Job Description
Scope:
Responsible for the investigation, analysis, and response to suspicious behavior, attacks, and security breaches within the company’s environments using various cyber defense tools to identify and mitigate threats. Lead new initiatives and evaluate security posture to ensure compliance with enterprise security policies and regulatory compliance requirements.
Duties and Responsibilities:
- Utilizes endpoint security tools such as Bitdefender Anti-Virus (NGAV), Endpoint Detection and Response (EDR), and Security information and event management (SIEM)
- Work with MedWatch Network Administrator and managed service provider to ensure best practices for patching, disaster recovery plans, incident response, group policy, O365 Security and Compliance, Firewall Policies, and backup strategies.
- Plans, schedules, implements, and maintains scalable vulnerability scans using modern vulnerability management scanning tools.
- Works with MedWatch Compliance Officer and IT Management to address a risk-based internal audit strategy that complies with professional standards.
- Manages the social engineering awareness campaign to educate end users on risk avoidance.
- Produce and publish accessible, reusable, high-quality documentation for our security controls.
- Collaborate extensively with vendors on industry trends to advise on latest security posturing/modeling.
- Manage MedWatch’s Vendor Security Assessment program as required by federal regulations.
Requirements/Skills:
- Three to five years of experience in a Security Analyst or related position
- Three to five years of experience in a system engineering or related position
- Three to five years of experience with SIEM solutions
- Experience with enterprise technologies such as Microsoft Cloud infrastructure; Active Directory, DNS, DHCP, Certificate Servers
- Understanding of Microsoft's enterprise technology platform, including SQL, Microsoft 365 Services, Group Policy and the Windows server and desktop operating systems.
- Working knowledge of various cybersecurity frameworks such as NIST, SOC, etc.
- Demonstrated work experience that would indicate expertise in cybersecurity controls.
- Understanding of enterprise-class networking technologies such as firewalls, routers, switches, wireless access points, and VPNs.
- Able to problem solve and have a desire to learn.
- Strong writing skills, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff.
Education:
- A four-year college degree or equivalent industry training and certifications
Experience:
- Minimum of one year managing projects
- Minimum of one year developing processes and procedures preferred.