JOB SUMMARY
The Sr. Incident Response Engineer will take on the lead cyber security incident responder role on the Baylor Scott & White Health cyber defense team. This role will be responsible for leading the incident response capabilities of the organization by developing and improving runbook procedures to mitigate risk and enhance incident response processes.
The Pay range for this position is $56.02/hour ($116,521 annualized) for those with entry-level qualifications up to $100.75/hour ($209,560 annualized) for those highly experienced. The specific rate will depend upon the successful candidate's specific qualifications and prior experience..
KEY RESPONSIBLITIES
Conduct security investigations and lead security incident response in cross-functional environment and drive incident resolution
Actively call and lead security incident bridges and coordinate internal incident response efforts between operations team, and managed security services.
Develop Incident Response initiatives that improve our capabilities to effectively respond and remediate security incidents
Expand SIEM program, ensuring log coverage, alert development, and process improvement.
Partner with cyber threat intelligence, the vulnerability management team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect, respond to, and remediate vulnerabilities
Support broader security operation initiatives both within the cyber defense team, and within engineering and operation departments across the organization
Be a security liaison and enabler to Managed Service counter parts.
Create and improve security playbook for a variety of incident and compromise types for all levels of engineers and stakeholders.
KEY SUCCESS FACTORS
More advanced leadership, problem solving, team building, and judgment-making skills.
Skilled project manager with ability to articulate business needs.
Excellent written, verbal, and social communication skills.
Proficient computer software and database skills.
Ability to focus and prioritize strategic targets and work in a growing and challenging environment.
Drives long term planning and strategic portfolio vision creation for improvements and strategies, with oversight from Director and VP as needed
Knowledge of interdependencies of healthcare landscape and its influence on portfolio
Establishes external relationships with other thought leaders in healthcare IT
Maintains a broad knowledge of state-of-the-art technology, equipment, and systems.
BENEFITS
Our competitive benefits package includes the following
Immediate eligibility for health and welfare benefits
401(k) savings plan with dollar-for-dollar match up to 5%
Tuition Reimbursement
PTO accrual beginning Day 1
Note: Benefits may vary based upon position type and/or level
BASIC QUALIFICATIONS:
BS degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree; or 5 years equivalent technology experience
5+ years' experience in information security in an enterprise environment
3+ years' experience and understanding of incident response processes in both datacenter and cloud based environments, forensic techniques, executing and administration of crisis bridges, and preparation and delivery of incident reports for executives
Knowledge of malware trends and behaviors and the ability to work with other teams to detect and respond to these threats
Experience with Intrusion Detection and Prevention Systems (IDS/IPS), Firewall and Network Log analysis, Security Information and Event Management (SEIM) tools, threat intelligence services, and malware analysis
Experience analyzing network and host-based security events
Experience with attacker tactics, techniques, and procedures
Experience with Windows and Linux Operating Systems
Knowledge of common software, operating systems vulnerabilities, and Unix/Linux
Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk
Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK
Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization
Experience creating workflows and remediation plans for vulnerabilities identified
Incident Response experience in a healthcare environment
Experience using ServiceNow for SIR, CMDB, and/or ITSM functions
Contribution or development of policies and standards
Experience participating in or leading security table top exercises
PREFERRED CERTIFICATIONS
Certified Information Systems Security Professional (CISSP) certification
Certified Information Security Manager (CISM) certification
GIAC Certified Incident Handler (GCIH) certification
FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
FOR500: Windows Forensic Analysis
MINIMUM QUALIFICATIONS
As a health care system committed to improving the health of those we serve, we are asking our employees to model the same behaviours that we promote to our patients. As of January 1, 2012, Baylor Scott & White Health no longer hires individuals who use nicotine products. We are an equal opportunity employer committed to ensuring a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.