Emory Healthcare/Emory University Sr. Enterprise Information Security Specialist (Threat Response) in Atlanta, Georgia
Discover Your Career at Emory University
Emory University is a leading research university that fosters excellence and attracts world-class talent to innovate today and prepare leaders for the future. We welcome candidates who can contribute to the diversity and excellence of our academic community.
This position is primarily responsible for security monitoring, analysis, and response within a complex Academic/Medical Center environment. The analyst will be part of a team responsible for incident response, threat hunting, and vulnerability management whose mission is to defend and maintain the overall security of the Emory enterprise.
Protecting enterprise systems and information by monitoring for and promptly responding to security threats and incidents, acting individually and as part of a team to resolve the issue.
Proactively hunt for threats.
Act as subject matter expert and provide insight and remediation guidance to colleagues across the Emory enterprise.
Contribute to continual improvement of detection capabilities and incident handling procedures and runbooks.
Coordination with appropriate departments to resolve security incidents – Local IT, management, legal, IT operations, and others.
Conducting research regarding the latest methods, tools, and trends in digital forensic analysis and incident response.
Create reports, risk assessments, and documentation of security incidents and procedures.
Proactively identify potential security weaknesses and propose improvements.
Present findings to team and leadership on a routine basis.
Keep abreast of computer intrusion tactics, incident response techniques, tools, and procedures.
Collaborates on information security incident response activities, risk assessment and risk management activities, and vulnerability assessment and vulnerability management activities spanning University and Healthcare business units.
Manages detailed network, operating system, database, and application vulnerability assessments and security configuration audits.
Manages information security initiatives.
Oversees operational tasks supporting information security functions such as intrusion detection and prevention, security event log analysis, management reporting, malware prevention and remediation, encryption, network segmentation, remote access, cloud security, and authentication.
Supports, maintains, monitors, troubleshoots and enhances security infrastructure tools, methodologies, software, and hardware. Drafts and reviews information security policies, processes, and procedures.
Prepares information security awareness and education materials and other documentation.
Determines and documents information security requirements and controls necessary for the protection of information resources. Provides guidance and assistance regarding information security matters such as the interpretation of information security policies and requirements or their applicability to particular situations.
Independently develops automated tools and methodologies in support of Information Security functions.
Analyzes data from Information Security functions and provides reports and recommended response actions to Information Security management.
Represents Information Security to other organizations on information security related matters, as assigned.
Publishes regular status reports and submits to management.
Performs related responsibilities as required.
Security certifications that are most relevant for this position include:
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
EC-Council’s Certified Incident Handler (E|CIH)
Incident Handling & Response Professional (IHRP)
Certified Computer Security Incident Handler (CSIH)
Certified Incident Handling Engineer (CIHE)
Familiarity with some or all of the following concepts and related tools / technologies preferred, but not required:
Splunk or other SIEM technologies
CrowdStrike or other NGAV/EDR solutions
Microsoft Cloud App Security (MCAS)
Blue team techniques
Incident response and management
A bachelor's degree and five years of related IT experience including demonstrated technical expertise in multiple information security domains, or an equivalent combination of education, training and experience.
Excellent team participation skills, as well as good written and verbal communication skills.
Strongly preferred qualifications include knowledge of information security technologies, methodologies, and best practices in the domains of: security incident response, vulnerability assessment and management, intrusion detection and prevention, system administration (Windows, OS X, Linux, etc.), security administration of networks, operating systems, databases and applications, access control, encryption, firewalls and proxies, networking, security event log analysis, malware prevention and remediation, cloud technologies, programming/scripting, and risk assessment and management.
Security certifications are a plus (e.g. SANS/GIAC, CISSP, CISA, CISM).
LOCATION: Atlanta-based preferred, but full remote for the right candidate.
NOTE: This role will be granted the opportunity to work from home temporarily during the COVID-19 pandemic, with intent to return to an Emory University location in the future. Emory reserves the right to change this status with notice to employee.
Emory Supports a Diverse and Inclusive Culture
To ensure the safety of our campus community, the COVID-19 vaccine is required. For more information on the University and Hospital policies and potential exemptions, please see our website.
Emory University is dedicated to providing equal opportunities and equal access to all individuals regardless of race, color, religion, ethnic or national origin, gender, genetic information, age, disability, sexual orientation, gender identity, gender expression, and veteran's status. Emory University does not discriminate in admissions, educational programs, or employment on the basis of any factor stated above or prohibited under applicable law. Students, faculty, and staff are assured of participation in University programs and in the use of facilities without such discrimination. Emory University complies with Executive Order 11246, as amended, Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act, and applicable executive orders, federal and state regulations regarding nondiscrimination, equal opportunity and affirmative action. Emory University is committed to achieving a diverse workforce through application of its affirmative action, equal opportunity and nondiscrimination policy in all aspects of employment including recruitment, hiring, promotions, transfers, discipline, terminations, wage and salary administration, benefits, and training. Inquiries regarding this policy should be directed to the Emory University Department of Equity and Inclusion, 201 Dowman Drive, Administration Building, Atlanta, GA 30322.
Emory University is committed to providing reasonable accommodations to qualified individuals with disabilities upon request. To request this document in an alternate format or to request a reasonable accommodation, please contact the Department of Accessibility Services at 404-727-9877 (V) | 404-712-2049 (TDD). Please note that one week advance notice is preferred.
Connect With Us!
Connect with us for general consideration!
Job Number 85260
Job Type Regular Full-Time
Division Office Information Technology
Department OIT: Enterprise IT Security
This position may involve the following Health and Safety issues: Not Applicable
Job Category Information Technology
Campus Location (For Posting) : City Atlanta
Location : Name Emory Campus-Clifton Corridor
Emory Healthcare/Emory University
- Emory Healthcare/Emory University Jobs