Baylor Scott & White Health
Sr. Incident Response Engineer
Baylor Scott & White Health, Austin, Texas, 78716
JOB SUMMARY The Sr. Incident Response Engineer will take on the lead cyber security incident responder role on the Baylor Scott & White Health cyber defense team. This role will be responsible for leading the incident response capabilities of the organization by developing and improving runbook procedures to mitigate risk and enhance incident response processes. The Pay range for this position is $56.02/hour ($116,521 annualized) for those with entry-level qualifications up to $100.75/hour ($209,560 annualized) for those highly experienced. The specific rate will depend upon the successful candidate's specific qualifications and prior experience KEY RESPONSIBLITIES Conduct security investigations and lead security incident response in cross-functional environment and drive incident resolution Actively call and lead security incident bridges and coordinate internal incident response efforts between operations team, and managed security services. Develop Incident Response initiatives that improve our capabilities to effectively respond and remediate security incidents Expand SIEM program, ensuring log coverage, alert development, and process improvement. Partner with cyber threat intelligence, the vulnerability management team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect, respond to, and remediate vulnerabilities Support broader security operation initiatives both within the cyber defense team, and within engineering and operation departments across the organization Be a security liaison and enabler to Managed Service counter parts. Create and improve security playbook for a variety of incident and compromise types for all levels of engineers and stakeholders. KEY SUCCESS FACTORS More advanced leadership, problem solving, team building, and judgment-making skills. Skilled project manager with ability to articulate business needs. Excellent written, verbal, and social communication skills. Proficient computer software and database skills. Ability to focus and prioritize strategic targets and work in a growing and challenging environment. Drives long term planning and strategic portfolio vision creation for improvements and strategies, with oversight from Director and VP as needed Knowledge of interdependencies of healthcare landscape and its influence on portfolio Establishes external relationships with other thought leaders in healthcare IT Maintains a broad knowledge of state-of-the-art technology, equipment, and systems. BENEFITS Our competitive benefits package includes the following Immediate eligibility for health and welfare benefits 401(k) savings plan with dollar-for-dollar match up to 5% Tuition Reimbursement PTO accrual beginning Day 1 Note: Benefits may vary based upon position type and/or level BASIC QUALIFICATIONS: BS degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree; or 5 years equivalent technology experience 5 years’ experience in information security in an enterprise environment 3 years’ experience and understanding of incident response processes in both datacenter and cloud based environments, forensic techniques, executing and administration of crisis bridges, and preparation and delivery of incident reports for executives Knowledge of malware trends and behaviors and the ability to work with other teams to detect and respond to these threats Experience with Intrusion Detection and Prevention Systems (IDS/IPS), Firewall and Network Log analysis, Security Information and Event Management (SEIM) tools, threat intelligence services, and malware analysis Experience analyzing network and host-based security events Experience with attacker tactics, techniques, and procedures Experience with Windows and Linux Operating Systems Knowledge of common software, operating systems vulnerabilities, and Unix/Linux Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization Experience creating workflows and remediation plans for vulnerabilities identified Incident Response experience in a healthcare environment Experience using ServiceNow for SIR, CMDB, and/or ITSM functions Contribution or development of policies and standards Experience participating in or leading security table top exercises PREFERRED CERTIFICATIONS Certified Information Systems Security Professional (CISSP) certification Certified Information Security Manager (CISM) certification GIAC Certified Incident Handler (GCIH) certification FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics FOR500: Windows Forensic Analysis MINIMUM QUALIFICATIONS EDUCATION - Bachelor's or 4 years of work experience above the minimum qualification EXPERIENCE - 7 Years of Experience As a health care system committed to improving the health of those we serve, we are asking our employees to model the same behaviours that we promote to our patients. As of January 1, 2012, Baylor Scott & White Health no longer hires individuals who use nicotine products. We are an equal opportunity employer committed to ensuring a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.