CyberSecurity Operations Center Engineer 2 (remote virtual home office )

Description

The CyberSecurity Operations Center Engineer 2 monitors hardware, software and network firewalls, intrusion detection systems, EDR systems, Email threat detection platforms, Cloud SIEM, etc. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Responsible for resolution of initial triage and incident response to security alerts. Makes decisions regarding own work methods, occasionally in ambiguous situations, and requires minimal direction and receives guidance where needed. Follows established guidelines/procedures.
This is a fantastic opportunity to help transform frontline cyber operations for the 3rd largest health organization in the Nation. This candidate will have the ability to apply their vast expertise to shape and streamline cyber operations for a Fortune 50 company.
If you're looking for a fast paced, fun, and challenging environment to test your Security Operations skillsets, this is the perfect role for you. Any technologist would thrive in the Humana SOC environment with our extensive tooling capabilities, highly talented teams, and high value / high impact work for defending one of the leading health insurance companies in the country.

Responsibilities

Required Qualifications

Bachelor's Degree
2+ years of incident analysis, security architecture, malware research, SOC, or any other similar incident response experience.
Fundamental understanding of security tools such as SIEM, IDS/IPS, web proxies, DLP, CASB, SIEM, DNS security, DDoS protection, and firewalls
Fundamental understanding of cloud security and responding to cloud alerts/events
Knowledge of NIST and MITRE ATT&CK security frameworks
Knowledge of Microsoft Windows systems including active directory and Unix systems
Experience analyzing and inspecting log files, network packets, and any other security tool information output from multiple system types
Familiar with basic reverse engineering principles and understand of malware, rootkits, TCP/UDP packets, network protocols
Team-oriented and skilled in working within a collaborative environment
Ability to effectively multi-task, prioritize and execute tasks in a high-pressure environment
Required flexibility to work nights, weekends, and/or holiday shifts in the event of an incident response emergency
Experience with technical analysis of email headers, links, and attachments to determine if an email is malicious, and then executing remediation techniques to protect the environment

               

Preferred Qualifications

One or more of the following certifications are recommended: CompTIA Security +; CompTIA Network +; Information systems Security Professional (CISSP); SANS-GIAC certification (Security Essentials/GCIH, GCED, GCIA, GNFA); EC-Council (CEH)
Solid written and communication skills with the ability to present ideas in business-friendly and user-friendly language
Proven problem-solving abilities
Willingness to acquire in-depth knowledge of network and host security technologies and products (such as endpoint, network, email security) and continuously improve these skills
Ability to clearly and concisely document and explain technical details (e.g. experience documenting incidents, technical writing, etc.)
Collaborate with peers and multiple teams to identify improvements and identify areas for tuning use cases or signatures to enhance monitoring value
Participate in technical meetings and working groups to address issues related to malware, threats, vulnerabilities, and cybersecurity preparedness

**Looking for and experienced candidate with a SOC background that thrives in a "startup environment". Humana is currently refining their SOC procedures, maturity, and capabilities. A strong experienced candidate will really have a major impact in the SOC strategy, team design, and technological considerations.

Scheduled Weekly Hours

40