Cybersecurity Senior Incident Response Analyst (Remote in US, preference hybrid based in Dallas, TX)

Tenet is seeking a Senior Incident Response Analyst to work for Tenet Healthcare. Below is a brief outline of what Tenet is seeking for this role.

The Senior Incident Response Analyst will report to the Tenet Incident Response Manager. As the Incident Response analyst, you will respond to high severity cyber security threats while documenting and reporting incidents through the incident response lifecycle. The analyst will perform endpoint and network forensics, basic malware analysis, threat hunting, etc. You will apply your technical knowledge and investigative skills to perform in-depth analysis and report your findings and conclusions to management.

Can be fully remote but preference is on-site (Mon-Thursday to start and eventually it being more of a flexible hybrid 2-3 days a week onsite at HQ)

Key Accountabilities

The functions listed describe the business purpose of this job. Specific duties or tasks may vary and be documented separately. The employee might not be required to perform all the functions listed. Additional duties may be assigned, and functions may be modified, according to business necessity.

• Respond to incident using the incident response cycle: Preparation, Detection/Identification, Containment, Eradication, Recovery, and follow-up
• Perform threat hunting using EDR solution, Splunk and other security tools
• Evaluate threats and threat intelligence sources and determine organization risk and improve threat detection
• Conduct host-based forensics and analysis to identify threat, root cause, impact, etc
• Communicate with various teams across the enterprise to perform initial triage and information gathering of security incidents
• Consistently review playbooks and improve as necessary
• Perform basic malware analysis to identify basic IOCs and/or BIOCs
• Build and maintain sandbox environment to be able to safely investigate threats
• Deliver findings, recommendations, and remediation steps for all activities
• Create reports and document incidents
  
  

Skills, Experience & Competencies

• Bachelor’s degree in information security or a related field or an equivalent combination of training and experience.
• Strong experience with EDR, CrowdStrike preferred
• Highly experienced and skilled using Splunk to perform investigations and threat hunts
• Highly experienced performing endpoint forensics. DFIR experience required.
• 3+ years of experience in the Incident Response field
• Red Team experience
• One or more professional security certifications such as CISSP, CEH, GIAC, or ECIH
• Experience with intrusion detection, network security management, endpoint security and architecture
• Basic malware analysis
  
  

Tenet Healthcare/USPI complies with federal, state, and/or local laws regarding mandatory vaccination of its workforce. If you are offered this position and must be vaccinated under any applicable law, you will be required to show proof of full vaccination or obtain an approval of a religious or medical exemption prior to your start date. If you receive an exemption from the vaccination requirement, you will be required to submit to regular testing in accordance with the law.

2403022545

Employment practices will not be influenced or affected by an applicant’s or employee’s race, color, religion, sex (including pregnancy), national origin, age, disability, genetic information, sexual orientation, gender identity or expression, veteran status or any other legally protected status. Tenet will make reasonable accommodations for qualified individuals with disabilities unless doing so would result in an undue hardship.