Tenet Healthcare is looking for an Incident Response Engineer with significant experience and skillset. Below is a brief description of the role.
The Incident Response Engineer will report to the Tenet Incident Response Manager. As the Incident Response Engineer, you will respond to cyber security threats while documenting and reporting incidents through the incident response lifecycle. The engineer will perform endpoint and network forensics, malware analysis, threat hunting, managing EDR (Endpoint Detection and Response) solution, etc. You will apply your technical knowledge and investigative skills to perform in depth analysis and report your findings and conclusions to management.
Key tasks include:
Respond to incident using the incident response cycle: Preparation, Detection/Identification, Containment, Eradication, Recovery and follow-up.
Manage Endpoint Detection and Response (EDR) solution.
Perform threat hunting using EDR solution and other security tools.
Evaluate threats and threat intelligence sources and determine organization risk and improve threat detection.
Conduct host-based forensics and analysis to identify threat, root cause, impact, etc.
Communicate with various teams across the enterprise to perform initial triage and information gathering of security incident.
Consistently review playbooks and improve as necessary.
Perform basic malware analysis to identify basic IOCs and/or BIOCs.
Maintain sandbox environment to be able to safely investigate threats.
Develop and maintain strong working relationships with technical and non-technical teams involved with information security and privacy (Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, Networking, Systems, etc.).
Deliver findings, recommendations and remediation steps for all activities.
Create reports and document
Bachelor's degree in Business or Technology or equivalent practical experience.
3 years of experience in Incident Response field.
Experience interacting with technical and non-technical groups to drive business growth.
Strong experience with EDR solutions and threat hunting.
Strong understanding of malware and attackerï¿½s perspective.
One or more professional security certifications such as CISSP, CEH, GIAC, or ECIH
Experience with physical access control, intrusion detection, network security management, endpoint security and architecture.
Excellent information organization, timeline tracking and communication skills, with attention to detail.
Red Team experience.
User of command line for both Linux and Windows OS.
Network and endpoint forensics.
Primary Location: Dallas, Texas
Facility: Tenet Headquarters
Job Type: Full-time
Shift Type: Days
Employment practices will not be influenced or affected by an applicantâ��s or employeeâ��s race, color, religion, sex (including pregnancy), national origin, age, disability, genetic information, sexual orientation, gender identity or expression, veteran status or any other legally protected status. Tenet will make reasonable accommodations for qualified individuals with disabilities unless doing so would result in an undue hardship.
Internal Number: 1905046089
About Tenet Headquarters
“Tenet Healthcare Corporation is a diversified healthcare services company with 115,000 employees united around a common mission: to help people live happier, healthier lives. Through its subsidiaries, partnerships and joint ventures, including United Surgical Partners International, the Company operates general acute care and specialty hospitals, ambulatory surgery centers, urgent care centers and other outpatient facilities. Tenet's Conifer Health Solutions subsidiary provides technology-enabled performance improvement and health management solutions to hospitals, health systems, integrated delivery networks, physician groups, self-insured organizations and health plans.