Skip to content

Cyber Security Analyst

Job Category:

BPO / KPO / Shared Services

Job Level:

Skilled

Open Date:

21-Jul-2020

Location:

TAGUIG CITY

Close date:

31-Oct-2020

Client Overview:

Operates as a diversified healthcare services company. The company operates in three segments: Hospital Operations and Other, Ambulatory Care, and Conifer. Its general hospitals offer acute care services, operating and recovery rooms, radiology and respiratory therapy services, clinical laboratories, and pharmacies. The company also provides intensive and critical care, and coronary care units; physical therapy, orthopedic, oncology, and outpatient services; cardiothoracic surgery, neonatal intensive care, and neurosurgery services; quaternary care in heart, liver, kidney, and bone marrow transplants areas; tertiary and quaternary pediatric, and burn services; and limb-salvaging vascular procedures, acute level 1 trauma services, intravascular stroke care, minimally invasive cardiac valve replacement, imaging technology, and telemedicine access for various medical specialties. In addition, it operates ambulatory surgery and urgent care centers, imaging centers, and surgical hospitals; and offers healthcare business process services in the areas of hospital and physician revenue cycle management, as well as value-based care solutions to healthcare systems, individual hospitals, physician practices, self-insured organizations, health plans, and other entities. As of December 31, 2018, the company operated 68 hospitals, 23 surgical hospitals, and approximately 475 outpatient centers, as well as 255 ambulatory surgery, 36 urgent care, and 23 imaging centers in the United States. Tenet Healthcare Corporation was founded in 1967 and is headquartered in Dallas, Texas 

Client Industry:

SHARED SERVICES

Job Description and Qualification:

 OVERVIEW AND REPORTING RELATIONSHIP 


This analyst will be a member of the IS Threat Management team, reporting to the Cybersecurity Manager. This position will be responsible for various technical cybersecurity analyst functions, including vulnerability management, as well as providing network and endpoint security support. 


RESPONSIBILITIES 

  

  • Vulnerability Assessment Administration 
  • Perform scheduled security vulnerability assessments across global applications and infrastructure. 
  • Manage, coordinate, and track vulnerabilities from discovery, triage, remediation, and validation. 
  • Coordinate, schedule, and manage the engagement process (with internal stakeholders and third-party vendors) for vulnerability remediation activities. 
  • Formally document and establish well-defined processes, procedures, remediation and mitigation strategies, and lessons learned. 
  • Manage vulnerability related tickets to ensure issues are remediated within designated timelines. 
  • Provide vulnerability mitigation strategies and meaningful vulnerability metrics. 
  • Support the maintenance and operations of vulnerability assessment infrastructure through refresh initiatives and annual planning. 
  • Report on findings and respond to requests and known vulnerabilities as well as delivering ad-hoc vulnerability scans on request. 
  • Coordinate emergency vulnerability patching, including remediation efforts. 
  • Conduct research and provide feedback to leadership and Cybersecurity team members of the recommended actions for vulnerability scan findings. 
  • Provide support of maintenance and operations to the vulnerability assessment toolsets. 
  • Provide support to internal processes to ensure compliance with the Payment Card Industry (PCI) standard. 
     
    Endpoint Security Administration 
    • Provide operational support for endpoint security solutions.  
    • Support change management tasking relative to the security policies associated with endpoint security solutions. 
    • Evaluate security exception requests to determine legitimacy and completeness of requests prior to escalation to management. 
    • Review endpoint security alerts to determine true or false positives based on industry standards. 
    • Review Threat Reports generated from Endpoint security tools and provide recommendations and plans for appropriate resolutions. 
    •  
    • Endpoint Security Administration 
    • Provide operational support for endpoint security solutions.  
    • Support change management tasking relative to the security policies associated with endpoint security solutions. 
    • Evaluate security exception requests to determine legitimacy and completeness of requests prior to escalation to management. 
    • Review endpoint security alerts to determine true or false positives based on industry standards. 
    • Review Threat Reports generated from Endpoint security tools and provide recommendations and plans for appropriate resolutions. 
  •  
  • Endpoint Security Administration 
  • Provide operational support for endpoint security solutions.  
  • Support change management tasking relative to the security policies associated with endpoint security solutions. 
  • Evaluate security exception requests to determine legitimacy and completeness of requests prior to escalation to management. 
  • Review endpoint security alerts to determine true or false positives based on industry standards. 
  • Review Threat Reports generated from Endpoint security tools and provide recommendations and plans for appropriate resolutions. 
  •  
  • Endpoint Security Administration 
  • Provide operational support for endpoint security solutions.  
  • Support change management tasking relative to the security policies associated with endpoint security solutions. 
  • Evaluate security exception requests to determine legitimacy and completeness of requests prior to escalation to management. 
  • Review endpoint security alerts to determine true or false positives based on industry standards. 
  • Review Threat Reports generated from Endpoint security tools and provide recommendations and plans for appropriate resolutions. 

 

QUALIFICATIONS 

  

  • Information Systems (IS) security professional with a broad range of knowledge in vulnerability and endpoint security systems/processes.  
  • Intermediate or advanced understanding of advanced threat detection in an enterprise environment. 
  • Intermediate or advanced understanding of malware families, their types, and threats they pose. 
  • Strong technical background in vulnerability management tools and endpoint security tools, as well as network security best practices. 
  • Demonstrated ability in identification of vulnerabilities/threats to data, systems and networks.  
  • Comprehension of end-to-end vulnerability management workflow to include industry standards such as CVE, CPE, and CVSS. 
  • Comprehensive knowledge of cloud infrastructure, virtual platforms, encryption technologies, endpoint protection, network and cybersecurity tools. 
  • Demonstrated knowledge of security controls for network, applications, and operating systems. 
  • Fluency in speaking and communicating in English. 

  

EDUCATION AND WORK EXPERIENCE 

  • Minimum five years of experience or three years of experience with a BS in Computer Science or equivalent field. 
  • Preferred education and/or experience: Relevant industry recognized certifications (CISSP, CEH, GIAC, Security+, etc.) 

  

SPECIALIZED KNOWLEDGE, SKILLS & ABILITIES: 

  

  • Effectively communicate security goals effectively with other departments. 
  • Ability to work within an environment of frequently changing priorities. 
  • Knowledge of industry trending threats, security tools, and best practices. 
  • Proven ability in the performance of information security risk assessments. 
  • Experience in performing risk and compliance assessments of new and existing solutions. 
  • Ability to provide guidance and recommended remediation or alternative solutions for both internal and external supported environments.  
  • Ability to provide guidance in the identification, documentation and rating of threats/vulnerabilities, and remediation steps recommended to reduce risks to data, systems and networks. 


 

Salary:

0.00