Senior Cyber Security Analyst – Intel

Website Sutter Health

Position Overview:

The Senior Cyber Security Analyst (SCSA) is responsible for providing data security support and guidance to Sutter Health regions and affiliates. The SCSA will represent the Information Security Department on project teams and other Privacy Investigation (PI) and Information Security (IS) initiatives and will work with other IS operations support departments to identify and recommend solutions on security-related issues. Provide hands-on security administration of a broad range of security duties and requires a high level of technical experience. Duties and responsibilities include, but are not limited to, oversight of design, engineering, analysis, research, testing and monitoring. The SCSA will also serve as a senior advisor to the Chief Information Security Officer, Cyber Security Manager and Sutter Health affiliates. This is a technical position on the Information Security Team.

The Vulnerability Management & Threat Intelligence (VMTI) group is responsible for the program of vulnerability management, threat intelligence, penetration testing, and red/blue teaming services to support the Cyber Security Operations Center (CSOC). Positions in this group represent the Privacy and Information Security department under the office of general counsel, and will work with their leadership, technical operations and other groups to proactively identify, quantify, and report vulnerabilities and threats throughout the organization.

Below are the specific concentrations and responsibilities for positions in the VMTI group:

Vulnerability Management:

  • Performing and reporting vulnerability scanning operations
  • Working with key stakeholders to remediate vulnerabilities
  • Coordinating threat hunting campaigns and missions>
  • Supporting penetration testing services with internal and external stakeholders
  • Coordinating and executing of purple teaming exercises with IR Team resources
  • Facilitating of Cyber Threat Simulation Exercise

Threat Intelligence:

  • Conducting cyber threat intelligence researches and assessments
  • Tracking threat actors and campaigns
  • Maturing the intelligence development process, procedures, and techniques
  • Engaging internal and external entities to gather cyber threat intelligence
  • Supporting in penetration testing services with internal and external stakeholders
  • Facilitating Cyber Threat Simulation Exercises
  • Performing researching and analysis on threat actors
  • Grafting cyber threat intelligence reports
  • Gathering cyber threat intelligence data from various entities
  • Researching the Dark Web
  • Writing technical articles
  • Understanding the different between threat data vs information

Penetration Testing:

  • Coordinating penetration testing services with internal and external stakeholders
  • Delivering pen-test engagements via out hands-on keyboard
  • Coordinating and executing purple teaming exercises with IR Team resources
  • Coordinating and executing red team projects
  • Supporting vulnerability scanning operations
  • Facilitating Cyber Threat Simulation Exercises

Qualifications:

Education, Licensures and Certifications

  • Bachelor’s degree in Business, Cyber Security, Risk Management, Information Technology, Computer Science or related field or the equivalent education/experience required.
  • Certified Information Systems Security Professional – CISSP is preferred

Experience

  • Previous experience as an IT Security Analyst or related field as typically acquired with 3-5 years in a similar position is required
  • Healthcare information technology industry experience is strongly preferred

CLICK HERE FOR DETAILS

To apply for this job please visit jobs.sutterhealth.org.