Cyber Defense Analyst I

At Memorial Hermann, we’re about creating exceptional experiences for both our patients and our employees. Our goal is to provide opportunities for our diverse employee population that develop and grow careers in a team-oriented environment focused on patient care. Every employee, at every level, begins their journey at Memorial Hermann learning about the history of the organization and its established culture built on trust and integrity. Our employees drive this culture, and we want you to be a part of it. Job Summary Position responsible for performing security monitoring and incident response tasks and will often be required to work independently. Position uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within the Memorial Hermann environments for the purposes of mitigating threats. Additionally, investigates, analyzes, and responds to cyber incidents within the network environment. Job Description MINIMUM QUALIFICATIONS Education: Bachelor’s degree preferred or equivalent experience Certifications: Linux , MCSA, or 1 year of relevant experience Experience: 1-3 years of related experience required Knowledge: Knowledge of computer networking concepts and protocols, and network security methodologies. Knowledge of cybersecurity and privacy principles. Knowledge of cyber threats and vulnerabilities. Knowledge of authentication, authorization, and access control methods. Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists). Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions. Knowledge of operating systems. Knowledge of key concepts in security management (e.g., Release Management, Patch Management). Knowledge of Virtual Private Network (VPN) security. Skills: Skill of identifying, capturing, containing, and reporting malware. Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort). Skill in collecting data from a variety of cyber defense resources Skill in recognizing and categorizing types of vulnerabilities and associated attacks. Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Skill in reading and interpreting signatures (e.g., snort). Abilities: Ability to conduct vulnerability scans and recognize vulnerabilities in security systems. Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute). Demonstrates commitment to the Partners-in-Caring process by integrating our culture in all internal and external customer interactions; delivers on our brand promise of “we advance health” through innovation, accountability, empowerment, collaboration, compassion and results while ensuring one Memorial Hermann. PRINCIPAL ACCOUNTABILITIES Participates in the research, installation, configuration, implementation, troubleshooting and maintenance of security systems and services. Participates in implementing controls and procedures to protect information systems from unauthorized or accidental modification, disclosure, or destruction, under the guidance of Team Leads or Management. Provides unassisted support to application owners, project manager, vendors, and end-users. Characterizes and analyzes network traffic to identify anomalous activity and potential threats to network resources. Documents and escalates incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment. Performs analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. Performs cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation. Performs cyber defense trend analysis and reporting. Provides daily summary reports of network events and activity relevant to cyber defense practices. Receives and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Tracks and documents cyber defense incidents from initial detection through final resolution. Provides timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities. Uses cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity. Works on teams and provide task completion for all levels of projects. Accountable for meeting and setting project timelines. Recommends technical standards. Participates in designing and planning of advanced security systems or services. Provides guidance and mentoring to Security Analyst(s). Researches and makes recommendations regarding the acquisition of new security tools and technology. Responsible for covering a 7x24 shift of on call support rotating which is rotated weekly among the Information Security Cyber Operations team. Ensures safe care to patients, staff and visitors; adheres to all Memorial Hermann policies, procedures, and standards within budgetary specifications including time management, supply management, productivity and quality of service. Promotes individual professional growth and development by meeting requirements for mandatory/continuing education and skills competency; supports department-based goals which contribute to the success of the organization; serves as preceptor, mentor and resource to less experienced staff. Other duties as assigned. Belonging is a powerful feeling. It lets you know you’re in the right place – one where you can make the greatest difference – with people who share your motivation, your vision and your passion. It’s being valued and supported. Satisfied and rewarded. It’s a perfect fit. And it’s the assurance that you’re truly home. Memorial Hermann is exactly where you belong.