Sr Cybersecurity Analyst

CommonSpirit Health was formed by the alignment of Catholic Health Initiatives (CHI) and Dignity Health. With more than 700 care sites across the U.S. from clinics and hospitals to home-based care and virtual care services CommonSpirit is accessible to nearly one out of every four U.S. residents. Our world needs compassion like never before. Our communities need caring and our families need protection. With our combined resources CommonSpirit is committed to building healthy communities advocating for those who are poor and vulnerable and innovating how and where healing can happen both inside our hospitals and out in the community.

As a Senior Cybersecurity Analyst, you are equipped with advanced resources to actively hunt for and help stop threats from gaining initial footholds, propagating within the network or responding to threats within the enterprise.  In addition to detecting, investigating, and responding to cyber threats you will provide input to improving operations, implementing preventative security measures, building response playbooks and contributing to containment and recovery strategies. 

You will be a mentor to other CDC Analysts on how to actively hunt and detect activities of new threats facing CommonSpirit.   Coordinate and collaborate with Threat Intelligence and other CDC Analysts and help teams contain or remediate cyber threats and vulnerabilities as needed. 

The Senior Cybersecurity Analyst  will report to the Director of the CyberDefense Center as part of the overall Cyber Vigilance and Defense team focused on identifying, protecting, responding and containing threats and vulnerabilities to the enterprise.

• Performs advanced and complex operational or analytical tasks.
• Supports the discovery, identification and analysis of threats and vulnerabilities within the enterprise. 
• Responds to Cyber Security Incidents with urgency. Escalating to higher tiers when necessary.. 
• Possess and maintain a deep knowledge about the cybersecurity threatscape
• Participates in the creation & documentation of tactical processes & procedures. 
• Collaborates with a variety of stakeholders to facilitate Cyber Security Incident Response
• Prepare details and/or reports, as requested, of analysis methodology and results.
• Participates in strategy design and leads initiatives
• Proactively identifies and escalates security issues, risks, or operational performance concerns.  
• May act as an escalation point for others.
• Identifies and drives process improvement
• Maintain and employ a strong understanding of advanced threats, continuous vulnerability assessment, response and mitigation strategies used in Cybersecurity operations
• Work with Threat Intelligence teams or be able to interpret IOC’s and use them efficiently for threat hunting and alerting.
• Actively discover cyber vulnerabilities and proactively “hunt” for potential malicious activity and incidents using advanced threat network and host-based tools affecting CommonSpirit or connected third-party providers.
• Partner with SIEM and anomaly detection engineers and content developers to improve data quality and reduce false positives. 
• Contribute to threat detection and hunting playbooks and patterns across a variety of technologies and with developing scripts or automation playbooks to facilitate investigative or create workflow efficiencies.
• Create reports and dashboards within a variety of security technologies and ticket management tools, as needed to enhance investigations or CDC operations.
• Perform in-depth security forensics and analysis to capture incident artifacts or to effectively identify suspicious activity.
• Communicate alerts, with appropriate urgency, regarding intrusions and compromises to identities, network infrastructure, applications and operating systems. Assists with implementation of counter-measures or mitigating controls.
• Maintain records of reported issues, security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Resolve problems independently and follow documented escalation procedures.
• Adhere to policies, procedures, and security practices.
• Recommend changes to Standard Operating Procedures and other similar documentation.
• Mentor CDC Analysts in advanced investigative and hunting techniques.
• Remote eligible.

• Bachelors Preferred
• 2 or more relevant technical/professional security certifications preferred
• 5+ years job related experience preferred