Senior Cybersecurity Operations Analyst - Remote

Lebanon, NH, United States

Full Time Senior-level / Expert USD 88K - 164K * ^est.

Dartmouth-Hitchcock Health

Dartmouth Hitchcock Medical Center and Dartmouth Hitchcock Clinics are a member of Dartmouth Health, providing healthcare services to patients across northern New England.

View all jobs at Dartmouth-Hitchcock Health

Apply now Apply later

Posted 16 hours ago

Overview

The Senior Cybersecurity Operations (SecOps) Analyst is responsible for advanced monitoring and analysis of the Dartmouth-Hitchcock Health (D-HH) cybersecurity posture. Works together with other D-HH SecOps analysts and the D-HH security operations center (SOC) to prepare for, monitor, detect, prioritize, analyze, respond to and report on cybersecurity incidents. Functions as the senior threat hunter and ensures D-HH threat intelligence is accurate, timely, accessible and integrated into key cybersecurity tools.

Responsibilities

Maintains, monitors, and analyzes cybersecurity audit logs and events by ensuring that D-HH critical infrastructure audit logging, alerting, and reporting is operational for detection of cybersecurity incidents. Collaborates with SOC analysts to improve visibility into D-HH systems and event correlation capability. Analyzes, classifies and prioritizes event alerts. Triages potential cybersecurity incidents for investigation. Reports incidents per procedures.

Responds to cybersecurity incidents. Maintains Incident Response plans, playbooks, and procedures. Conducts and documents complex investigations of cybersecurity breaches and incidents. Assesses impact on the organization and report on findings.

Manages threat intelligence by performing advanced threat hunting activities. Collects and analyzes threat intelligence. Correlates threats and vulnerabilities and audits logs to maintain situational awareness. Incorporates threat intelligence into D-HH security tools.

Manages enterprise vulnerabilities. Identifies, analyzes, and prioritizes vulnerabilities across the enterprise. Reports on recommended patching and remediation efforts to appropriate parties. Follows escalation procedures as necessary. Performs penetration testing on specific devices and assist third party penetration testing on the D-HH network.

Performs system testing for new cybersecurity tools.

Handles and triages end-user and customer reported incidents & requests.

Performs other duties as required or assigned.

Qualifications

Bachelor’s Degree in Computer Science, Engineering, Cybersecurity or a related field, or the equivalent in education and experience required.
Five (5) years of increasing responsibility and experience in Information Technology.
Demonstrable knowledge, certification, or experience with cybersecurity frameworks, tools, techniques required. Cybersecurity and/or system administration experience is strongly preferred.
Experience with incident detection, incident response and computer / digital forensic techniques and investigations is strongly preferred.
Experience with end-user support, security event and audit log management systems, vulnerability scanning and management, basic malware handling and analysis techniques, knowledge of various technical security controls are highly desirable skills.
Must have solid written and verbal communications skills and be able to work independently.
Must have a meticulous attention to detail, proven problem-solving skills, work comfortably under pressure and deliver on tight deadlines.
Familiarity with health care relevant regulatory legislation and standards for the protection of health information and patient privacy (HIPAA, NIST).
Must be self-directed, flexible, and have excellent organizational, analytical, and interpersonal communication skills.