Key Facts

Remote From:

Full time

Mid-level (2-5 years)

English

Hard Skills

Microsoft Azure Internet Protocols Suite Firewall Linux Encryption SQL Injection Denial-Of-Service (DoS) Attacks IDS InfoLease (Asset Finance Technology) Security Implementation Microsoft Operating Systems +41 more

Other Skills

•
Non-Verbal Communication
•
Collaboration
•
Leadership
•
Social Skills

MEDHOST

About MEDHOST

MEDHOST is a provider of market-leading enterprise, departmental and healthcare engagement solutions to healthcare facilities nationwide. Our integrated product portfolio includes intuitive, cloud-based solutions, including YourCareEverywhere, a robust health and wellness consumer engagement platform. Our broad offering of hosting, outsourcing, marketing and consulting services are changing how clinicians and hospital leaders work and collaborate, while generating notable operational improvements. MEDHOST delivers value by enabling hospitals of all types and all sizes to better manage the business of healthcare across the care continuum while meeting evolving regulatory requirements.

Founded: 2018

Company size: 501 - 1000

Website LinkedIn See all jobs →

Job description

Experience:

2 - 4 years of experience in Security Operation Center (SOC), Cyber Security, and Information Security within an enterprise environment.
Experience with Windows and Linux, server and application hardening process.
Experience supporting one or more information security technologies.
Mandatory experience in Azure, EDR, XDR (Crowdstrike, Windows Defender), SOAR, SIEM Tools (e.g., Splunk, Rapid7, ArcSight, McAfee Nitro), Palo Alto, Cisco and one of the following: IDS/IPS, database activity monitoring, multi-factor authentication, web content filtering, encryption, and encryption key management, DLP, change detection.
Working knowledge of TCP/IP stack & familiarity with common protocols e.g., HTTP, FTP, SMTP, DNS.
Familiarity with network and application threats such as DoS/DDoS, SQL injection, XSS, reconnaissance scanning, and methods to avoid detection.
Working knowledge of compliance, and regulatory requirements, such as Payment Card Industry (PCI), Sarbanes-Oxley (SOX), and Healthcare Information Privacy Protection Act (HIPAA).
Experience with vulnerability scanning tools such as Nessus, Acunetix, Qualys, or Metasploit a plus.
Have scripting experience with Bash, PowerShell, or Python and the ability to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts.
Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain.
InfoSec certification are a plus such as CISSP, CompTIA Security+, GIAC Security Essentials, & CEH
Have strong oral and written communication skills Strong interpersonal and leadership skills.

Responsibilities:

Triage security incidents identified by SOC analysts.
Identify enhancement to rule sets and other tool optimization to automate reporting and reduce false positives in unified SIEM and review with manager / senior team members for implementation.
Coordinate with SOC manager to escalate security issues to other business units including solutions development, customer hosting and corporate IT.
Collaborate with business units to prioritize vulnerability remediation and execution of planned activities.
Subscribe to threat intelligence services and monitor vendor alerts for major vulnerability disclosures.
Monitoring of advanced security tools, perform analysis of dissimilar indicators, correlation of multiple sources, alert & coordination of security incidents across the environment.
Review & analyze system logs and third-party management products to preemptively detect, take defined corrective actions and alert process/system owners to new issues.
Assist with creation and maintenance of security incident response procedures.
Participate in research and assist implementation of security tools used by SOC team.
Assist SOC manager with dashboards and business reporting.
Ready to work in rotational 24/7 shift.