Cybersecurity Engineer (Hybrid based in Dallas, TX)

Tenet is seeking a Cybersecurity Engineer. Below is a brief outline of what Tenet is seeking for this role.

OVERVIEW 

This role is part of a Cybersecurity team that delivers in-depth technical security services for our most critical applications and infrastructure, ensuring they are highly resilient against existing and emerging cybersecurity threats. 

REPORTING STRUCTURE & WORK SETTING

This position may be located in Dallas, Texas. The position will report to the Cybersecurity Security Operations Center Manager within the Corporate Cybersecurity team. 

RESPONSIBILITIES

The Cybersecurity Engineer provides engineering and operational support for the SIEM and SOAR technologies area within corporate Cybersecurity. This position ensures that all system components are maintained, updated, monitored, accessible, and available in accordance with cybersecurity standards while partnering with other engineers to evaluate, test, and implement diverse solutions. The Cybersecurity engineer will assist in cybersecurity investigations leveraging SIEM and SOAR. Other key responsibilities include:

• Serve as subject matter expert for the cybersecurity operations team and primary escalation point for SIEM platform issues, contributing to root-cause analysis, troubleshooting, and service restoration procedures. 
• Contribute to the development of enterprise-wide cyber security strategy by contributing to efforts with other stakeholders and working directly with Tenet service providers. 
• Reporting security gaps to leadership as applicable with appropriate recommendations 
• Providing strategic direction for Tenet Corporate, Tenet Healthcare Facilities, and Tenet-related business lines regarding data security, incident response, emerging cyber security technologies, and industry best practices 
• Intermediate Linux knowledge, including CLI and scripting (Python and/or PowerShell) 
• Intermediate understanding of cloud environments and ingesting logs from these environments 
• Willingness to support on an as-needed basis (including after-hours) active SIEM and investigation support during active incident response efforts 
• Interface with cybersecurity engineers, governance, and IT teams to assist in obtaining data analytics or data protection reports and correlations 
• Develop effective correlation rules and perform ongoing development for additional use cases 
• Tune SIEM components to ensure maximum reliability and reduce false positives 
• Integrate SIEM with a wide variety of data sources and industry-leading commercial security tools 
• Assist and perform testing of implemented solutions, recommend improvements, and support the deployment of changes following Tenet's change and release management process. 
• Perform maintenance and optimization of existing SIEM deployments 
• Promptly respond to requests for assistance from SIEM users and others 
• Adhere to relevant policies, procedures, standards, and security good/accepted practices 
• Resolve problems independently and understand escalation procedure 
• Respond promptly to all requests for access or other security exceptions requiring approval or involvement from the information security team 
• Generate custom dashboards, metrics, and/or reports as directed by Cybersecurity leadership 
• Assist with investigations and/or incidents as requested (including after hours on an as-needed basis) 
• Represent Tenet on external & internal risk and information security groups, as necessary. 
• Create formal documentation such as reports, training material, slide decks, and architecture diagrams

WORK EXPERIENCE AND EDUCATION 

• 4+ years of Information Technology experience 
• 3+ years of Cybersecurity experience specializing in SIEM design and implementation 
• BS in Computer Science or equivalent field preferred. Related job experience may substitute 
• GIAC-GCED, GCDA, GDSA, GMON, or other equivalent industry-standard security certifications preferred 

SPECIALIZED KNOWLEDGE, SKILLS & ABILITIES:

• Must be fluent in English. 
• Expert investigating incidents, leveraging and managing an SIEM platform. 
• Working knowledge of MITRE ATT&CK and other common Tactics, Techniques, and Procedures 
• Working knowledge of CIS Top 20, NIST, or other security frameworks 
• Ability to interact and negotiate across various departments 
• Excellent management and communication skills 
• Experience with security incidents and forensic investigations 
• Knowledge of and experience with risk management and mitigation 

Infrequent travel may be required < 1 25%. A Motor Vehicle Record (MVR) will be conducted on the finalist. 

Tenet Healthcare/USPI complies with federal, state, and/or local laws regarding mandatory vaccination of its workforce.  If you are offered this position and must be vaccinated under any applicable law, you will be required to show proof of full vaccination or obtain an approval of a religious or medical exemption prior to your start date.  If you receive an exemption from the vaccination requirement, you will be required to submit to regular testing in accordance with the law.                                                                                           

#LI-NO1