Staff Tech's client, a leader in the healthcare industry is in need of a Cyber Security Consultant, Threat Intelligence. This position is responsible for providing data security support and guidance to the organization's operating units and affiliates for multi-faceted protection. This individual will represent the Department on project teams and other Privacy Investigation (PI) and Information Security (IS) initiatives. The position will be primarily responsible for monitoring data from the security solutions and provides hands-on security administration for a broad range of security duties and requires a high level of technical experience. Duties and responsibilities include, but are not limited to, oversight of design, engineering, analysis, research, testing and monitoring. This is a technical position on the Information Security Team and is the most seasoned team member in terms of scope and expertise and is considered the 3rd level of analyst on the team.The Group:
The Vulnerability Management & Threat Intelligence (VMTI) group is responsible for the program of vulnerability management, threat intelligence, penetration testing, and red/blue teaming services to support the Cyber Security Operations Center (CSOC). Positions in this group represent the Privacy and Information Security department and will work with their leadership, technical operations and other groups to proactively identify, quantify, and report vulnerabilities and threats throughout the organization.
- Performing and reporting vulnerability scanning operations
- Working with key stakeholders to remediationvulnerabilities
- Carrying out threat hunting campaigns and missions
- Supporting penetration testing services with internal and external stakeholders
- Coordinating and executing of purple teaming exercises with IR Team resources
- Facilitating of Cyber Threat Simulation Exercise
- Conducting cyber threat intelligence researches and assessments
- Tracking threat actors and campaigns
- Maturing the intelligence development process, procedures, and techniques
- Engaging internal and external entities to gather cyber threat intelligence
- Supporting in penetration testing services with internal and external stakeholders
- Facilitating Cyber Threat Simulation Exercises
- Coordinating penetration testing services with internal and external stakeholders
- Delivering pen-test engagements via out hands-on keyboard
- Coordinating and executing purple teaming exercises with IR Team resources
- Coordinating and executing red team projects
- Supporting vulnerability scanning operations
- Facilitating Cyber Threat Simulation Exercise
- Bachelor's Degree in Business, Cyber Security, Risk Management, Information Technology, Computer Science or related field required or equivalent education/experience.
- Certified Information Systems Security Professional - CISSP preferred.
- Previous experience as an IT Security Analyst or 6-9 years professional experience in a similar position.
- Previous experience providing cyber security support by planning, coordinating, integrating and synchronizing cyber defense and prevention activities.
- Proven experience ensuring compliance with all applicable state and federal cyber laws and regulations
- Significant experience creating comprehensive and accurate reports that are used to communicate the organization's risk profile impact to peers and management.
- Thorough knowledge of information systems security concepts and current information security trends and practices including security processes and methods.
- In depth knowledge regarding NIST, HIPAA, FIPS, and other recognized industry security standards.
- Detailed understanding of end point security technologies (Antivirus, Forensics, Anti-malware, HIPS).
- Detailed understanding of end point operating systems (Windows and Linux).
- In depth knowledge of cyber security solutions, policies and technologies.
- Understanding of the lifecycle of a network threat and network vulnerability exploitation.
- Working understanding of the anatomy of a cyber attack.
- Advanced level of skill using Microsoft windows workstation and server, Unix/Linux and network OS's
- Proven ability to use Internet Technologies including DNS, routing, SMTP, HTTP, DHCP, and FTP etc.
- Demonstrated ability to acquire images, either remote or local, to a workstation or server.
- Proven ability to conduct forensics activities in the context of an active attack.
- Strong technical skills in end point security controls, such as ACLs, HIPS, registry, logging, and forensics.
- Strong ability to perform and conduct incident Response and participate in security incident and post incident response process.
- Proven ability to break down highly complex technical topics into language and diagrams understandable to a wide audience.
- provided by Dice