Senior Cybersecurity Operations Analyst - Remote

The Senior Cybersecurity Operations (SecOps) Analyst is responsible for advanced monitoring and analysis of the Dartmouth-Hitchcock Health (D-HH) cybersecurity posture. Works together with other D-HH SecOps analysts and the D-HH security operations center (SOC) to prepare for, monitor, detect, prioritize, analyze, respond to, and report on cybersecurity incidents. Functions as the senior threat hunter and ensures D-HH threat intelligence is accurate, timely, accessible, and integrated into key cybersecurity tools.

1. Maintain, monitor, and analyze cybersecurity audit logs and events to ensure operational audit logging, alerting, and reporting for detection of cybersecurity incidents. Collaborate with SOC analysts to improve visibility into D-HH systems and event correlation. Analyze, classify, and prioritize event alerts. Triage potential cybersecurity incidents for investigation. Report incidents according to procedures.
2. Respond to cybersecurity incidents. Maintain incident response plans, playbooks, and procedures. Conduct and document complex investigations of cybersecurity breaches and incidents. Assess impact on the organization and report findings.
3. Manage threat intelligence through advanced threat hunting activities. Collect and analyze threat intelligence. Correlate threats and vulnerabilities, audit logs to maintain situational awareness, and incorporate threat intelligence into D-HH security tools.
4. Manage enterprise vulnerabilities by identifying, analyzing, and prioritizing vulnerabilities across the enterprise. Report on recommended patching and remediation efforts. Follow escalation procedures as necessary. Perform penetration testing on specific devices and assist third-party penetration testing on the D-HH network.
5. Perform system testing for new cybersecurity tools.
6. Handle and triage end-user and customer-reported incidents and requests.
7. Perform other duties as required or assigned.

• Bachelor’s Degree in Computer Science, Engineering, Cybersecurity, or a related field, or equivalent education and experience.
• Five (5) years of increasing responsibility and experience in Information Technology.
• Demonstrable knowledge, certification, or experience with cybersecurity frameworks, tools, and techniques. Cybersecurity and/or system administration experience is strongly preferred.
• Experience with incident detection, response, and digital forensic techniques and investigations is strongly preferred.
• Experience with end-user support, security event and audit log management systems, vulnerability scanning, malware handling and analysis, and knowledge of security controls are highly desirable.
• Strong written and verbal communication skills and ability to work independently.
• Meticulous attention to detail, problem-solving skills, ability to work under pressure, and meet deadlines.
• Familiarity with healthcare regulatory standards like HIPAA and NIST.
• Self-directed, flexible, with excellent organizational, analytical, and interpersonal skills.

• Possession of a professional security certification such as CEH, CISSP, CISA, CISM, or SANS.