Senior Incident Response Analyst

About The Position

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, or a related discipline, or equivalent combination of education and experience.
• At least one advanced security certification within one (1) year of hire (e.g., GCIH, GCIA, CISSP, CISM).
• Minimum of seven (7) years of experience in information security, with at least four (4) years focused on incident response or SOC operations.
• Proven expertise in forensic analysis, malware investigation, SIEM/EDR tuning, and large-scale incident handling.
• Must be able to wear appropriate Personal Protective Equipment (PPE) required to perform the job safely.
• Use of clear and audible speaking voice and the ability to hear normal speech level.
• Sitting, standing, walking, lifting 1-10 pounds, keyboard operation.

Nice To Haves

• Master’s degree in Cybersecurity, Information Technology, or a related discipline.
• Advanced technical certifications such as OSCP, CHFI, GNFA, or equivalent.
• Experience in regulated industries such as healthcare or finance.
• Demonstrated expertise in cloud security, detection engineering, and proactive threat hunting.
• Prior experience influencing security strategy and mentoring teams.

Responsibilities

• Act as a senior escalation point for the SOC, leading the most complex investigations and providing expert-level analysis across security tools (SIEM, EDR, IDS/IPS, forensic platforms, cloud environments).
• Direct and coordinate incident response activities end-to-end, including containment, eradication, recovery, and executive-level reporting.
• Perform deep forensic analysis and malware investigation to determine root cause, scope, and impact of incidents.
• Own and evolve incident response playbooks, ensuring they align with industry best practices, regulatory requirements, and organizational needs.
• Partner with IT, infrastructure, compliance, and business stakeholders to mitigate vulnerabilities and implement long-term risk reduction strategies.
• Proactively conduct advanced threat hunting to identify signs of compromise and improve detection methodologies.
• Lead post-incident reviews, delivering actionable recommendations and driving continuous improvement across tools, processes, and training.
• Serve as a mentor and technical advisor to junior and mid-level analysts, fostering professional growth and knowledge transfer.
• Maintain deep knowledge of current threat actors, tactics, techniques, and procedures (TTPs) to inform detection engineering and response efforts.
• Collaborate with leadership to influence strategic cybersecurity initiatives, tool selection, and investment decisions.
• Lead or co-lead tabletop exercises and simulations to validate and strengthen the incident response program.
• Ensure adherence to all applicable regulatory frameworks (e.g., HIPAA, PCI-DSS, NIST, HITRUST) during investigations and response activities.
• Supports the vision, mission, and values of the organization in all respects.
• Supports the Lean principles of continuous improvement with energy and enthusiasm, functioning as a champion of change.
• Provides and maintains a safe environment for caregivers, patients and guests.
• Conducts all activities with the highest standards of professionalism and confidentiality.
• Complies with all applicable laws, regulations, policies and procedures, supporting the organization’s corporate integrity efforts by acting in an ethical and appropriate manner, reporting known or suspected violation of applicable rules, and cooperating fully with all organizational investigations and proceedings.
• Delivers customer service and/or patient care in a manner that promotes goodwill, is timely, efficient, and accurate.
• May perform additional duties of similar complexity within the organization, as required or assigned.

Benefits

• Competitive Salary
• Comprehensive benefits including Medical, Dental, Vision for you and your immediate family
• 403b with up to 6% match on Retirement Contributions
• Generous Earned Time Off
• Growth Opportunities within Healthcare
• This position is eligible for a sign-on bonus in the amount of $5,000. To qualify for the bonus, candidates must not have been employed by St. Charles Health System in the last 6 months.
• Bonuses are available to external applicants only and are subject to all applicable tax withholding.