The CyberSecurity Specialist is primarily responsible for analysis and support for Pentec Health’s computing infrastructure as related to layered security systems. This position will provide data analysis, security operations tasks, information reporting and internal IT auditing that is required to support Pentec Health’s Security Portfolio
Essential Duties & Responsibilities:
- Performs analysis and monitoring on system logs and network traffic in effort to identify and react to events that may indicate vulnerabilities or unauthorized access.
- Perform proactive Security Monitoring across Pentec Health’s Defense-In-Depth, Layered Security Portfolio.
- Assists with internal IT specific audits of Pentec Health’s server & network infrastructure. Inclusive of account audits, permissions & penetration tests.
- Provides insight into current Security Posture by aggregating data from disparate Security Tools
- Assists with enterprise wide patch management in an automated manner as a means to strengthening overall security posture while being sensitive to business impact.
- Works with Security & Infrastructure teams to perform tests, discover vulnerabilities and validate overall Security Posture
- Assist with Security related projects, deployment of Security Tools and strengthening of Pentec Health’s security posture
- Stays up-to-date on emerging threats and trends within the Cyber Security realm
- Desire and willingness to self-educate through continuous learning on the dynamic and ever changing landscape of Cyber Security
Non-Essential Duties and Responsibilities
- Perform other duties, special projects as assigned.
Authority and Accountability:
Skills, Competencies and Experience:
Skills and Experience:
- Minimum 4 years in an Enterprise IT environment with a broad understanding of general network and server systems. Knowledge is key to understanding how to secure said systems.
- Strong working knowledge of Security Information & Event Management (SIEM) systems for analysis of security related events across an Enterprise
- Strong working knowledge of dashboard creation with Security analysis tools
- Ability to multi-task, adjust priorities, and work autonomously within management defined framework.
- Working knowledge and competency within Microsoft Enterprise ecosystem – Active Directory, Windows Server, Microsoft Exchange, Microsoft SQL, Sharepoint, etc.
- Experience with modern Anti-Virus solutions, Application Whitelisting, USB control and other Endpoint security tools
- Ability to work in a fast-paced environment characteristic of a rapidly growing company.
- Basic familiarity with the SDLC and software development concepts.
- Working knowledge and competency with network based security solutions – Firewalls, IDS/IPS, network analysis tools, etc.
- Experience with e-mail based security solutions
- Experience with internal IT audit procedures for demonstrating compliance with security frameworks.
- Experience with enterprise wide patch management tools and understanding of balance between risks to the business vs security posture.
- Experience with SANS, NIST and other security best practices frameworks
- Experience working within CIS Cyber Security Controls and adhering to best practices.
- Experience with Security Awareness Training
- Experience with cloud and SaaS security solutions
- Familiarity with best practices within Change Management Control.
- Experience working with scripting tools (Powershell, etc)
- Experience with DLP solutions a plus
- Experience with Vulnerability scanning tools a plus
- Experience with Next-Gen Firewalls a plus
Education, Certifications, Trainings:
Bachelor’s degree in Information Technology, Computer Information Systems, or related discipline OR a combination of education and experience equal to four years
- Entry-level Security specific certifications or ability to achieve within one year. (ISC2, SANS or ISACA, etc)