Cyber Defense Incident Responder

**Job Summary:**

The Cyber Defense Incident Responder position will be responsible for investigating, analyzing, and responding to network cyber security incidents.. This role will also be responsible for supporting the development and improvement of processes, playbooks, and runbooks associated with detecting and responding to cyber security incidents.

**Responsibilities:**

+ Track cyber defense incidents from initial detection through final resolution

+ Collect intrusion artifacts

+ Determine the scope, urgency, and impact of cyber defense incidents

+ Recommend mitigation and remediation strategies for enterprise systems

+ Create thorough reports and documentation of all incidents and procedures; present findings to the teams and IR leadership on a routine basis

+ Support the development of Incident Response initiatives that improve our capabilities to effectively respond and remediate security incidents

+ Partner with cyber threat intelligence, the vulnerability management team, and technology remediation groups to deliver shared outcomes that measurably improve our ability to detect, respond to, and deter threats

+ Support broader security operation initiatives both within the cyber defense team and within engineering and operation departments across the organization

+ Create and Improve Security Playbooks for a variety of incident and compromise types for all levels of engineers and stakeholders

**Salary:**

The pay range for this position is $41.97/hour ($87,297/year) for those with entry-level qualifications up to $72.62 ($151,049) for those highly experienced. The specific rate will depend upon the successful candidate's specific qualifications and prior experience.

**Basic Qualifications:**

+ BS degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree; or 4 years equivalent technology experience

+ 2+ years’ experience in information security in an enterprise environment

+ Experience and understanding of incident response processes, forensic techniques, executing and administration of crisis bridges, and preparation and delivery of incident reports for executives

+ Knowledge of malware trends and behaviors and the ability to work with other teams to detect and respond to these threats

+ Experience with attacker tactics, techniques, and procedures

+ Experience with Windows and Linux Operating Systems

+ Knowledge of common software, operating systems vulnerabilities, and Unix/Linux

+ Understanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability risk

+ Experience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CK

+ Knowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organization

+ Excellent written and verbal communication skills

+ Demonstrated ability to collaborate effectively with internal teams and industry peers

**Preferred Qualifications:**

+ Experience creating workflows and remediation plans for vulnerabilities

+ Incident Response experience in a healthcare environment

+ Experience with security assessment tools

**Minimum Qualifications:**

+ EDUCATION - Bachelor's or 4 years of work experience above the minimum qualification

+ EXPERIENCE - 4 Years of Experience

As a health care system committed to improving the health of those we serve, we are asking our employees to model the same behaviours that we promote to our patients. As of January 1, 2012, Baylor Scott & White Health no longer hires individuals who use nicotine products. We are an equal opportunity employer committed to ensuring a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.