Job Description

Objective:

The CyberSecurity Specialist is primarily responsible for analysis and support for Pentec Health’s computing infrastructure as related to layered security systems. This position will provide data analysis, security operations tasks, information reporting and internal IT auditing that is required to support Pentec Health’s Security Portfolio

Essential Duties & Responsibilities:

Performs analysis and monitoring on system logs and network traffic in effort to identify and react to events that may indicate vulnerabilities or unauthorized access.
Perform proactive Security Monitoring across Pentec Health’s Defense-In-Depth, Layered Security Portfolio.
Assists with internal IT specific audits of Pentec Health’s server & network infrastructure. Inclusive of account audits, permissions & penetration tests.
Provides insight into current Security Posture by aggregating data from disparate Security Tools
Assists with enterprise wide patch management in an automated manner as a means to strengthening overall security posture while being sensitive to business impact.
Works with Security & Infrastructure teams to perform tests, discover vulnerabilities and validate overall Security Posture
Assist with Security related projects, deployment of Security Tools and strengthening of Pentec Health’s security posture
Stays up-to-date on emerging threats and trends within the Cyber Security realm
Desire and willingness to self-educate through continuous learning on the dynamic and ever changing landscape of Cyber Security

Non-Essential Duties and Responsibilities

Perform other duties, special projects as assigned.

Authority and Accountability:

Skills, Competencies and Experience:

Skills and Experience:

Required

Minimum 4 years in an Enterprise IT environment with a broad understanding of general network and server systems. Knowledge is key to understanding how to secure said systems.
Strong working knowledge of Security Information & Event Management (SIEM) systems for analysis of security related events across an Enterprise
Strong working knowledge of dashboard creation with Security analysis tools
Ability to multi-task, adjust priorities, and work autonomously within management defined framework.
Working knowledge and competency within Microsoft Enterprise ecosystem – Active Directory, Windows Server, Microsoft Exchange, Microsoft SQL, Sharepoint, etc.
Experience with modern Anti-Virus solutions, Application Whitelisting, USB control and other Endpoint security tools
Ability to work in a fast-paced environment characteristic of a rapidly growing company.
Basic familiarity with the SDLC and software development concepts.
Working knowledge and competency with network based security solutions – Firewalls, IDS/IPS, network analysis tools, etc.
Experience with e-mail based security solutions
Experience with internal IT audit procedures for demonstrating compliance with security frameworks.
Experience with enterprise wide patch management tools and understanding of balance between risks to the business vs security posture.

Preferred

Experience with SANS, NIST and other security best practices frameworks
Experience working within CIS Cyber Security Controls and adhering to best practices.
Experience with Security Awareness Training
Experience with cloud and SaaS security solutions
Familiarity with best practices within Change Management Control.
Experience working with scripting tools (Powershell, etc)
Experience with DLP solutions a plus
Experience with Vulnerability scanning tools a plus
Experience with Next-Gen Firewalls a plus

Education, Certifications, Trainings:

Required

Bachelor’s degree in Information Technology, Computer Information Systems, or related discipline OR a combination of education and experience equal to four years

Preferred