SOC (Service Operations Analyst I) - Security

New York, NY, United States

Title: SOC (Service Operations Analyst I) - Security

Location: 1300 York Avenue

Org Unit: IT Operations

Work Days: Mon-Fri (rotational on call)

Exemption Status: Exempt

Salary Range: $83,300.00 - $93,600.00

*As required under NYC Human Rights Law Int 1208-2018 - Salary range for this role when Hired for NYC Offices

Position Summary

Ensures the secure operation of Weill Cornell Medicine (WCM) systems. This position works closely with the security engineering team to develop procedures and solutions to advance security operations and mature WCM incident response process. This position's primary responsibility is to aid in the management and monitoring of endpoint security, IPS, firewall, data loss, log management, and other security solutions.

Job Responsibilities

Fosters close working connections with staff and management to ensure the secure operations for WCM applications and infrastructure while acquiring and retaining comprehensive working knowledge of all infrastructure and related systems.

Assists with day-to-day operations of security systems including, but not limited to, Splunk, CrowdStrike, Duo Security, BeyondTrust, Palo Alto, Dell Data Protection, Proofpoint, Security Onion, bro, and others.

Develops/maintains metrics and reports in Splunk related to WCM’s IS posture, including vulnerability management, incident alerting and response, intrusion detection/prevention, data loss prevention, encryption, and endpoint and mobile device security.

Assists in vulnerability management process and compliance, including threat analysis, vulnerability scanning, mitigation, and reporting.

Maintains a strong understanding and documentation of WCM’s security systems, their implementations, customizations, and operational procedures.

Monitors and defines events for our security event and incident management (SEIM) and log management platform, Splunk Enterprise Security.

Assists with data acquisitions, electronic discovery, and forensic investigations.

Performs security operational work in compliance with defined SLAs and operational level agreements, including firewall change requests, security operational inquiries, security incident reviews, user account management, and other operational processes.

Performs other related duties as assigned

Education

Bachelor's Degree

Experience

Bachelor’s degree in computer science, computer engineering, electrical engineering, network security, information security, information technology, mathematics, or similar field of study.

One or more years of security-related work or internship experience.

Knowledge of UNIX and Windows internals, command line, and command line tools.

Scripting experience with Ruby, Python, and/or shell.

Basic understanding of a variety of incidents and attack vectors, such as network intrusions, web-based attacks, malicious emails, root- and user-level compromises, malware, botnet infections, and other anomalous activity.

Information security certifications, such as Security+, CEH, GIAC, SSCP desired.

Basic understanding of the legal aspects of data acquisitions and electronic discovery desired.

Strong conceptual thinking, verbal, and communication skills highly desired.

Strong understanding of logging or security event and incident management systems, such as Syslog, Splunk, etc. desired.

Experience using security tools, such as Metasploit, nmap, Kali, Backtrack Linux, Wireshark, netcat, etc.) a plus.

Comfort working with technologies at all levels of the OSI model desired.

Knowledge, Skills and Abilities

Fluency in navigating and using Mac OS X, Red Hat Linux, and/or Windows operating systems.

Ability to create and present diagrams and reports for technical and non-technical audiences.

Excellent written and verbal communication skills, on both technical and non-technical topics.

Ability to produce professional-level documentation and reporting using Microsoft Office.

Ability to think outside the box in terms of designing systems and solutions.

Ability to think critically and make decisions independently.

Ability to deliver under tight deadlines and work off-hours as needed.

Must be able to work in a very demanding and high-pressure environment.

Ability to promote and maintain a favorable and positive work environment for oneself and others to assist in the overall mission of the medical college and hospital.

Licenses and Certifications

Working Conditions/Physical Demands

Weill Cornell Medicine is a comprehensive academic medical center that is committed to excellence in patient care, scientific discovery, and the education of future physicians and scientists in New York City and around the world. Our doctors and scientists - faculty from Weill Cornell Medical College, Weill Cornell Graduate School of Medical Sciences, and the Weill Cornell Physician Organization - are engaged in world-class clinical care and cutting-edge research that connect patients to the latest treatment innovations and prevention strategies. Located in the heart of the Upper East Side's scientific corridor, Weill Cornell Medicine's powerful network of collaborators extends to its parent university Cornell University; to Qatar, where an international campus offers a U.S. medical degree; and to programs in Tanzania, Haiti, Brazil, Austria and Turkey. Our medical practices serve communities throughout New York City, and our faculty provide comprehensive care at NewYork-Presbyterian Hospital/Weill Cornell Medical Center, NewYork-Presbyterian/Lower Manhattan Hospital, NewYork-Presbyterian Hospital/Brooklyn Methodist Hospital, NewYork-Presbyterian Hospital/Westchester Behavioral Health Center, and NewYork-Presbyterian/Queens. At Weill Cornell Medicine, we work together to treat each individual, not just their conditions or illnesses, as we strive to deliver the finest possible care for our patients - the center of everything we do. Weill Cornell Medicine is an Equal Employment Opportunity Employer. Weill Cornell Medicine provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status, or genetic information.