systems, including on-premises and cloud environments.
- Analyze security alerts, logs, endpoint telemetry, and network activity to identify threats and vulnerabilities.
- Develop and improve incident response playbooks, detection logic, and response processes to enhance organizational security posture.
What's Needed?
- At least 3 years of hands-on cybersecurity experience, focusing on incident response or threat detection.
- Experience responding to incidents in large enterprise environments, especially within healthcare or regulated industries.
- Strong understanding of incident response frameworks such as NIST 800-61 and threat models like MITRE ATT&CK.
- Proficiency with SIEM platforms (e.g., Splunk) and Endpoint Detection and Response (EDR) tools (e.g., CrowdStrike, SentinelOne).
- Excellent investigative skills across Windows, Linux, network traffic, and endpoint telemetry, with the ability to document incidents clearly and concisely
Key Skills
Education
Any Graduate
- Posted On: 15+ Days Ago
- Experience: 5+ years of experience
- Availability: Remote
- Openings: 1
- Category: Incident Response Analyst
- Tenure: Flexible Position