We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
HealthPartners jobs

Senior Security Operations Center (SOC) Analyst

HealthPartners
Jan 11, 2025

HealthPartners is currently hiring for a Senior Security Operations Center (SOC) Analyst. We are seeking a dedicated and detail-oriented Senior Cyber Security Analyst to join our information security team. The analyst is responsible for investigating potential threats detected by our information security tools, such as firewalls, endpoint detection and response (EDR) systems, and other monitoring technologies. This investigation process includes alert investigation, log analysis to build a timeline of events both before and after the event, malware analysis in a dedicated lab environment, and forensic analysis of impacted devices. This role also plays a critical role in enhancing HealthPartners' threat detection capabilities by creating custom detections tailored to the evolving threat landscape. The analyst leverages SOAR (Security Orchestration, Automation, and Response) tools to design and implement automated playbooks to streamline incident response and improve operational efficiency.

The SOC Analyst educates HealthPartners leadership on potential risks and vulnerabilities by staying up to date with emerging threats and cyber threat intelligence. The analyst also supports company-wide initiatives which includes risk assessments and red team tabletop exercises. Through these processes, HealthPartners can ensure a proactive security posture.

Required Qualifications:



  • Bachelor's degree or equivalent
  • Five (5) years' experience in Information Technology
  • Three (3) years' experience in Information Security
  • Knowledge of the security aspects of multiple system platforms, operating systems, software communications, and network protocols.
  • Experience coordinating projects.
  • Knowledge of structured methodologies and standards such as ISO 27000, NIST, PMI, ITIL, CMMI, OWASP, and CoBit
  • Knowledge of federal and state security-related legislation including HIPAA, PCI, JCAHO, NCQA


Preferred Qualifications:



  • Relevant security certification (OSCP, GCIH, GCIA, CISSP, Security +, etc.)
  • Experience with Palo Alto Networks and Microsoft Security solutions
  • Experience with host, network and email-based investigations & security tools.
  • EDR\XDR and NGFW experience
  • Experience working in a SOC or incident response team.
  • Malware analysis or experience reviewing static and dynamic analysis findings.
  • Forensics experience using open source or licensed tools such as Magnet AXIOM
  • Experience with PowerShell, Python, JavaScript, or other relevant languages leveraged by adversaries.
  • Experience with SOAR solutions or other automation experience
  • Experience with threat intelligence platforms and indicator gathering & processing.
  • Excellent critical thinking skills, attention to detail, logic, and analytical mindset
  • The ability to stay calm and work under pressure.
  • The ability to independently investigate security events and follow leads.
  • Excellent written and verbal communication skills
  • The ability to present security event findings to other analysts and leadership.


Hours/Location:



  • M-F; Days
  • Position may work remotely but will prefer local/regional candidates for occasional onsite needs.
  • The analyst will be part of an on-call rotation that averages once every six (6) weeks.


Accountabilities:



  • Primary function will consist of investigating and responding to security events as detected by endpoint, network and email based security solutions leveraged by HealthPartners.
  • Documentation of security event findings as part of the incident response process.
  • Threat hunting and custom rule development.
  • Management and support of tools and security solutions owned and maintained by CTU.
  • Participation in an on call rotation providing 24/7 investigation and response to security events which meet certain criteria.
  • Work within the Cyber Threat Unit to develop new automation playbooks.
  • Promotes IS&T's security program to ensure the confidentiality, integrity and availability of HealthPartners' network and infrastructure.
  • Performs security forensic services, gathering and consolidating data artifacts.
  • Monitors security event reports and actions; ensuring the appropriate response is performed and coordinated.
  • Assists with the coordination and development of system security enhancements.
  • Maintains awareness of the latest developments in key areas of responsibility and brings forward opportunities that might benefit the organization.

Applied = 0
MORE JOBS LIKE THIS

(web-776696b8bf-ksmj8)