Lead Information Security Analyst

Children’s National HospitalSilver Spring, MD
99d
Match Resume

About The Position

We are seeking a Lead Information Security Analyst to serve as our Incident Response/SOC SME, ideally with prior experience as a Security Incident Response Leader (SIRL). This role will lead incident response strategy and execution, with hands-on expertise in operational Splunk Enterprise Security (SIEM), Microsoft Defender security suite (including Endpoint, Identity, and Servers), and SOAR playbook automation. The successful candidate will be responsible for leading complex incident investigations, coordinating responses across IT and clinical teams, and driving ongoing improvements in security operations. You will also mentor SOC analysts, enhance detection capabilities, and ensure that lessons learned are integrated into practices.

Requirements

  • Bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience.
  • 10+ years of experience in cybersecurity with a focus on vulnerability management, cybersecurity operations, analysis, forensics and/or investigations.
  • Experience leading in the application of key cybersecurity practices, controls, and frameworks.
  • Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences.
  • Experience leading cybersecurity auditing, compliance, and policy.
  • Experience leading cybersecurity risk assessments, vulnerability management, penetration testing, and threat identification.
  • Experience leading the management of access controls including identity, active directory, privileged account management, and authentication.
  • Experience leading cybersecurity incident response, risk remediation, business continuity, disaster recovery, and cyber operations.

Responsibilities

  • Act as the Security Incident Response Leader during high-severity events, directing containment, remediation, and recovery efforts.
  • Serve as the escalation point for SOC analysts and ensure timely, coordinated response actions.
  • Develop and maintain incident response frameworks, including runbooks, playbooks, and post-incident reviews.
  • Partner with executive leadership, clinical staff, and external stakeholders (law enforcement, MSSPs) to manage incident communications.
  • Maintain and optimize Splunk ES detections, correlation rules, dashboards, and reporting.
  • Guide SOC analysts on triage, alert enrichment, and threat-hunting practices.
  • Build and manage security orchestration and automated response playbooks.
  • Orchestrate integrations across SIEM, EDR, vulnerability management, and identity systems.
  • Produce accurate documentation for incidents, including executive-level summaries and technical after-action reports.
  • Ensure incident response processes and playbooks are continuously updated.
  • Lead tabletop exercises, red/blue team simulations, and cyber range events.
  • Mentor and coach SOC analysts to elevate detection and response maturity.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service