IT Security Analyst (Threat Management)

Our people make all the difference in our success.

IT Security Analyst is responsible for ensuring technical controls meet information security policy requirements; security policy education, training, and awareness activities; monitoring compliance with DaVita’s information security policy’s and applicable laws; and coordinating investigation and reporting of security incidents. In conjunction with DaVita Core IT Services (ITS), the analyst will monitor, assess, and fine-tune applicable IT security procedures, perform periodic systems, network and application vulnerability assessments and create actionable changes or recommendations based on risk assessment reviews or audit findings. Analysts will also be responsible for responding to cybersecurity incidents and events and work to contain, remediate, and mitigate the incident.

• Monitor and respond to information security issues related to the systems and workflow to ensure the internal security controls for the Village are appropriate and operating as intended.

• Monitor, manage, and administer IT Security specific technical control solutions (e.g. Content filtering, IDS/IPS, Firewall, End point protection, etc..), as well as, IT Security specific tools to assess vulnerabilities and incidents; i.e. Enterprise SIEM, forensics tools, vulnerability scanning tools, etc..

• Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls

• Coordinate response to information security incidents.

• Collaborate with IT management, legal, compliance and other applicable teams to manage vulnerability exposures.

• Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines).

• Create, manage and maintain user security awareness.

• Conduct security research in keeping abreast of latest security issues.

• Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.

Requirements

·         5 Years of experience in an IT role with 3 years of IT Security Experience

·         Experience with Anti-malware, EDR/XDR, and similar platforms

·         Experience with threat hunting and cyber investigations

·         Experience with endpoint and network security monitoring

·         Experience in containing and remediating cybersecurity incidents

·         Solid skills with Windows and Linux

·         Able to work both on a team and independently

·         Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, defense evasion, etc.

·         Basic understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc

·         Demonstrated ability to explain complex ideas and concepts both verbally and in writing to technical and nontechnical audiences.

Preferred:

·         Preferable experience with Cloud Security

·         Preferable experience with Microsoft 365 security

·         Direct experience using scripting languages to automate tasks and manipulate data.

·         Experience in Healthcare