Lead Cyber Security Analyst

Job Description

The Lead Cyber Security Analyst will be a key member of Cyber Defense Operations and Engineering (CDOE) team. Lead efforts in the detection of security events while assisting with the response to key events. Acting as an escalation point for major security incidents, liaising with the cybersecurity incident response, and other stakeholders from incident inception to remediation. Interface with other teams across the Company. Ensure compliance with internal and regulatory policies, while applying industry best practices and standards.

Please note this is a hybrid opportunity (3 days in the office/ 2 days WFH)

Pay Range: $130 - $160 / year

Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications obtained. Market and organizational factors are also considered. Successful candidates may be eligible to receive annual performance bonus compensation.

Benefits Information:

We are proud to offer best-in-class benefits and programs to support employees and their families in living healthy, happy lives. Our pay and benefit plans have been designed to promote employee health in all respects - physical, financial, and developmental. Depending on whether it is a part-time or full-time position, some of the benefits offered may include:

• Day 1 Medical, supplemental health, dental & vision for FT employees who work 30+ hours
• Best-in-class well-being programs
• Annual, no-cost health assessment program Blueprint for Wellness
• healthyMINDS mental health program
• Vacation and Health/Flex Time
• 6 Holidays plus 1 "MyDay" off
• FinFit financial coaching and services
• 401(k) pre-tax and/or Roth IRA with company match up to 5% after 12 months of service
• Employee stock purchase plan
• Life and disability insurance, plus buy-up option
• Flexible Spending Accounts
• Annual incentive plans
• Matching gifts program
• Education assistance through MyQuest for Education
• Career advancement opportunities
• and so much more!

Responsibilities

• Provide subject matter expertise (SME) for security solutions.
• Develop and document solution processes, procedures, and information workflows around security event management and cyber security operations.
• Monitoring and responding to security events that could impact the confidentiality, availability, and integrity of critical information security systems.
• Contributor to the IT Security Incident Response efforts across the organization.
• Provide training, mentoring, and coaching to the IT Security Team by understanding the core businesses and environment as well as the technology solutions supporting them.
• Implementation of security standards and security baseline.
• Analyze and recommend action on security related incidents
• Track and maintain operational security metrics
• Review and approve access requests
• Participate in investigating possible security violations
• Interface effectively in key relationships, including IT peers (e.g. IT Operations, Enterprise Architecture, etc.) internal business partners (e.g. Compliance/Privacy, Legal, Corporate Communications, etc.), key external clients (e.g. service providers, external partners, etc.) and other leaders and partners within IT and the broader enterprise.
• Apply a methodology to help identify key security events.
• Develop and publish key metrics for the team to illustrate value and accountability
• Coordinate and present SOC briefings on a regular basis.
• Correlate threat intelligence with active attacks and vulnerabilities within the enterprise.
• Analyze security events collected by our LogRhythm Security Incident and Event Monitoring (SIEM), Splunk as well as other tools, and identify trends, attacks, and potential threats.
• Maintain a current knowledge of information security vulnerabilities, threats, and exploits.
• Provide Governance over Firewalls, Proxies, and Endpoint Security Solutions
• Supervise Security Specialists in our Global Information Center (GIC)
• Other duties, as assigned.

Qualifications

Education Required: Bachelor's degree or equivalent work experience required.

Skills/Experience:

• Certified Information Systems Security Professional (CISSP) or equivalent GIAC Certificates are a plus.
• 5+ years of Information Security or related technology experience
• 3+ years of SIEM Experience
• 3+ years with advanced knowledge of network protocols, routing and switching in complex environments
• 3+ years' experience with Firewalls, IDS/IPS, and Proxies.
• Next Generation endpoint protection technology is a plus (CrowdStrike and Cylance)
• Host Intrusion Detection Service (HIDS)
• Application listing/listing
• Endpoint File System Encryption
• Detection/monitoring/response (e.g. Threat Detection, Realtime vulnerability visibility)
• An in-depth understanding of iOS, Android, Windows, MacOS and Unix internals
• OS Security Hardening for iOS, Android, Windows, MacOS and Unix
• Experience with using the command line interface (Unix, Linux, and Windows)
• Experience working in a Security Operations Center (SOC) environment
• Demonstrate proficiency in applying HIPAA/PCI security rules and National Institute of Standards and Technology (NIST) standards
• Requires understanding of Public Key Infrastructure (PKI), encryption, network security controls tools and functionalities
• Excellent written and verbal communications, including presentation skills, are important to be successful in this role.
• Proven ability to effectively communicate with all levels of the organization, as well as with external parties.
• Demonstrated ability to influence a larger team to perform towards the same goal.
• Excellent organizational and time management skills.
• Highly analytical and methodical, with strong problem-solving ability on complex subjects.
• Highly productive and resourceful, carries "Can do" attitude in approaching challenges, and a true self-starter.
• Demonstrated understanding of, and experience with, current Incident Response best practices and standards.
• Critical thinking and contextual analysis abilities.
• Inherent passion for information security and service excellence.
• Ability to communicate professionally and efficiently both verbally and in writing.
• Deep knowledge of security issues, techniques, and implications across multiple technology platforms.
• Ability to demonstrate a clear understanding, at an enterprise level, of application, network, infrastructure, and data security architecture.
• Excellent analytical skills, able to manage multiple projects under strict timelines, work well in a demanding dynamic environment, and meet overall objectives.
• Ability to work under pressure, and manage competing priorities.
• Ability to establish effective working relationships with associates, counterparts and external customers.

About the Team

Quest Diagnostics honors our service members and encourages veterans to apply.

While we appreciate and value our staffing partners, we do not accept unsolicited resumes from agencies. Quest will not be responsible for paying agency fees for any individual as to whom an agency has sent an unsolicited resume.

Equal Opportunity Employer: Race/Color/Sex/Sexual Orientation/Gender Identity/Religion/National Origin/Disability/Vets or any other legally protected status.