HealthPartners is currently hiring for a Cyber Security Analyst. As part of the Cyber Threat Unit (CTU) team, the analyst is responsible for promoting security awareness across the organization and assesses the potential for security risks. The analyst creates guidelines and processes that enable security access to be administered effectively and securely. It identifies and analyzes potential or actual security threats, and searches for potential weaknesses in security through monitoring events, logs, and audit results of HealthPartners' processes, policies, systems, and data. This position also supports small initiatives, audit requests, and RFIs. Required Qualifications: Bachelor's degree or equivalent 5+ years' experience in Information Technology 3+ years' experience in Information Security Excellent desktop tool proficiency including Microsoft products (e.g., Word, Excel, Access, and PowerPoint) Knowledge of the security aspects of multiple system platforms, operating systems, software communications, and network protocols. Experience coordinating projects. Knowledge of structured methodologies and standards such as ISO 27000, NIST, PMI, ITIL, CMMI, OWASP, and CoBit Knowledge of federal and state security-related legislation including HIPAA, PCI, JCAHO, NCQA Preferred Qualifications: Relevant security certification (OSCP, GCIH, GCIA, CISSP, Security +, etc.) Experience with Palo Alto Networks and Microsoft Security solutions Experience with host, network and email based investigations & security tools. EDRXDR and NGFW experience Experience working in a SOC or incident response team. Malware analysis or experience reviewing static and dynamic analysis findings. Forensics experience using open source or licensed tools such as Magnet AXIOM Experience with PowerShell, Python, JavaScript, or other relevant languages leveraged by adversaries. Experience with SOAR solutions or other automation experience Experience with threat intelligence platforms and indicator gathering & processing. Excellent critical thinking skills, attention to detail, logic, and analytical mindset The ability to stay calm and work under pressure. The ability to independently investigate security events and follow leads. Excellent written and verbal communication skills The ability to present security event findings to other analysts and leadership. Hours/Location: M-F; Days Position may work remotely but will prefer local/regional candidates for occasional onsite needs. Accountabilities: Primary function will consist of investigating and responding to security events as detected by endpoint, network and email based security solutions leveraged by HealthPartners. Documentation of security event findings as part of the incident response process Threat hunting and custom rule development Management and support of tools and security solutions owned and maintained by CTU. Participation in an on call rotation providing 24/7 investigation and response to security events which meet certain criteria. Work within the Cyber Threat Unit to develop new automation playbooks. Promotes IS&T's security program to ensure the confidentiality, integrity and availability of HealthPartners' network and infrastructure. Performs security forensic services, gathering and consolidating data artifacts. Monitors security event reports and actions; ensuring the appropriate response is performed and coordinated. Assists with the coordination and development of system security enhancements. Maintains awareness of the latest developments in key areas of responsibility and brings forward opportunities that might benefit the organization. We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.