Cybersecurity Event/Incident Consultant Job at Health Care Service Corporation, Richardson, TX

UlRKM1NJQnZJblhRR1MxZ1lacEkyQ3dKUUE9PQ==
  • Health Care Service Corporation
  • Richardson, TX

Job Description

At HCSC, our employees are the cornerstone of our business and the foundation to our success. We empower employees with curated development plans that foster growth and promote rewarding, fulfilling careers.

Join HCSC and be part of a purpose-driven company that will invest in your professional development.

This position is responsible for handling 24x7 Cyber Defense & Investigation (CD&I) Incident Response (IR) services of HCSC’s threat landscape. This role coordinates and drives the response of cyber security incidents within the HCSC environments through leadership, investigation, analysis, containment, eradication, recovery, and mitigation. The incumbent is responsible for leveraging security data from internal sensors, systems, (IDS, routers, SIEMS, XDR, firewalls, hosts, etc.) and external sources (Industry portals, the DoD, US-CERT, partners, etc.) to track down potential threats and attack activity. Additionally, the role conducts forensic network analysis, environment monitoring, and development of thorough incident reports to deliver threat awareness and executive briefings. Incident Response develops, maintains, and trains staff and leaders on comprehensive incident response activities and plans. IR makes recommendations to enhance the cyber defense technology stack; and develops threat rules and signatures for cyber defense technologies. Maintains the incident type and categorization framework.

NOTE: This hybrid role can be located in CHICAGO or WAUKGEN,IL or RICHARDSON TX ~ relocation will not be offered; sponsorship is not available.

Required Job Qualifications:

* Bachelor’s degree and 6 years of experience OR 7 years of experience plus associate degree or technical certification(s) OR 8 years military experience in Cybersecurity OR 9 years technical experience.

*Experience with digital forensics techniques and tools.

*Proficient in researching and tracking Advanced Persistent Threat (APT) campaigns.

*Expertise in malware analysis or malware reverse engineering.

* Understanding of business operations including portfolios, product, technologies, and services.

* Extensive expertise and experience with (SIEM) and SOAR technologies.

*Ability to verbally communicate complex technical concepts to both technical and non-technical audiences and collaborate effectively with IT teams and stakeholders.

* Understanding of the current and emerging threat vectors and adversary Tactics, Techniques, and Procedures (TTPs).

* Drive maturity in process improvement and process documentation leveraging best practices.

* Strong knowledge of attack classes (i.e., passive, active, insider, close-in, distribution attacks).

* Strong knowledge of attack concepts (i.e., PTH, phishing, drive by, watering hole, malvertising, vishing, smishing, kerberoasting).

* In-depth understanding of cloud service models.

* Expert in common security tooling.

* Understanding of cyber attackers (i.e., script kiddies, insider threat, non-nation state-sponsored, and nation sponsored).

* Understanding of Cyber Kill Chain, attack lifecycle, attack vectors, and methods of exploitation.

* Proficient in cybersecurity nomenclature.

* Advanced in Intrusion Detection System (IDS) tools.

* Expert in malware identification, analysis concepts and methodologies, capturing, containing, and reporting.

* Well-versed in network security architecture concepts including topology protocols, components, principles, and technologies.

* Deep understanding of OSI model and underlying network protocols.

* Skilled in system administration, network, and operating system hardening techniques.

* Skilled in system and application security threats and vulnerabilities (i.e., buffer overflow, mobile code, cross site scripting, procedural language/structured query language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

* Strong knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.

* Understanding of Active Directory components.

* Recognizing and categorizing types of vulnerabilities and associated attacks.

* Experience reading PCAPs, programming, scripting, and log analysis.

*Capable of mentoring junior levels on offensive and defensive techniques.

*Manage security projects and resources.

*Identify security gaps and recommend solutions to correct.

*Able to teach cyber defense orchestration and response leadership techniques.

*Able to lead, direct, and teach Incident Response.

*Understand requirements for forensic activity across multiplatform variations, such as VDI, AVD, physical, persistent, and non-persistent connections.

*Identifies and helps solution visibility gaps.

*Identifies and helps solution training gaps.

*Provides oversight and direction on critical cases worked by junior members.

* Ability to handle high pressure situations.

*Ability to work under stress in emergencies.

*Problem solving / analytical skills.

* Attention to detail.

*Continuous learning mindset.

* Curious in nature.

* Customer focus and the ability to manage customer expectations.

*Demonstration of sound judgement.

*Oral and written communications.

*Organized and detail oriented.

*Experience with enterprise incident handling.

Preferred Job Qualifications:

* Bachelor’s OR Master’s Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience.

* Relevant experience in the field of Cyber Defense.

* Abides by ISC2 Code of Ethics.

* Can-do mindset and attitude.

* Continuous learning and development mindset.

* Security Certifications Preferred (Including but not limited to the following certifications):

Cybersecurity Nexus (CSX) Practitioner
Certified Incident Handler (GCIH)
GIAC Experienced Incident Handler (GX-IH)
Certified Intrusion Analyst (GIAC)
Offensive Security Certified Professional (OSCP)
GIAC Defending Advanced Threats (GDAT)
Certified Expert penetration tester (CEPT)
GIAC Cloud Penetration Tester (GCPN)
Certified Information Systems Security Professional (CISSP)
Networking Certifications (CCNA, etc.)
Platform Certifications (Microsoft, Linux, Solaris, etc.).
CompTIA Security+
CompTIA Cybersecurity Analyst+ (CySA+)
Certified Ethical Hacker (CEH)
Licensed Penetration Tester (LPT)
Computer Hacking Forensic Investigator (CHFI)
Cisco Certified CyberOps Associate

#LI-ES1

#LI-Hybrid

INCR

HCSC Employment Statement:

We are an Equal Opportunity Employment / Affirmative Action employer dedicated to providing an inclusive workplace where the unique differences of our employees are welcomed, respected, and valued. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other legally protected characteristics.

Job Tags

Full time, Work experience placement, Relocation,

Similar Jobs

NovaCare Rehabilitation

Certified Athletic Trainer Job at NovaCare Rehabilitation

 ...NovaCare Rehabilitation is hiring a Certified Athletic Trainer (ATC) in Benton, IL, to support athletes at Benton Consolidated High School. Responsibilities include providing athletic testing, injury prevention, and supervising sports performance programs. The position... 

Diversified Transfer and Storage, Inc.

Class A Over The Road Driver Job Job at Diversified Transfer and Storage, Inc.

 ...JobDiversified Transfer & Storage, one of the best paying trucking companies, is looking for experienced drivers to deliver temperature sensitive...  ...to supporting our drivers on the road and off. From the top down, if you need help on the road, we have 24 hour... 

DeliverThat

Independent Same Day Catering Delivery Driver Job at DeliverThat

 ...Join DeliverThat, a company founded by drivers, for drivers, with a mission to...  ...just a "number." We're looking for independent contract delivery drivers nationwide to handle same-day...  ...earnings JOB TYPE 1099 Independent Contractor Join DeliverThat and experience... 

Heart Light Pharmacy

Medical Courier Job at Heart Light Pharmacy

 ...ages 21 and over welcome! 15-25 hours per week working 4-8 hour days. Company car and gas provided. Job responsibilities: Deliver medical products to hospitals or medical offices in northeast Ohio Provide friendly service to customers Qualifications: Must have... 

Sodexo

Resident District Manager Job at Sodexo

Unit Description: Do you enjoy a high energy, fast paced environment? Sodexo Campus Dining has an opportunity for a Resident District Manager for Minnesota State University-Mankato. **Relocation Assistance is available!** Reporting to the District Manager, our RDM...