Novant Health
Information Security Analyst I
Novant Health, Fort Mill, South Carolina, United States, 29715
Overview:
Digital Products and Services team members are responsible for securely managing information systems throughout their lifecycle, including knowing what information systems are within their scope of responsibility, understanding what sensitive data is stored, transmitted, or processed on those information systems, enforcing the security principles of least privilege and least functionality, knowing what events may constitute a cybersecurity incident, and understanding their role in security incident response activities.Serving in a key security event monitoring and analysis role, the Information Security Analyst will use information collected from a variety of sources to identify, analyze, and report cybersecurity events that occur or might occur within the enterprise network in order to protect information, information systems, and networks from threats. The Information Security Analyst develops, implements, and carries out the appropriate activities to detect and identify the occurrence of cybersecurity events, investigates security notifications, analyzes detected events to understand attack targets and methods, determines the impact of an event, conducts continuous security monitoring of the network and personnel activity, monitors for unauthorized personnel, connections, devices, and software, monitors for malicious code, communicates detected cybersecurity events to the appropriate parties, escalates events as a security incident where appropriate, categorizes security incidents, tests detection processes, and strives to continuously improve detection processes.Come join a remarkable team where quality care meets quality service, in every dimension, every time.#JoinTeamAubergine #NovantHealth Let Novant Health be the destination for your professional growth.At Novant Health, one of our core values is diversity and inclusion. By engaging the strengths and talents of each team member, we ensure a strong organization capable of providing remarkable healthcare to our patients, families and communities. Therefore, we invite applicants from all group dynamics to apply to our exciting career opportunities.Qualifications:Education: High School Diploma or GED, required. Information Technology, Information Systems, Computer Science, Information Security, Information Assurance, or related field of study, military equivalence will be considered; required. 4 Year / Bachelors Degree, preferred.
Experience: Minimum one year proven information security experience; Minimum one year customer service experience, required.Licensure/Certification: CompTIA Security+ or equivalent, required.Additional Skills Required: Intermediate skill in conducting open source research for troubleshooting novel client-level problems (e.g., online development communities, system security blogging sites). Intermediate knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data. Intermediate knowledge of network protocols (e.g., Transmission Critical Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]). Intermediate knowledge of network traffic analysis methods. Intermediate knowledge of how traffic flows across the network (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP], Open System Interconnection model [OSI]). Intermediate knowledge of intrusion detection methodologies and techniques for detecting host-and network-based intrusions via intrusion detection technologies. Intermediate knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Intermediate knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities. Intermediate knowledge of different types of network communication (e.g., Local Area Network [LAN], Wide Area Network [WAN], Metropolitan Area Network [MAN], Wireless Local Area Network [WLAN], Wireless Wide Area Network [WWAN]). Intermediate knowledge of front-end collection systems, including network traffic collection, filtering, and selection. Intermediate knowledge of common attack vectors on the network layer. Intermediate knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks).Intermediate knowledge of common adversary tactics, techniques, and procedures (TTPs) in assigned area of responsibility (e.g., historical country-specific TTPs, emerging capabilities). Intermediate skill in recognizing and categorizing types of cybersecurity attacks. Intermediate skill in detecting host and network based intrusions via intrusion detection technologies. Intermediate knowledge of new and emerging Information Technology (IT) and cyber security technologies. Basic knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution). Basic skills in data reduction. Basic skill in collecting data from a variety of cyber defense resources. Basic skill in identifying common encoding techniques (e.g., Exclusive Disjunction [XOR], American Standard Code for Information Interchange [ASCII], Unicode, Base64, Uuencode, Uniform Resource Locator [URL] encode). Basic knowledge of incident response and handling methodologies. Basic knowledge of common network tools (e.g., ping, traceroute, nslookup) and ability to interpret the information results. Basic knowledge of networking topologies, components, and protocols and how they relate to network security methodologies and defense-in-depth principles. Basic knowledge of host and network access control mechanisms (e.g., access control list). Basic knowledge of Intrusion Detection System (IDS) tools and applications. Basic knowledge of programming language structures and logic. Basic knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip). Basic knowledge of Unix command line (e.g., mkdir, mv, ls, passwd, grep). Basic knowledge of Windows command line (e.g., ipconfig, netstat, dir, nbtstat). Basic knowledge of collection management processes, capabilities, and limitations. Basic knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation statAdditional Skills Preferred: Basic knowledge of threat assessment. Basic knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Basic knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity and healthcare. Basic knowledge of cyber defense mitigation techniques and vulnerability assessment tools, including open source tools, and their capabilities. Basic knowledge of cryptography and cryptographic key management concepts. Basic knowledge of penetration testing principles, tools, and techniques (e.g., metasploit, neosploit). Basic knowledge of policy-based and risk-adaptive access controls. Basic knowledge of programming language structures and logic. Basic knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Basic knowledge of key concepts in security management (e.g., Release Management, Patch Management). Basic knowledge of content development. Basic knowledge of system administration, network, and operating system hardening techniques. Basic knowledge of information theory. Basic skill in using incident handling methodologies.
Responsibilities:It is the responsibility of every Novant Health team member to deliver the most remarkable patient experience in every dimension, every time.Our team members are part of an environment that fosters team work, team member engagement and community involvement.The successful team member has a commitment to leveraging diversity and inclusion in support of quality care.All Novant Health team members are responsible for fostering a safe patient environment driven by the principles of "First Do No Harm".
