Company name
Humana Inc.
Location
Portsmouth, NH, United States
Employment Type
Full-Time
Industry
Work At Home, It, Engineering
Posted on
Feb 17, 2022
Profile
Job Information
Humana
Senior Incident Response Engineer(remote virtual home office)
in
Portsmouth
New Hampshire
Description
The Senior Incident Response Engineer will be part of a dynamic, growing team, hunting for and responding to cyber incidents stemming from internal and external threat actors. The Senior Incident Response Engineer shall provide Tier 3 services, which is coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for cyber incidents.
Responsibilities
Responsibilities
The Senior Incident Response Engineer will be part of Humana's Cyber Incident Response team (CIR). CIR is the enterprise team responsible for the detection and response to the most sophisticated cyber threats and attacks. This role will leverage a variety of tools and resources to proactively detect, investigate, and mitigate emerging and persistent threats impacting Humana networks, systems, and applications.
Key Responsibilities:
Participate in security events and incidents, with a focus on incident response and forensics in accordance with our incident response plan.
Perform detection, analysis, and containment of an incident in both on premises and cloud.
Determine and identify severity and impact and assign appropriate priorities to all events and incidents
As a member of the core incident response team, coordinates with Privacy, Compliance Investigations, Corporate Security, and others as warranted
Utilize Humana acquired technologies to conduct large-scale investigations and examine host and network-based sources of evidence.
Analyze message headers and identify actionable indicators for remediation.
Analyze logs from SIEMs and other sources and be able to identify unauthorized activity.
Perform traffic and host analysis during an incident investigation.
Use security tools including IDS, IPS, firewalls, proxies, Web Application Firewall (WAF), etc., to triage events that may lead to incidents.
Receive on-call escalations from 24*7 security operations, providing assistance and resolution as needed.
Collaborate with forensic analysts and other analysts, law enforcement officers, and legal experts to recommend methods and procedures for recovery, preservation, and presentation of computer evidence.
Proficiency analyzing high volumes of logs, network data (e.g. NetFlow, Full Packet Capture), and other event/incident artifacts using Splunk or Sentinel in support of incident investigations.
Ability to act as the incident quarterback and/or lead investigator.
Assist with post-incident activities
Recommend and document specific counter-measures and mitigating controls.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Improve Humana's business processes and incident response methodologies.
Regularly interact with leadership and customers
Required Qualifications
Bachelor degree or higher, technical discipline preferred, or relevant experience
Minimum 5 years working experience in IT Security, preferably with exposure to security analysis, incident response and threat intelligence analysis.
Strong sense of ethics & values, ability to handle confidential situations with discretion
Strong understanding of the cyber security capabilities and threat landscape
Strong understanding of network and computer forensics
Strong understanding of network protocols, design and operations
Ability to effectively communicate, orally and in writing, event details and technical analysis to technical audiences and business stakeholders
Vulnerability and threat analysis experience
Working knowledge of security principles, techniques and technologies
Strong analytical and problem solving skills
Ability to multi-task and prioritize workload
Willingness to learn
Preferred Qualifications
Master's Degree in a Technical Field
CISSP, GCFA, GNFA, GCIA, GCIH, OSCP and other relevant information security certifications
Big data / Analytics experience
Understanding of malware analysis and reverse engineering
Understanding of artificial intelligence algorithms and application
Experience with various security monitoring and endpoint security tools
Experience with a scripting language such as Powershell, Perl, Ruby, Python, and/or Bash
Technical expertise in at least three of the following areas:
Windows disk and memory forensics
Cloud Operations and Engineering
Network Security Monitoring (NSM), network traffic analysis, and log analysis
Unix or Linux disk and memory forensics
Static and dynamic malware analysis
NIST Kill Chain
MITRE ATT&CK
Applied knowledge in at least one scripting or development language (such as Python)
Understanding of enterprise security controls in Active Directory / Windows environments
Prior training and public speaking experience
Ability to exercise emotional intelligence and situational awareness.
Strong interpersonal communication skills.
Willingness to travel up to 10%
Additional Information
For this position, associates are required to be fully COVID vaccinated (preferred) or undergo weekly COVID testing and wear a face covering while at work. The weekly testing will need to be done through an approved Humana vendor, and unvaccinated associates should follow all social distancing and masking protocols if they are required to come into a Humana facility or work outside of their home. We are a healthcare company committed to putting health and safety first for our members, patients, associates, and the communities we serve.
If progressed to offer, you will be required to:
Provide proof of full vaccination or commit to testing protocols
*OR *
Provide proof of applicable exemption including any required supporting documentation
Medical, religious, state and remote-only work exemptions are available.
Scheduled Weekly Hours
40
Company info
Humana Inc.
Website : http://www.humana.com