Incident Responder
About The Position
Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. Working at Gainwell carries its rewards. You’ll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development. You’ll add to your technical credentials and certifications while enjoying a generous, flexible vacation policy and educational assistance. We also have comprehensive leadership and technical development academies to help build your skills and capabilities. SummaryAs an Incident Responder, you will lead cybersecurity investigations within the Computer Security Incident Response Team (CSIRT), collaborating with internal teams and external partners while ensuring compliance with all applicable regulations. You will document and present findings, assess and enforce security policies, and evaluate technical solutions to strengthen network defenses. Responsibilities include analyzing logs from security systems, validating architecture designs, recommending hardware and software changes, and implementing security directives across server environments. Additionally, you will maintain data integrity, communicate potential business impacts of security threats, and act decisively to protect organizational assets and information. Your role in our mission Leads cybersecurity investigations within the Computer Security Incident Response Team (CSIRT). Document and present investigation findings. Work with internal and external partners, including law enforcement, to conduct investigations. Follow applicable local, Federal, and State guidance, regulations, and laws in conducting investigations. Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines. Implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications. Performs product evaluations, recommends and implements products/services for network security. Validates and tests security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies. Analyzes outputs and logs from firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools. Reviews and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security. Provides enforcement of security directives, orders, standards, plans and procedures at server sites. Maintains data and communicates to management the impact on business/customer caused by theft, destruction, alteration or denial of access to information.
Requirements
- Bachelor's degree in cybersecurity, computer science, or related field preferred.
- Six or more years of experience in network, host, data and/or application security in multiple operating system environments.
- Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists.
- Experience working with internet, web, application and network security techniques.
- Experience working with relevant operating system security (Windows, Solaris, Linux, etc.).
- Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies.
- Experience working with federal regulations related to information security (FISMA, Computer security Act, HIPAA, etc.).
- Experience working with NIST Special Publications and C & A process methodology.
- Possess security certifications (CISSP, CCNA, etc).
Responsibilities
- Leads cybersecurity investigations within the Computer Security Incident Response Team (CSIRT)
- Document and present investigation findings
- Work with internal and external partners, including law enforcement, to conduct investigations
- Follow applicable local, Federal, and State guidance, regulations, and laws in conducting investigations
- Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines
- Implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications
- Performs product evaluations, recommends and implements products/services for network security
- Validates and tests security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies
- Analyzes outputs and logs from firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools
- Reviews and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security
- Provides enforcement of security directives, orders, standards, plans and procedures at server sites
- Maintains data and communicates to management the impact on business/customer caused by theft, destruction, alteration or denial of access to information
Benefits
- generous, flexible vacation policy
- educational assistance
- 401(k) employer match
- comprehensive health benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
