JOB SUMMARY

　　The Sr. Cyber Incident Response Engineer will take on the lead cyber security incident responder role on the Baylor Scott & White Health cyber defense team. This role will be responsible for leading the incident response capabilities of the organization by developing and improving runbook procedures to mitigate risk and enhance incident response processes.

　　SALARY

　　The pay range for this position is $98,363 (entry-level qualifications) - $172,140 (highly experienced) The specific rate will depend upon the successful candidate’s specific qualifications and prior experience.

　　ESSENTIAL FUNCTIONS OF THE ROLE

　　Conduct security investigations and lead security incident response in a cross-functional environment and drive incident resolution

　　Actively call and lead security incident bridges and coordinate internal incident response efforts between operations teams, and managed security services

　　Develop Incident Response initiatives that improve our capabilities to effectively respond and remediate security incidents.

　　Expand SIEM program, ensuring log coverage, alert development, and process improvement.

　　Partner with cyber threat intelligence, the vulnerability management team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect, respond to, and remediate vulnerabilities.

　　Support broader security operation initiatives both within the cyber defense team and within engineering and operation departments across the organization.

　　Be a security liaison and enabler to Managed Service counterparts.

　　Create and Improve Security Playbooks for a variety of incident and compromise types for all levels of engineers and stakeholders.

　　QUALIFICATIONS

　　Experience analyzing network and host-based security events.

　　Experience with attacker tactics, techniques, and procedures.

　　Experience with Windows and Linux Operating Systems.

　　Knowledge of common software, operating systems vulnerabilities, and Unix/Linux.

　　Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk.

　　Experience with controls or frameworks such as NIST 800-53, NIST CSF, MITRE ATT&CK.

　　Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization.

　　PREFERRED QUALIFICATIONS

　　Certified Information Systems Security Professional (CISSP) certification

　　Certified Information Security Manager (CISM) certification

　　GIAC Certified Incident Handler (GCIH) certification

　　Experience in creating workflows and remediation plans for vulnerabilities identified.

　　Incident Response experience in a healthcare environment.

　　Experience using ServiceNow for SIR, CMDB, and/or ITSM functions.

　　Contribution or development of policies and procedures.

　　Experience participating in or leading security tabletop exercises.

　　LOCATION: Remote

　　SCHEDULE: Full Time

　　BENEFITS

　　Our competitive benefits package includes the following.

　　Immediate eligibility for health and welfare benefits

　　401(k) savings plan with dollar-for-dollar match up to 5%

　　Tuition Reimbursement

　　PTO accrual beginning Day 1

　　Note: Benefits may vary based upon position type and/or level

　　QUALIFICATIONS

　　EDUCATION - Bachelor's or 4 years of work experience above the minimum qualification

　　EXPERIENCE - 5 Years of Experience

　　As a health care system committed to improving the health of those we serve, we are asking our employees to model the same behaviours that we promote to our patients. As of January 1, 2012, Baylor Scott & White Health no longer hires individuals who use nicotine products. We are an equal opportunity employer committed to ensuring a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.