Digital Products and Services team members are responsible for securely managing information systems throughout their lifecycle, including knowing what information systems are within their scope of responsibility, understanding what sensitive data is stored, transmitted, or processed on those information systems, enforcing the security principles of least privilege and least functionality, knowing what events may constitute a cybersecurity incident, and understanding their role in security incident response activities.Serving in a key security event monitoring and analysis role, the Information Security Analyst will use information collected from a variety of sources to identify, analyze, and report cybersecurity events that occur or might occur within the enterprise network in order to protect information, information systems, and networks from threats. The Information Security Analyst develops, implements, and carries out the appropriate activities to detect and identify the occurrence of cybersecurity events, investigates security notifications, analyzes detected events to understand attack targets and methods, determines the impact of an event, conducts continuous security monitoring of the network and personnel activity, monitors for unauthorized personnel, connections, devices, and software, monitors for malicious code, communicates detected cybersecurity events to the appropriate parties, escalates events as a security incident where appropriate, categorizes security incidents, tests detection processes, and strives to continuously improve detection processes.Come join a remarkable team where quality care meets quality service, in every dimension, every time.#JoinTeamAubergine #NovantHealth Let Novant Health be the destination for your professional growth.At Novant Health, one of our core values is diversity and inclusion. By engaging the strengths and talents of each team member, we ensure a strong organization capable of providing remarkable healthcare to our patients, families and communities. Therefore, we invite applicants from all group dynamics to apply to our exciting career opportunities.Qualifications:Education: High School Diploma or GED, required. Information Technology, Information Systems, Computer Science, Information Security, Information Assurance, or related field of study, military equivalence will be considered; required. 4 Year / Bachelors Degree, preferred.
Experience: Minimum one year proven information security experience; Minimum one year customer service experience, required.Licensure/Certification: CompTIA Security+ or equivalent, required.Additional Skills Required: Intermediate skill in conducting open source research for troubleshooting novel client-level problems (e.g., online development communities, system security blogging sites). Intermediate knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data. Intermediate knowledge of network protocols (e.g., Transmission Critical Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]). Intermediate knowledge of network traffic analysis methods. Intermediate knowledge of how traffic flows across the network (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP], Open System Interconnection model [OSI]). Intermediate knowledge of intrusion detection methodologies and techniques for detecting host-and network-based intrusions via intrusion detection technologies. Intermediate knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Intermediate knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities. Intermediate knowledge of different types of network communication (e.g., Local Area Network [LAN], Wide Area Network [WAN], Metropolitan Area Network [MAN], Wireless Local Area Network [WLAN], Wireless Wide Area Network [WWAN]). Intermediate knowledge of front-end collection systems, including network traffic collection, filtering, and selection. Intermediate knowledge of common attack vectors on the network layer. Intermediate knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks).Intermediate knowledge of common adversary tactics, techniques, and procedures (TTPs) in assigned area of responsibility (e.g., historical country-specific TTPs, emerging capabilities). Intermediate skill in recognizing and categorizing types of cybersecurity attacks. Intermediate skill in detecting host and network based intrusions via intrusion detection technologies. Intermediate knowledge of new and emerging Information Technology (IT) and cyber security technologies. Basic knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution). Basic skills in data reduction. Basic skill in collecting data from a variety of cyber defense resources. Basic skill in identifying common encoding techniques (e.g., Exclusive Disjunction [XOR], American Standard Code for Information Interchange [ASCII], Unicode, Base64, Uuencode, Uniform Resource Locator [URL] encode). Basic knowledge of incident response and handling methodologies. Basic knowledge of common network tools (e.g., ping, traceroute, nslookup) and ability to interpret the information results. Basic knowledge of networking topologies, components, and protocols and how they relate to network security methodologies and defense-in-depth principles. Basic knowledge of host and network access control mechanisms (e.g., access control list). Basic knowledge of Intrusion Detection System (IDS) tools and applications. Basic knowledge of programming language structures and logic. Basic knowledge of file extensions (e.g., .dll, .bat, .zip, .pcap, .gzip). Basic knowledge of Unix command line (e.g., mkdir, mv, ls, passwd, grep). Basic knowledge of Windows command line (e.g., ipconfig, netstat, dir, nbtstat). Basic knowledge of collection management processes, capabilities, and limitations. Basic knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation [nation statAdditional Skills Preferred: Basic knowledge of threat assessment. Basic knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Basic knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity and healthcare. Basic knowledge of cyber defense mitigation techniques and vulnerability assessment tools, including open source tools, and their capabilities. Basic knowledge of cryptography and cryptographic key management concepts. Basic knowledge of penetration testing principles, tools, and techniques (e.g., metasploit, neosploit). Basic knowledge of policy-based and risk-adaptive access controls. Basic knowledge of programming language structures and logic. Basic knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Basic knowledge of key concepts in security management (e.g., Release Management, Patch Management). Basic knowledge of content development. Basic knowledge of system administration, network, and operating system hardening techniques. Basic knowledge of information theory. Basic skill in using incident handling methodologies.
Responsibilities:It is the responsibility of every Novant Health team member to deliver the most remarkable patient experience in every dimension, every time.Our team members are part of an environment that fosters team work, team member engagement and community involvement.The successful team member has a commitment to leveraging diversity and inclusion in support of quality care.All Novant Health team members are responsible for fostering a safe patient environment driven by the principles of "First Do No Harm".