The Lead Cyber Security Analyst will be a key member of Cyber Defense Operations and Engineering (CDOE) team. Lead efforts in the detection of security events while assisting with the response to key events. Acting as an escalation point for major security incidents, liaising with the cybersecurity incident response, and other stakeholders from incident inception to remediation. Interface with other teams across the Company. Ensure compliance with internal and regulatory policies, while applying industry best practices and standards.
- Provide subject matter expertise (SME) for security solutions.
- Develop and document solution processes, procedures, and information workflows around security event management and cyber security operations.
- Monitoring and responding to security events that could impact the confidentiality, availability, and integrity of critical information security systems.
- Contributor to the IT Security Incident Response efforts across the organization.
- Provide training, mentoring, and coaching to the IT Security Team by understanding the core businesses and environment as well as the technology solutions supporting them.
- Implementation of security standards and security baseline.
- Analyze and recommend action on security related incidents
- Track and maintain operational security metrics
- Review and approve access requests
- Participate in investigating possible security violations
- Interface effectively in key relationships, including IT peers (e.g. IT Operations, Enterprise Architecture, etc.) internal business partners (e.g. Compliance/Privacy, Legal, Corporate Communications, etc.), key external clients (e.g. service providers, external partners, etc.) and other leaders and partners within IT and the broader enterprise.
- Apply a methodology to help identify key security events.
- Develop and publish key metrics for the team to illustrate value and accountability
- Coordinate and present SOC briefings on a regular basis.
- Correlate threat intelligence with active attacks and vulnerabilities within the enterprise.
- Analyze security events collected by our LogRhythm Security Incident and Event Monitoring (SIEM), Splunk as well as other tools, and identify trends, attacks, and potential threats.
- Maintain a current knowledge of information security vulnerabilities, threats, and exploits.
- Provide Governance over Firewalls, Proxies, and Endpoint Security Solutions
- Supervise Security Specialists in our Global Information Center (GIC)
- Next Generation endpoint protection technology is a plus (CrowdStrike and Cylance)
- Host Intrusion Detection Service (HIDS)
- Application Whitelisting/Blacklisting
- Endpoint File System Encryption
- Detection/monitoring/response (e.g. Threat Detection, Realtime vulnerability visibility)
- An in-depth understanding of iOS, Android, Windows, MacOS and Unix internals
- OS Security Hardening for iOS, Android, Windows, MacOS and Unix
- Experience with using the command line interface (Unix, Linux, and Windows)
- Experience working in a Security Operations Center (SOC) environment
- Demonstrate proficiency in applying HIPAA/PCI security rules and National Institute of Standards and Technology (NIST) standards
- Requires understanding of Public Key Infrastructure (PKI), encryption, network security controls tools and functionalities
- Excellent written and verbal communications, including presentation skills, are important to be successful in this role. Proven ability to effectively communicate with all levels of the organization, as well as with external parties.
- Demonstrated ability to influence a larger team to perform towards the same goal.
- Highly analytical and methodical, with strong problem-solving ability on complex subjects.
- Highly productive and resourceful, carries “Can do” attitude in approaching challenges, and a true self-starter.
- Demonstrated understanding of, and experience with, current Incident Response best practices and standards.
- Inherent passion for information security and service excellence.
- Ability to communicate professionally and efficiently both verbally and in writing.
- Deep knowledge of security issues, techniques, and implications across multiple technology platforms.
The above information is intended to describe the most important aspects of the job. It is not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required performing the work. Due to the evolving nature of this security domain, responsibilities and priorities may be updated as business needs dictate.
Join us for competitive benefits and development opportunities in a progressive and supportive environment. Help us improve our service, and the experiences of our patients and colleagues. Work with us and together we can be better.
Your Quest career. Seek it out.
All requirements are subject to possible modifications to reasonably accommodate individuals with disabilities. Quest Diagnostics is an Equal Opportunity Employer: Women / Minorities / Veterans / Disabled / Sexual Orientation / Gender Identity or Citizenship.
- Address Mason, OH
- Experience Level Junior
- Total Years Experience 0-5