Security Analyst II

Join on the heart-warming journey with a team that is a top leader in the rehabilitation industry

Encompass Health is the leader in inpatient rehabilitation industry, you'll feel the Encompass Health as soon as you join. We collaborate and provide high-quality, compassionate, individualized care for our patients, allowing us time to get to know them and help them achieve their goals during their rehabilitation journey.

Position Purpose

Security Analyst II is a hands-on role that requires technical expertise and previous security operations experience. The person is responsible for a broad range of tasks in the Security Operations Center (SOC) including the day-to-day operation of information security tools and devices, event analysis, and security incident response actions. The Security Analyst II position mentors and trains junior team members and contributes to the continuous development and enhancement of the security posture of the company through development of new detections and alerting methods. The position requires attention to detail and excellent verbal and written communication skills and will frequently interact with other users and other departments both in the field and at our corporate office. Active participation in the departmental on-call rotation, including occasional afterhours, weekend and holiday coverage, is required.

Responsibilities & Tasks

• Responds to and, where appropriate, resolves or escalates reported security alerts. Participates in security incident remediation as part of larger security team.
• Monitors system logs, SIEM tools and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolution and/or tuning
• Investigates and resolves security violations by providing postmortem analysis to illuminate the issue and suggest possible solutions.
• Organizes security incident and event data to produce reports, metrics, and other indicators of SOC performance as requested by management.
• Develops and maintains documentation for security systems and procedures.
• Assists and trains less experienced team members in the use of security tools, the preparation of procedures and other documentation, and the resolution of security issues.
• Researches, recommends, evaluates, and implements information security solutions to detect and/or protect against potential threats, and responds to security violations.
• Participates in the departmental on-call rotation; provides afterhours coverage as assigned.
• Engages in and participates actively in team activities, meetings and projects.
• Maintains awareness of emerging security issues and vulnerabilities; provides awareness and education to team regarding emerging threats.
• Evaluates, triages and responds to user phishing reports; adjusts email defenses and remediates active phishing campaigns
• Other duties as assigned.

Qualifications

License or Certification:

• CompTIA Security+, Network+, CySA+, ISC(2) CISSP or SANS/GIAC Certifications (e.g. GCIH, GCED, GCIA, GMON, GSOC) are desirable.

Minimum Qualifications:

• Associate or Bachelor's degree related to computer science or information security preferred; equivalent work experience can be considered in lieu of degree.
• Minimum 2 years IT security experience required.
• Experience in several of the following areas is highly desirable:

o TCP/IP and network traffic analysis and techniques

o IDS/IPS technologies

o Forensic analysis tools and techniques

o Windows event log analysis

o Windows and/or Unix/Linux system administration experience

o Endpoint/EDR log analysis and incident/event response

o SIEM log analysis, operational use, rule-writing and dashboarding (e.g. Elastic, Splunk, ArcSight, Sumo, Sentinel)

o SOAR / (Security Orchestration and Automation) software

o Phishing defense and/or email security gateway usage

o Cyber threat hunting and threat intelligence operational synthesis

o Malware reverse engineering techniques

o Scripting experience and/or software development experience (Powershell, Python, etc.)

o Experience with offensive security tools, techniques and practices

o Knowledge of cloud security technologies and security best practices (e.g. Azure, AWS, GCP)

A little about us

We're confident you'll see the difference the moment you join our team. Working at Encompass Health means working with a growing national inpatient rehabilitation leader. We're proud of our career growth opportunities and how our team members work together for the greater good of our patients. We've been named one of the "World's Most Admired Companies" and a Fortune 100 Best Companies to Work For® Award, among others, which is pretty amazing.

Our benefits start day one

• Affordable medical, dental and vision plans for full-time and part-time employees and their families.
• Generous paid time off that accrues over time.
• Tuition reimbursement and continuing education opportunities.
• Company-matching 401(k) and employee stock purchase plans.
• Flexible spending and health savings accounts.
• A community of people who love what they do. Yes, we see that as a benefit.