Cyber Security Analyst/Eng, Sr

Position Summary:

Applies practical cyber security knowledge to develop new detective measures and practices to protect the organization

Responsibilities:

• Serve as subject matter expert supporting multiple disciplines of information security including architecture, standards, solutions design and implementation.
• Perform complex problem resolution and maintains technical reference library.
• Design and implement security solutions
• Partner with project teams to ensure that security is designed in all technology initiatives
• Research, analyze, and recommend the implementation of software or hardware changes to rectify any infrastructure security deficiencies or to enhance security performance
• Provide ongoing engineering support for security systems including firewalls, virus protection systems, Web filters, computer forensic systems and network, and host-based intrusion detection and prevention systems
• Maintain up to date knowledge of security laws, principles and practices.
• Stay current with emerging threats and trends.
• Assist teams in various security and privacy risk mitigation efforts; including incident response.
• Conduct forensic investigations for HR, Legal, or incident response related activities.
• Perform data analysis and threat research/hunting activities.
• Perform vulnerability assessments, security testing, and working with the operations and development teams on remediation and mitigation of findings
• Develop and document security standards, configurations and procedures.
• Conduct risk assessment and audit on the organization’s information technology infrastructure
• Identify cyber security threats and communicate to stakeholders
• Mentor and train junior team members
• Develop and implement information security awareness educational programs, conduct seminars and workshops when needed.
• Ability to work individually and on team projects in an environment of teamwork and cooperation.
• Ability to be available 24/7 in case issues arise
• Perform other related duties as required.
• Maintain reasonably regular, punctual attendance consistent with Orlando Health policies, the ADA, FMLA and other federal,state and local standards.
• Maintain compliance with all Orlando Health policies and procedures

• Technical proficiency in network security, application security, vulnerability management, forensics, incident response and penetration testing.
• Demonstrated proficiency in network security concepts, such as security event correlation, TCP/IP concepts, DNS, firewall technologies, IPS/IDS, Endpoint protection (antivirus), routers, switches, perimeter security devices, two factor authentication, encryption and PKI as well as IPSEC and SSL based VPN solutions.
• Knowledge of security vulnerability concepts, viruses, Hoaxes, Phishing, CSS, Buffer overflows, hacking, backdoors, rootkits, patch management and hardening.
• Perform selected cyber security and network performance tuning activities to enhance the performance of the cyber security resources.
• Prepare and analyze statistics on selected cyber security tools and networks including utilization and availability.
• May instruct and train junior staff in the installation of selected hardware and software, the performance of routine maintenance, and the application of vendor updates to software.

Qualifications:

Education/Training

Bachelor’s degree required. Associate’s degree and two (2) years of directly related work experience may substitute for the Bachelor’s degree (in addition to the requirements listed in the Experience section). Four (4) years of directly related work experience may also substitute for the Bachelor’s degree (in addition to the requirements listed in the Experience section).

Required: CISSP plus three (3) more Security related certifications (GIAC / SSCP /EnCE / CEH / Linux+ / CCNA/ CCNP /Net+ / Security+/ ETC…).

Eight (8) years’ experience in Information Technology, including five (5) years of Cyber Security related experience.