Security Threat Engineer I

About The Position

Requirements

• Experience as a member of a Cyber Incident Response Team (CIRT) or comparable team.
• Experience executing an Incident Response plan, preferably based on recognized industry standards (e.g. - NIST, SANS, etc).
• Experience in Windows Artifact Analysis and Initial Forensic Analysis using industry standard tools.
• Experience in Memory Analysis using tools such as Volatility.
• Experience in network forensic analysis to determine validity of detected events using available network logs.
• Experience in DFIR (Digital Forensics Incident Response).
• Experience with an event/information analysis framework such as Analysis of Competing Hypotheses (ACH).
• Experience in performing security analysis or reporting utilizing Security Incident and Event Management (SIEM) Technologies.
• Experience with document management and sustaining Security Operations Center (SOC) policies and run book procedures for incident response.
• Experience with documenting root cause analysis and lessons learned.
• Experience consuming and generating cybersecurity threat intelligence.
• Experience across the technology stack.
• Familiarity with all OSI layers and expertise in some.
• Experience using various security tools such as SIEM, Firewalls, Web Proxy, Anti-Virus, EDR, etc.
• Experience interfacing with peer support teams.
• Experience working in a high-tempo, dynamic environment with a high-performance team.
• Experience with work ticketing systems.
• Experience with Threat Modeling and Kill Chain analysis.

Nice To Haves

• Bachelor's Degree Preferred.
• Certified Ethical Hacker (CEH).
• GIAC: GSEC, GCIH, GCIA, GCED, GMON, GCDA, GDAT, GCFE or comparable.
• CompTIA Security+.

Responsibilities

• Monitor security alert queue - investigate and triage events based on criticality.
• Provide recommendations on how to mitigate the threats.
• Use analytic techniques and critical thinking to determine if and when to escalate threats to larger Cyber Security team.
• Provide guidance to field resources on how to properly remediate a threat.
• Work closely with other CDC team members to improve tools, techniques, and procedures for CDC operation.
• Continuously improve documentation of work products and processes.
• Participate in red/blue team exercises.
• Execute HCA's Incident Response plan as part of an incident response team.
• Serve as Incident Commander, Task Lead, or Scribe during incidents.
• Routinely collaborate with individuals and teams from across the enterprise.

Benefits

• Comprehensive medical coverage.
• Additional options for dental and vision benefits.
• 401(k) Plan with a 100% match on 3% to 9% of pay.
• Employee Stock Purchase Plan with 10% off HCA Healthcare stock.
• Family support through fertility and family building benefits.
• Referral services for child, elder and pet care.
• Consumer discounts through Abenity.
• Education assistance (tuition, student loan, certification support).
• Colleague recognition program.
• Time Away From Work Program (paid time off, paid family leave).
• Employee Health Assistance Fund.