Match score not available

Sr. Incident Response Engineer

extra holidays

Remote:

Full Remote

Contract:

Full time

Experience:

Senior (5-10 years)

Work from:

United States

Offer summary

Qualifications:

BS degree in computer science or related field, 5+ years of experience in information security, 3+ years incident response experience in cloud and datacenter environments, Knowledge of intrusion detection/prevention systems, Experience with cybersecurity frameworks like NIST, MITRE ATT&CK.

Key responsabilities:

Lead incident response investigations and resolution
Enhance incident response capabilities and runbook procedures
Expand SIEM program including log coverage and alert development
Collaborate with cyber threat intelligence and vulnerability management teams
Create and improve security playbooks for incidents

Baylor Scott & White Health Health Care XLarge https://bswhealth.com/

10001 Employees

See more Baylor Scott & White Health offers

Job description

Job Summary

The Sr. Incident Response Engineer will take on the lead cyber security incident responder role on the Baylor Scott & White Health cyber defense team. This role will be responsible for leading the incident response capabilities of the organization by developing and improving runbook procedures to mitigate risk and enhance incident response processes.

The Pay range for this position is $56.02/hour ($116,521 annualized) for those with entry-level qualifications up to $100.75/hour ($209,560 annualized) for those highly experienced. The specific rate will depend upon the successful candidate's specific qualifications and prior experience..

KEY RESPONSIBLITIES

Conduct security investigations and lead security incident response in cross-functional environment and drive incident resolution
Actively call and lead security incident bridges and coordinate internal incident response efforts between operations team, and managed security services.
Develop Incident Response initiatives that improve our capabilities to effectively respond and remediate security incidents
Expand SIEM program, ensuring log coverage, alert development, and process improvement.
Partner with cyber threat intelligence, the vulnerability management team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect, respond to, and remediate vulnerabilities
Support broader security operation initiatives both within the cyber defense team, and within engineering and operation departments across the organization
Be a security liaison and enabler to Managed Service counter parts.
Create and improve security playbook for a variety of incident and compromise types for all levels of engineers and stakeholders.

KEY SUCCESS FACTORS

More advanced leadership, problem solving, team building, and judgment-making skills.
Skilled project manager with ability to articulate business needs.
Excellent written, verbal, and social communication skills.
Proficient computer software and database skills.
Ability to focus and prioritize strategic targets and work in a growing and challenging environment.
Drives long term planning and strategic portfolio vision creation for improvements and strategies, with oversight from Director and VP as needed
Knowledge of interdependencies of healthcare landscape and its influence on portfolio
Establishes external relationships with other thought leaders in healthcare IT
Maintains a broad knowledge of state-of-the-art technology, equipment, and systems.

Benefits

Our competitive benefits package includes the following

Immediate eligibility for health and welfare benefits
401(k) savings plan with dollar-for-dollar match up to 5%
Tuition Reimbursement
PTO accrual beginning Day 1

Note: Benefits may vary based upon position type and/or level

Basic Qualifications

BS degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree; or 5 years equivalent technology experience
5+ years’ experience in information security in an enterprise environment
3+ years’ experience and understanding of incident response processes in both datacenter and cloud based environments, forensic techniques, executing and administration of crisis bridges, and preparation and delivery of incident reports for executives
Knowledge of malware trends and behaviors and the ability to work with other teams to detect and respond to these threats
Experience with Intrusion Detection and Prevention Systems (IDS/IPS), Firewall and Network Log analysis, Security Information and Event Management (SEIM) tools, threat intelligence services, and malware analysis
Experience analyzing network and host-based security events
Experience with attacker tactics, techniques, and procedures
Experience with Windows and Linux Operating Systems
Knowledge of common software, operating systems vulnerabilities, and Unix/Linux
Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk
Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK
Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization
Experience creating workflows and remediation plans for vulnerabilities identified
Incident Response experience in a healthcare environment
Experience using ServiceNow for SIR, CMDB, and/or ITSM functions
Contribution or development of policies and standards
Experience participating in or leading security table top exercises