Primary City/State:
Phoenix, Arizona
Department Name:
IT Threat & Vulnerability Mgmt
Work Shift:
Day
Job Category:
Information Technology
Good health care is key to a good life. At Banner Health, we understand that, and that's why we work hard every day to make a difference in people's lives. Do you like the idea of making a positive change in people's lives - and your own? If so, this could be the perfect opportunity for you.
Possess two years of experience as normally obtained as a cybersecurity operations center analyst or IT help desk analyst. Must be able to participate in 24/7 incident response. Strong understanding of system, network, and/or application security experience. Strong understanding of Linux, virtualization, and networking concepts. Familiarity with SIEM (Security information and event management) tools, such as Splunk. Familiarity with Endpoint Protection and Response tools. Demonstrable understanding of the principles and practicalities of effectively triaging security events. Understanding of cybersecurity incident response processes. Experience with Antivirus and encryption tools. Strong communication skills to work with both collaborative cross-functional team of peers and departments within the company (product development, operations, networking, etc.). Must possess strong critical thinking, analytical, troubleshooting and problem-solving skills. Team player with ability to work autonomously. Ability to prioritize and reprioritize work as required. Experience with Vulnerability Assessment tools and processes. Ability to work calmly under pressure in the face of adversity and threat activity. Ability to establish positive working relationships and garner influence with other teams and team members. Strong desire and aptitude for continuous learning and keeping abreast of new and emerging technology. A collaborative attitude and strong desire to succeed as part of the team. Self-motivated and a strong passion for learning. Knowledge of MITRE ATT&CK Framework and Lockheed Martin Cyber Kill Chain. Knowledge of security threat and attack countermeasures.
In this position, as an Cybersecurity Incident Response Analyst I, you will work either 6am - 2pm or 10am - 6pm with on call duties. Banner Health IT was awarded Inside Pro and Computerworld's 100 Best Places to work in IT for 2020, 2021, 2022 and 2023!
Your pay and benefits (Total Rewards) are important components of your Journey at Banner Health. Banner Health offers a variety of benefit plans to help you and your family. We provide health and financial security options, so you can focus on being the best at what you do and enjoying your life.
Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.
POSITION SUMMARY
This position helps secure Banner's computing environment against both insider and outsider threats. The incumbent will utilize Banner's various security tools and processes to complete real-time monitoring & alert triage, log correlation analysis, incident analysis & response, intrusion detection, cloud security, trade craft analysis, traffic analysis, malware analysis, forensic artifact handling & analysis, and blue teaming. The incumbent will work collaboratively to develop new procedures and runbooks.
CORE FUNCTIONS
Respond to threats in real-time through effective analysis, triage and handling of cybersecurity alerts and events
Perform cyber security investigations and recommend remediation actions
Escalate cybersecurity incidents as defined in security procedures
Assist in updating/developing, implementing and operating requisite processes and procedures.
Participate in the evaluation and development of appropriate Key Performance Indicators, or Key Risk Indicators
Identify gaps in incident handling use cases and assist in developing processes and alerting rules within SIEM technologies.
This position is responsible for Cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management.
MINIMUM QUALIFICATIONS
Must possess strong knowledge of business, cybersecurity and/or computer science as normally obtained through the completion of a bachelor's degree.
Must possess knowledge as normally obtained through two years of experience as cybersecurity operations center analyst or IT help desk analyst. Must be able to participate in 24/7 incident response. Strong understanding of system, network, and/or application security experience. Strong understanding of Linux, virtualization, and networking concepts. Familiarity with SIEM (Security information and event management) tools, such as Splunk. Familiarity with Endpoint Protection and Response tools. Demonstrable understanding of the principles and practicalities of effectively triaging security events. Understanding of cybersecurity incident response processes. Experience with Antivirus and encryption tools. Strong communication skills to work with both collaborative cross-functional team of peers and departments within the company (product development, operations, networking, etc.). Must possess strong critical thinking, analytical, troubleshooting and problem-solving skills. Team player with ability to work autonomously. Ability to prioritize and reprioritize work as required. Experience with Vulnerability Assessment tools and processes. Ability to work calmly under pressure in the face of adversity and threat activity. Ability to establish positive working relationships and garner influence with other teams and team members. Strong desire and aptitude for continuous learning and keeping abreast of new and emerging technology. A collaborative attitude and strong desire to succeed as part of the team. Self-motivated and a strong passion for learning. Knowledge of MITRE ATT&CK Framework and Lockheed Martin Cyber Kill Chain. Knowledge of security threat and attack countermeasures.
PREFERRED QUALIFICATIONS
EC-Council - Certified SOC Analyst (CSA). EC-Council - Incident Handler.
Additional related education and/or experience preferred.
EOE/Female/Minority/Disability/Veterans (https://www.bannerhealth.com/careers/eeo)
Our organization supports a drug-free work environment.
Privacy Policy (https://www.bannerhealth.com/about/legal-notices/privacy)
EOE/Female/Minority/Disability/Veterans
Banner Health supports a drug-free work environment.
Banner Health complies with applicable federal and state laws and does not discriminate based on race, color, national origin, religion, sex, sexual orientation, gender identity or expression, age, or disability
