System Security Analyst III
Capital BlueCross
PA
hace 6 días

The Systems Security Analyst III role is responsible for incident response, vulnerability management, product support / deployment, and more.

This role is ideal for candidates seeking to gain strong exposure to multiple areas of Information Security. Candidates for this position must enjoy working as a member of a technical team, be innovative, and have the ability to strategically problem solve.

  • Incident Response : Perform incident response via levering security solutions deployed within organization and its counterparts.
  • The analyst shall be able to leverage solutions such as our SIEM, SOAR EDR, Anti-virus, NDR, email filters, web filters and more.

    This role, will require an understanding of basic static / dynamic malware analysis along with packet analysis. A successful candidate must be able to correlate events from solutions in order to successfully respond to an incident.

  • Vulnerability Management : Conduct a variety of vulnerability management duties while working in conjunction with other staff members and departments for proper resolution.
  • A successful candidate must have a strong understanding of vulnerability scanning and managing the assignment vulnerabilities in an automated manner.

    Experience with Tenable.io or similar, ServiceNow Vulnerability Response, or patch management experience is a plus.

  • Product Support : Provide support for a variety of Information Security assurance and forensics tools such as SIEM, SOAR, EDR, Anti-virus, NDR, email filter, web filter, etc for the purpose of general administrative maintenance and configuration maturity.
  • Security Assurance : Conduct a variety of assurance activities including being involved with external and internal audits.
  • Participating in security policy, standards, and procedure meetings for purpose of continued security maturity.

  • Security Maturity : Analyze manual Information Security functions and provide recommendations for automated improvements to Information Security management.
  • Leadership

    Passion for information security and willingness to influence peers from a knowledge growth perspective.

    Skills :

  • Ability to identify obfuscation and perform de-obfuscation in various forms
  • Forensic experience (Supporting products similar to FireEye, Access Data or Encase)
  • Networking background (CompTIA Network + or similarCisco)
  • Vulnerability Management Exposure ( Tenable Nessus, Tenable i.o or similar scanners, Kenna Security Analytics)
  • SSL Decryption and or Data Recording exposure
  • Security Benchmarking (Similar to NIST, CIS)
  • Experience

  • Hands-on experience Experience with incident response best practice and the MITRE attack framework
  • Hands-on Experience with FireEye product line or similar solutions such as or CrowdStrike is a plus
  • Hands-on Experience with packet capturing and analysis
  • Hands-on Experience with basic static and dynamic malware analysis
  • Hands-on Experience with vulnerability scanners such as Tenable.io / Nessus or similar
  • Hands-on Experience with vulnerability management solutions such a ServiceNow Vulnerability Response or similar
  • Hands-on Experience with and exploit frameworks such as Metasploit, Cobalt Strike / Armitage
  • A Bachelor’s degree in Computer Science or related field; and a minimum of four five years I / T experience; or an equivalent combination of experience and education.
  • Analyze, validate, and maintain security controls put in place as a result of ongoing evaluations, including maintenance and monitoring, metrics, vulnerability analysis, patch management, logging, and identity management.
  • Knowledge of recommended information security controls including HIPAA, HITECH, SASAE, SB712
  • Demonstrated knowledge of project management techniques
  • Must possess strong problem resolution skills, while under severe time constraints. Desire to automate and create process improvements to support IT controls and processes.
  • Ability to effectively listen and communicate in order to present technical concepts to audiences of all levels both verbally and in writing.
  • Communication may include oral presentations and / or written documents.

  • Ability to prioritize and complete assignments independently in a rapidly changing and dynamic work environment along with good organizational skills.
  • Familiar with the CBC business environment in order to effectively support end user requirements.
  • In depth technical understanding and work experience in support of security assurance tools such as logging and monitoring, URL Content Filtering, Web Application Scanning, Federated Identity Management, etc.
  • Ability to provide 24-hour on-call assistance to support customers and IT initiatives.
  • Education

  • Degree within Computer Science, Information Security or related field.
  • ISC2) CISSP, GIAC or similar

  • CompTIA Security +
  • CompTIA Network + or similar certification or knowledge of routing and switching
  • Capital BlueCross is an independent licensee of the BlueCross BlueShield Association. We are an equal opportunity / affirmative action employer and do not discriminate on the basis of race, color, religion, national origin, gender, sexual orientation, gender identity, age, genetic information, physical or mental disability, veteran status, or marital status, or any other status protected by applicable law.

    Reportar esta oferta
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación