Security Operations Analyst - Remote

Healthcare Without Rival

Premise Health is the world's leading direct healthcare provider and one of the largest digital providers in the country, serving over 11 million eligible lives across more than 2,500 of the largest commercial and municipal employers in the U.S. Premise partners with its clients to offer fully connected care – in-person and in the digital environment. It operates more than 800 onsite and nearsite wellness centers in 45 states and Guam, delivering care through the Digital Wellness Center and onsite, nearsite, mobile, and event solutions. 

Premise delivers value by simplifying complexity and breaking down barriers to give diverse member populations access to convenient, integrated, high-quality care. We offer more than 30 products, delivering the breadth and depth of care required to serve organizations' total populations. The result is healthcare that meets the needs of members and their families, helping them live healthier while lowering costs for organizations. 

Premise offers a wide range of dynamic, purpose-driven career opportunities. We are currently looking for a Security Operations Analyst to join our team in remotely. 

About the role: The Security Analyst is the first line of defense in the organization’s security team.  Analysts are responsible for monitoring the systems at Premise Health for potential intrusions and investigating violations.  The Security Analyst will be responsible for documenting security incidents and their impact.  An Analyst will interact with multiple departments and assist support personnel in determining remediation methods on systems. Analysts will also be responsible for the development and collection of data for departmental metrics including but not limited to, data visualization for presentations.  The Analyst may be asked to assist in Purple Team exercises, research security trends and provide recommendations based on current industry trends.

Essential Functions:  

• Monitors the organization’s networks and systems for security incidents and investigates using a variety of tools including SIEM, EDR, Operating System, Content Filtering and firewall logs
• Performs triage and initiates incident response procedures
• Prepares reports that document security incidents, restoration and remediation activities
• Monitors ticket queues for incidents and requests. Complete tickets as they pertain to the department.
• Researches the latest information technology (IT) security trends
• Helps plan and carries out the organization’s security policies and procedures
• Develops security standards and best practices for their organization
• Recommends security enhancements to management or senior staff
• Helps computer users when they need to learn about new security products and procedures
• Participates as needed in documenting security standards, guidelines, policies and procedures.
• Creates reusable security artifacts.
• Able to participate on an on-call rotation.
• Performs other duties as assigned.

Job Requirements: 

• BS degree in Engineering, Computer Science, Information\Cyber Security, or Information Systems preferred.
• Professional certifications such as Security+, Network+, CCNA, GCIH, GCIA, CCNA, or CISSP preferred.
• 2 – 4+ years of experience as a Security Analyst
• Demonstrable experience with investigating and determining issues via operating system and networking log review
• Experience with 1 or more programming or scripting language such as Python, Bash, PowerShell preferred
• Will consider any applicable IT and/or formal or informal training in IT and security

Preferred Experience:

• Knowledge of cyber security frameworks and methodologies, such as Mitre ATT&CK, NIST CSF and others.
• Advanced Expertise in Incident Response, Detection Engineering, Network Forensics, and Cloud Security
• Ability to follow operational playbooks, as well as assist in maintaining and optimizing playbooks
• Strong understanding of IT operations: help desk, end-point management, and server management
• Ability to analyze data and communicate findings to users, technical staff, and upper management.
• Attention to detail
• Good written and verbal communication skills
• Ability to effectively network, participate in interdepartmental teams, and develop key working relationships
• Strong understanding of Security Operations concepts: perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment, and security metrics
• Understanding of TCP/IP networking, such as: IP addressing, subnet masks, basic IP routing, TCP/UDP
• Strong understanding of basic visualization techniques preferred

Work-life balance is at the foundation of how decisions are made and where Premise is headed. We can only help people get, stay, and be well if we do the same for ourselves. In addition to competitive pay, Premise offers benefits packages including medical, dental, vision, life insurance, 401(k), paid holidays and vacation time, a company-sponsored wellness program, and much more our talent acquisition team will be happy to share with you. 

Premise Health is an equal opportunity employer; we value inclusion, and we do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status or disability status.

For individuals living in California, Colorado, Washington; as well as, for individuals living in or reporting to New York State only, Premise Health is required to  include an estimate of the salary and benefits for this role. While a number of factors influence salary, our estimated California, Colorado, Washington, and New York compensation is $80,000 - $100,000. Please note, this is a general guideline and your experience qualifications, geographic location, and other factors will be taken into consideration. For more information regarding the benefits we offer, please visit our career site, jobs.premisehealth.com/benefits.