Job Description: Under the general supervision of the Manager-Cybersecurity Operations, provides advanced level technical knowledge and expertise with system and network security. Makes enhancements to existing monitoring and security operations. Contributes to a continuous monitoring program framework. Monitors established network and security policies, procedures, and standards to ensure conformance with information services objectives. Develops and maintains various daily reports for audit review (security and change management). Participates with the deployment and operation of information security systems, including integration, testing, troubleshooting, and updating/upgrading of various security tools and appliances such as anti-virus, IPS, malware detection tools, DLP, Identity and access management and encryption tools. Is a key participant/operator in incident response activities to include incident reporting, enterprise coordination, incident resolution management, isolation activities, containment, eradication and recovery activities, and provides forensic analysis for incidents. Coordinates with peers in the organizations outside of the system to form relationships to share incident activity and enhance strategic and tactical protection posture.Duties and Responsibilities Provides appropriate updates and metrics to leadership regarding security event handling, trends, analysis, incident response resolutions and lessons learned
Monitors information systems and services to audit and maintain security controls to ensure compliance with regulatory policies and industry best practices.
Identifies potential security gaps and articulates enterprise risk.
Makes enhancements to existing monitoring and security operations, based on identified risks.
Responsible for writing the architectural and functional specifications including, but not limited to overall system design, applications, and/or operating system environments as it relates to security and data flows.
Meets defined deliverable deadlines for projects and other assignments.
Provides advanced expertise around the analysis of malware, suspicious emails, and writes protection signatures.
Possesses advanced knowledge of common application-level protocols (i.e. SMTP, SSH, HTTPS, FTP) and network fundamentals (routing, switching).
Advanced understanding of Linux and/or Windows administration.
Advanced scripting knowledge (i.e. Bash, VBScript, Perl, PHP, etc.)
Strong attention to detail with an analytical mind and outstanding problem-solving skills.
Advanced awareness and understanding of cybersecurity trends and hacking techniques.
Provides advanced technical support, to ensure that critical and urgent support cases are handled appropriately.
Ability to troubleshoot both cybersecurity and network issues.
Provides consultation on complex projects and is the top-level contributor/expert.
Identifies malicious, illegal or any other activity that does not fit within the System IT Policy guidelines and reports to leadership.
Participates in tactical efforts to stem attacks and malicious activities.
Provides after hours, on-call support as needed
Other combinations of formal education, training and experience may be considered.
5 or more years of Information Technology experience with 3+ years of enterprise information system security experience.
Experience with Firewall implementation and administration.
Associate's Degree preferred.
Preferred Experience: Prior experience in banking, government or health care security procedures, matrix specifically with a network and/or security engineering focus
Registration: CISSP, ISSA, CCSP or related security certification(s)
Excellent interpersonal and written communication skills.
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
WellSpan Health is an Equal Opportunity Employer. It is the policy and intention of the System to maintain consistent and equal treatment toward applicants and employees of all job classifications without regard to age, sex, race, color, religion, sexual orientation, gender identity, transgender status, national origin, ancestry, veteran status, disability, or any other legally protected characteristic.