Franciscan Health Cyber Security Incident Response Coordinator in Beech Grove, Indiana
Cyber Security Incident Response Coordinator
Franciscan Alliance1500 Albany Street Beech Grove, IN 46107
WHAT WE NEED
Cyber Security Incident Response Coordinator
WHO WE ARE LOOKING FOR
The Cyber Security Incident Response Coordinator is an integral part of our IS incident and team. This is the role that provides direction in response to alerts sent from the centralized log management system or from a Managed Security Services Provider, and ensures activities are documented. The person who also leads and assists Franciscan’s security incident response team in information security investigations. This position also works with Franciscan Compliance functions, Privacy Officers, and Physical Security when needed for other investigations. It leverages knowledge of digital events captured in logs as well as other informaton to recommend courses of action and in making response decisions. The position also provides leadership and logistic support to members of the incident response team, create and maintain policies, standards and procedures. This Cyber Security Incident Response Coordinator works with security operations and security engineering personnel to research, recommend, and implement open source or commercial tools that may aid in security incident investigations. Lastly this position is responsible for designing, coordinating, and executing tabletop exercises. This is a job that requires someone who is prompt, precise and professional. Think you’ve got what it takes? Do you have incident response experience? Are you a good problem-solver? Are you quick at learning, applying new information, and following instructions for standardized processes ? We need someone with these skills on our team.
WHAT YOU WILL DO
Provide direction to and logistical support for information security incident responders.
Collaborate with internal resources as needed to bring resolution to information security incidents.
Work with vendors, including forensic specialists as needed to investigate, manage and resolve incidents.
Communicate status of security incidents to appropriate audiences at the appropriate times, including problem escalation and time-sensitive matters.
Establish and enforce incident response processes in cooperation with MSSPs providing centralized log management and review / alerting of noteworthy events.
Maintain required documentation in accordance with policy and best practices.
Review reports from centralized log management system, take action where necessary or assigns a team member to take action; evaluate the need to add reports to the centralized log management system, working with FAIS staff and MSSP to establish new reports.
Support efforts to design, plan, execute, and report on tabletop exercises.
Collect data and create incident metrics.
Create and review incident response operational policies, procedures, and standards.
WHAT IT TAKES TO SUCCEED
Prior experience in an Information Technology or Information Security Department, with incident response experience.
Strong familiarity with the phases of security incident response: Detection, Analysis, Containment, Eradication, Recovery, and Post Incident Activities.
In-depth understanding of the types of events of interest in electronic logs.
Understanding of methodology of designing and executing incident response tabletop exercises.
Strong familiarity with best practices related to security incident response activities and protocols, including litigation holds, chain of custody, and playbooks.
Awareness of incident response requirements of HIPAA, PCI DSS and other applicable laws, regulations and guidelines.
WHAT WE'RE LOOKING FOR
Required: Associates Degree in an IT-related discipline (e.g. Computer Science, MIS, