Principal Incident Response Analyst (Cloud)

You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world.  As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.
 

Position Purpose:

The Principal Incident Response Analyst (Cloud) investigates and responds to cyber security threats in the Multicloud, recommends enhancements to improve security, identifies common attack patterns against publicly exposed aspects of the organization's environment, and contributes to the implementation of scalable and preventative security measures. This position has a Cloud security focus and shares primary responsibility for incident response efforts for alerts associated with apps, data and infrastructure that exist in, or cross-over into, Cloud space. This includes understanding the potential attack surfaces, identifying cloud artifacts that inform the investigation, determining the cloud attack vector, and initiating containment and remediation efforts. The Principal IR Analyst will work with business units to accomplish enterprise-wide remediation, develop and deliver presentations to senior leadership team, and drive improvements that enhance the organizations overall security posture.

• Keeps abreast of security breaches and ensure incident and response management processes are initiated
• Implements security service audit schedules, review access authorization, and perform the required access controls testing to identify security shortfalls
• Automated scripts, contingency plans, and other programmed responses which are launched when an attack against Centene’s systems has been detected
• Collaborates with Information Security Architects, Information Security Engineers, and software or hardware stakeholders at Centene
• Ties third party attack monitoring services and threat reporting services, into internal CIRT (Cyber Incident Response Team) communications systems
• Performs other duties as assigned
• Complies with all policies and standards

Education/Experience:
A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) and requires deep functional and Centene specific knowledge with 6 – 8 years of related experience.

Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.

Technical Skills:

• Understanding of Cloud infrastructure
• Understanding of IAM in the Cloud
• Knowledge of threat actor tactics, techniques and procedures (TTPs).
• Knowledge of indicators of compromise (IOC).
• Knowledge of Cloud containment techniques.
• Experience with Other: Endpoint protection and enterprise detection & response software
• Knowledge of Other: Network and infrastructure technologies including routers, switches, firewalls, etc.
• 3+ years experience in Cloud security preferred

Soft Skills:

• Advanced - Seeks to acquire knowledge in area of specialty
• Advanced - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
• Advanced - Ability to work independently
• Advanced - Demonstrated analytical skills
• Advanced - Demonstrated project management skills
• Advanced - Demonstrates a high level of accuracy, even under pressure
• Advanced - Demonstrates excellent judgment and decision making skills
• Advanced - Ability to communicate and make recommendations to upper management
• Advanced - Ability to drive multiple projects to successful completion
• Advanced - Possesses technical aptitude

Certifications:

• GIAC Cloud Forensics Responder (GCFR) or equivalent preferred
• Microsoft Security Operations Analyst Associate preferred
• (SOC-200) or equivalent, AWS Certified Security - Specialty (SCS-c02), AWS Certified Solutions Architect or equivalent preferred

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules.  Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law.  Total compensation may also include additional forms of incentives.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.

Qualified applicants with arrest or conviction records will be considered in accordance with the LA County Ordinance and the California Fair Chance Act