Senior Cybersecurity Analyst, is responsible for using variety of Cybersecurity tools and technologies to detect, analyze, test, validate, curate, provide actionable guidance to IT System and Service Owners to enforce Cybersecurity policies, controls, standards for M Health Fairview. Successful candidate would possess broad understanding of cybersecurity principles, frameworks, policies, risk and compliance needs for M Health Fairview. May have engineering expertise in one or more Cybersecurity tools and general understanding of security functions. Operational duties include collaborating with peer engineers/analysts, analyzing, prioritizing, solution designing and leading gap mitigation efforts to address key security enforcement gaps. Senior Cybersecurity Analysts will have deep understanding of security threats, vulnerabilities, risks or exposure and exploitability, tools and techniques to test/validate security threats and methods to mitigate them. Successful candidate will proactively lead actions to detect, enumerate risk and collaborate with IT and Business teams to come up with remediation steps and help minimize security risk.
Understanding of vulnerability classes (OWASP) and how they can be exploited
Understanding of various domains of security including authentication, authorization, network security, data, system device and Operating Systems, coding principles, development methodologies, web/mobile applications, use of public and private networks, devices and applications hosted in public/private/hybrid cloud environments
Experience analyzing risk and prioritization of vulnerability remediation using MITRE ATT&CK within the greater context of assets and the control stack
Understanding of security policies, standards, risk enumeration techniques, cybersecurity frameworks
Work with vendors, health and business partners to ensure security remediation milestones are being met
Lead technical and risk management groups to identify and remediate gaps including tool/technology deficiencies
Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
Define and document processes and enhance existing processes partnering with business and IT teams.
Serve as security subject matter expert in assisting triage, investigation and remediation of assumed/potential/actual security incidents. Participate in Red/Blue/Purple teams as needed to help improve security posture of M Health Fairview.
Assist in design, implement, maintain and support current and future complex information security technologies, processes and procedures. Lead the design and development of security controls that ensure the safety of information assets and protect from unauthorized access or intentional destruction.
Lead complex projects related to information security regulatory compliance and the implementation and maintenance of all cybersecurity programs, processes and technologies. Assure the implementation of appropriate security configurations or re-configurations and work with appropriate teams to execute them as required.
Foster a culture of improvement, efficiency gains and innovative thinking. Coach and mentor team members as needed. Adapt and embrace change and demonstrate flexibility in taking up and fulfilling other duties as assigned.
Develop and implement workflows to automate detection of cybersecurity intrusion threats against managed and unmanaged end points, cloud instances, SaaS systems
Develop stretgies to continually evaluate efficacy of EDR and NDR rules and fine tune detection algorithms and logic based on dynamic sytem and user context
Collaborate with IT Risk Management, Cybersecurity Operations and Engineering team and counter parts to enhance intrusion detection, DDoS, DNS attacks and come up with counter measures for active threats
Continually research and be aware of emerging cybersecurity threats and analyze intelligence to develop measures to improve automated response
Work with IT Risk and Compliance peers to help develop identification of business critical data and its protection
Identifying risky use of IT resources based on user access patterns and develop strategies to minimize risk through strong authentication methods
Analyze and monitor for cybersecurity trends and anamolies including user behavior, network and/or systems behavior including cloud workloads and automated robotic instances
Continually improve Cybersecurity runbook, playbooks for Identification, Detection, Response and Prevention of threats
Collaborate with application and infrastructure teams to help identify indicators of compromise and contain potential breaches
Research, evaluate, and recommend new security tools, techniques, and technologies and introduces them to the enterprise in alignment with Cybersecurity and Risk Management strategy.
Bachelors degree in Computer Science, Computer Engineering, Technology Information Systems, Engineering or related technical discipline or combination of relevant experience/education.
10+ years of cumulative experience in engineering, development and/or support of IT Systems
5+ years of experience in customization, deployment and support of Cybersecurity tools and technologies
Ability to author and edit scripts such as PowerShell, Python and exposure to or knowledge of REST API and JSON batching and workflow automation
Ability to thrive in a sense-of-urgency environment and leverage best practices
Subject Matter Expert level experience in using one or more areas of Cybersecurity Incident Response and Threat Management tools SIEM, EDR, DLP, SOAR, NAC/Network Security, Identity and Access Management, GRC, BCP/DR, CMDB, DDoS, Vulneerability Management, Application Security & Penetration Testing
Language & Communication Skills
Ability to effectively communicate both verbally and written with all levels within the organization
Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups
Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills
Ability to work well within a team environment, as well as independently
Bachelors degree in Computer Science, Computer Engineering, Technology Information Systems, Engineering or related technical discipline
Prior work experience in Healthcare companies preferred
Experience in one or more areas of Cybersecurity Incident investigation, forensics, response, containment with methods, procedures and techniques leveraging experience of Information Systems and using cybersecurity tools
Ability to resourcefully use available tools, methods and techniques (including scripting and coding) to simulate and/or recreate possible scenarios during investigations to identify root cause and help improve controls through counter measures.
Industry specificcertifications Security+, CASP, CEH, Pentest+ or equivalents, Technical certifications such as SANS GIAC, OCSP are a plus
Together with the University of Minnesota and University of Minnesota Physicians we have created M Health Fairview. M Health Fairview is the newly expanded collaboration among the University of Minnesota, University of Minnesota Physicians, and Fairview Health Services. The healthcare system combines the best of academic and community medicine — expanding access to world-class, breakthrough care through our 10 hospitals and 60 clinics.
Fairview Health Services (fairview.org) is an award-winning, nonprofit health system providing exceptional care across the full spectrum of health care services. Fairview is one of the most comprehensive and geographically accessible systems in the state, with 10 hospitals—including an academic medical center and long-term care hospital—serving the greater Twin Cities metro area.
Its broad continuum also includes 60 primary care clinics, specialty clinics, senior living communities, retail and specialty pharmacies, pharmacy benefit management services, rehabilitation centers, counseling and home health care services, medical transportation, an integrated provider netwo...rk and health insurer PreferredOne. In partnership with the University of Minnesota, Fairview’s 32,000 employees and 2,400 affiliated providers embrace innovation to drive a healthier future through healing, discovery and education.