Cyber Security Consultant - Threat Intelligence

We are so glad you are interested in joining Sutter Health!

Organization:

SHSO-Sutter Health System Office-Valley

Position Overview:

A Cybersecurity Threat Intelligence Consultant/Analyst is responsible for collecting, analyzing, and disseminating threat intelligence to inform the organization’s security strategy and enhance its defenses against cyber threats. This role involves working closely with internal and external stakeholders to understand the threat landscape, identify risks, and support proactive and reactive security measures.

Key Responsibilities:

Threat Intelligence Collection & Analysis

Gather intelligence from open-source, dark web, commercial feeds, and trusted industry sources.
Analyze threat actor tactics, techniques, and procedures (TTPs) to assess potential risks.
Correlate intelligence data to identify trends, patterns, and emerging threats.
Reporting & Dissemination

Produce actionable threat intelligence reports tailored to various audiences, including technical teams and leadership.
Share timely alerts and advisories about new vulnerabilities, exploits, and attack campaigns.
Create threat profiles for adversaries targeting the organization or its industry.
Operational Support

Provide intelligence-driven insights to support incident response and proactive threat hunting efforts.
Work with the SOC team to integrate threat intelligence into detection and monitoring workflows.
Validate the effectiveness of security controls against known and emerging threats.
Collaboration & Knowledge Sharing

Partner with internal teams, such as security operations, red teams, and risk management, to align intelligence efforts.
Collaborate with industry peers, ISACs, and government entities to exchange intelligence.
Mentor junior analysts in threat intelligence methodologies and tools.
Tool and Data Management

Manage threat intelligence platforms (TIPs) and ensure effective integration with other security tools.
Evaluate and recommend new tools or data feeds to improve threat intelligence capabilities.
Maintain databases of IOCs and ensure their relevance and accuracy.
Continuous Improvement

Stay updated on global and regional cyber threats, geopolitical developments, and technological trends.
Regularly review and refine intelligence processes to improve speed and relevance.
Conduct post-mortem analyses of incidents to improve intelligence quality and response capabilities.

Job Description:

EDUCATION
Equivalent experience will be accepted in lieu of the required degree or diploma.

• Bachelor's: Business, Cyber Security, Risk Management, Information Technology, Computer Science or related field or equivalent education/experience

PREFERRED EXPERIENCE AS TYPICALLY ACQUIRED IN:

• 8 years experience

• Experience providing cyber security support by planning, coordinating, integrating and synchronizing cyber defense and prevention activities preferred.

• Experience creating comprehensive and accurate reports that are used to communicate risk profile impact to peers and management preferred.

• Experience ensuring compliance with all applicable state and federal cyber laws and regulations preferred.

• Incident Command experience preferred

SKILLS AND KNOWLEDGE

• Thorough knowledge of information systems security concepts and current information security trends and practices including security processes and methods.

• General knowledge of Federal and State IS security and privacy-related regulatory requirements and laws.

• General knowledge regarding National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Processing Standards (FIPS), and other recognized industry security standards. and best practices.

• Detailed understanding of end point security technologies (Antivirus, Forensics, Anti-malware, HIPS)

• Detailed understanding of end point operating systems (Windows and Linux)

• In depth knowledge of cyber security solutions, policies and technologies

• Understanding of the lifecycle of a network threat and network vulnerability exploitation in a healthcare environment

• Working understanding of the anatomy of a cyber attack: advanced level of skill using Microsoft windows workstation and server, UNIX/Linux and network operating systems, proven ability to use internet technologies including DNS, routing, smtp, http, DHCP, and ftp etc.

• Technical skills in planning, administration, and management of information systems, operational and technical security controls, and security risk analysis and management

• Written/verbal interpersonal communication skills with the ability to interact effectively with a broad and diverse group of peers, users, and executives.

• Proven ability to prioritize work while multi-tasking on assigned work.

• Demonstrated ability to acquire images, either remote or local, to a workstation or server.

• Proven ability to conduct forensics activities in the context of an active attack.

• Technical skills in end point security controls, such as access control lists, host intrusion prevention system, registry, logging, and forensics.

• Ability to perform and conduct incident response and participate in security incident and post incident response process

• Proven ability to break down highly complex technical topics into language and diagrams understandable to a wide audience.

Job Shift:

Days

Schedule:

Full Time

Days of the Week:

Monday - Friday

Weekend Requirements:

As Needed

Benefits:

Yes

Unions:

No

Position Status:

Exempt

Weekly Hours:

40

Employee Status:

Regular

Sutter Health is an equal opportunity employer EOE/M/F/Disability/Veterans.

Pay Range is $68.59 to $109.75 / hour

The salary range for this role may vary above or below the posted range as determined by location. This range has not been adjusted for any specific geographic differential applicable by area where the position may be filled. Compensation takes into account several factors including but not limited to a candidate’s experience, education, skills, licensure and certifications, department equity, training and organizational needs. Base pay is just one piece of the total rewards program offered by Sutter Health. Eligible roles also qualify for a comprehensive benefits package. ​