Job Information
Trinity Health Senior Cyber Threat Detection Analyst (REMOTE) in Livonia, Michigan
Employment Type:
Full time
Shift:
Description:
Trinity Health's Enterprise Information Security group is seeking to add more experts to our cyber security program. We are looking for experienced individuals who have demonstrable experience configuring security monitoring tools in support of the ongoing development and refinement of advance analytic models to detect cyber security threats ranging from sophisticated malware to employee misuse. This position will work on a team of dedicated cyber security professionals reporting directly into the Security Operations Center manager. As part of a growing cyber security program, you will have an opportunity to put your skills to the test in defending a large enterprise network and safeguarding information assets while supporting the needs of our patients, physicians, colleagues and other key stakeholders.
The primary responsibilities include defining data collection requirements, developing and testing analytic models, measuring the detection success rate, and refining the model to improve accuracy. The development of analytic models will require the application of Boolean logic, statistical methods, data mining concepts, and behavior-based machine learning techniques. This position will work closely with the cyber threat intelligence team to understand emerging threats, security monitoring, and incident response teams to identify log collection requirements.
POSITION AVAILABLE AS A 100% REMOTE OPPORTUNITY
Enterprise Information Security continues to expand its capabilities and is looking for a Senior Cyber Threat Detection Analyst. This position will support cybersecurity incident monitoring/detection across Trinity Health and its Ministry organizations.
POSITION PURPOSE
Senior Cyber Threat Detection Analyst will apply advanced experience, technical knowledge, and skills in support of security monitoring capabilities.
Knowledge and administration are desired in the following platforms is desired:
CRIBL
SIEM - QRadar
SOAR – Palo Alto XSOAR
ServiceNow
UEBA - Exabeam
Datalake
ESSENTIAL FUNCTIONS
Knows, understands, incorporates, and demonstrates the Trinity Health Mission, Vision, and Values in behaviors, practices, and decisions.
Subject matter expert for onboarding SIEM components.
Interfaces with external MSSP to help develop detection rules.
Supports Incident Response, Cyber Threat Intelligence and Red Teams to create advanced alerts and detections to increase security efficacy, supporting compliance and audit requirements.
Create and manage UEBA watch lists for current threats.
Perform SIEM administration, health checks, software upgrades, updates and patches as needed while maintaining data log integrity.
Configure backups, verify custom reports, manage log source groups, and validate log sources
Add/Remove log sources. Troubleshoot log source issues with systems owners or vendor.
Assists in the development of SIEM/logging architecture plan with a cybersecurity focus to assure integration and support of overall business requirements and strategic business objectives.
Self-development through self-study to increase levels of expertise as subject matter expert for understanding, designing, and implementing network security solutions using best practice approach.
Educates and mentors peers.
Performs other duties as assigned.
Maintains a working knowledge of applicable Federal, State and local laws/regulations; the Trinity Health Integrity and Compliance Program and Code of Conduct; as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior.
MINIMUM QUALIFICATIONS
Bachelor’s Degree with at least four (4) years of related experience in infrastructure environments performing enterprise level network security management.
Must be available for on-call rotations to support 24x7x365 service availability.
Related experience with cybersecurity system monitoring, including event correlation through Security Information Event Management system (SIEM) is preferred.
Must possess experience in creating technical documentation, network diagrams, and job-aids with Microsoft applications Visio, Word, Excel and PowerPoint.
Ability to work independently, manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects & workload.
Must be able to set and organize one's own work priorities and adapt to them as they change frequently.
Relevant industry certification is preferred (CISSP, GCDA, GCIA, GCIH, GSOM, GSOC, GDSA, GCIH, CEH, CCNP or CCSE).
Must be team oriented, supportive, and committed to excellence and possess a high level of initiative and self-motivation with a demonstrated work ethic.
Must be committed to continual personal and professional growth, possess a pro-active approach with a willingness to “go the extra mile” every time for the customer.
Must be comfortable operating in a collaborative, shared leadership environment.
Must possess a personal presence that is characterized by a sense of honesty, integrity, and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals, and values of Trinity Health.
PHYSICAL AND MENTAL REQUIREMENTS AND WORKING CONDITIONS
This position operates in a typical office environment. The area is well lit, temperature-controlled and free from hazards.
Incumbent communicates frequently, in person and over the telephone, with people in a number of different locations on technical issues.
Manual dexterity is needed in order to operate a keyboard. Hearing is needed for extensive telephone and in person communications.
The environment in which the incumbent will work requires the ability to concentrate, meet deadlines, work on several projects at the same period and adapt to interruptions.
The incumbent must be capable of traveling in the course of completing project assignments.
Must be available for on-call rotations to support 24x7x365 service availability.
Must be able to travel to the various Trinity Health sites (up to 10%) as needed (may or may not apply)
Our Commitment to Diversity and Inclusion
Trinity Health is one of the largest not-for-profit, Catholic healthcare systems in the nation. Built on the foundation of our Mission and Core Values, we integrate diversity, equity, and inclusion in all that we do. Our colleagues have different lived experiences, customs, abilities, and talents. Together, we become our best selves. A diverse and inclusive workforce provides the most accessible and equitable care for those we serve. Trinity Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other status protected by law.
Our Commitment to Diversity and Inclusion
Trinity Health is a family of 115,000 colleagues and nearly 26,000 physicians and clinicians across 25 states. Because we serve diverse populations, our colleagues are trained to recognize the cultural beliefs, values, traditions, language preferences, and health practices of the communities that we serve and to apply that knowledge to produce positive health outcomes. We also recognize that each of us has a different way of thinking and perceiving our world and that these differences often lead to innovative solutions.
Our dedication to diversity includes a unified workforce (through training and education, recruitment, retention, and development), commitment and accountability, communication, community partnerships, and supplier diversity.
EOE including disability/veteran