GENERAL SUMMARY:
Reporting to the Information Security Services Manager, the Cyber Security Analyst is an operational role focusing on real time security event monitoring and security incident response. As a Cyber Security Analyst, you will actively manage the continuous protection of systems and information assets by contributing to or leading teams in the execution and implementation of information security defense improvements involving architecture, processes, tools and automation. This includes protecting both cloud and on-premises infrastructures, monitoring events by identifying suspicious activity and conducting incident investigation leading to the remediation of attack. Working with IT members you will carry out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted. The Cyber Security Analyst position is a valued member of the Information Privacy & Security Office (IPSO) department and will work closely with other members of the SOC, IPSO (Risk, Privacy, etc.) and IT programs to develop and implement a comprehensive approach to the management of security risks.
PRINCIPLE DUTIES AND RESPONSIBILITIES:
Rapidly respond to alerts and incidents reported by security systems and employees.
Escalate incidents as required to other security team members and/or the Infrastructure Team.
Continuous monitoring, prioritization, identifying security incidents and remediation of vulnerabilities.
Threat hunting utilizing SIEM (QRadar) or other data analytics solutions (CISCO Stealthwatch, ISE, Cisco secure endpoints etc.)
Perform phishing investigations (ProofPoint, Azure ATP) and response.
Ensure that all security events are properly documented/tracked to meet audit and legal requirements
Working closely with IT/legal towards the continuous improvement of the service.
Create and maintain documentation for existing and new security systems and processes.
Manage and configure security tools (SIEM, EDR, DLP etc.).
On call rotation 24x7 shift environment.
Other duties as assigned.
Technology Requirements:
NGAV products (Carbon Black, Cisco secure endpoints, Crowdstrike).
Email defense (Proofpoint, Mimecast, Exchange Online ATP).
Vulnerability Management (Tenable, Rapid7 InsightVM, Qualys).
Security Awareness Platforms (KnowBe4, PhishMe, Ninjio).
Active Directory.
Networking and server knowledge.
EDUCATION/EXPERIENCE REQUIRED:
Bachelor's degree in Computer Science, Information Assurance, Information Technology or STEM degree or 3 - 4+ years equivalent experience (Information Security, IT network).
Five (5) years of experience required. CompTIA Security+, preferred.
CEH (Certified Ethical Hacker), preferred.
GIAC (Certified Penetration), preferred.
CISM (Certified Information Security), preferred.
CISSP: (Certified Information Systems Security Professional), preferred.
Additional Information
Organization: Corporate Services
Department: Ascension Cybersecurity IR
Shift: Day Job
Union Code: Not Applicable
Additional Details
This posting represents the major duties, responsibilities, and authorities of this job, and is not intended to be a complete list of all tasks and functions. It should be understood, therefore, that incumbents may be asked to perform job-related duties beyond those explicitly described above.
Overview
Henry Ford Health partners with millions of people on their health journey, across Michigan and around the world. We offer a full continuum of services - from primary and preventative care to complex and specialty care, health insurance, a full suite of home health offerings, virtual care, pharmacy, eye care and other health care retail. With former Ascension southeast Michigan and Flint region locations now part of our team, Henry Ford's care is available in 13 hospitals and hundreds of ambulatory care locations. Based in Detroit, Henry Ford is one of the nation's most respected academic medical centers and is leading the Future of Health: Detroit, a $3 billion investment anchored by a reimagined Henry Ford academic healthcare campus. Learn more at henryford.com/careers .
Benefits
The health and overall well-being of our team members is our priority. That's why we offer support in the various components of our team's well-being: physical, emotional, social, financial and spiritual. Our Total Rewards program includes competitive health plan options, with three consumer-driven health plans (CDHPs), a PPO plan and an HMO plan. Our team members enjoy a number of additional benefits, ranging from dental and eye care coverage to tuition assistance, family forming benefits, discounts to dozens of businesses and more. Employees classified as contingent status are not eligible for benefits.
Equal Employment Opportunity/Affirmative Action Employer
Equal Employment Opportunity / Affirmative Action Employer Henry Ford Health is committed to the hiring, advancement and fair treatment of all individuals without regard to race, color, creed, religion, age, sex, national origin, disability, veteran status, size, height, weight, marital status, family status, gender identity, sexual orientation, and genetic information, or any other protected status in accordance with applicable federal and state laws.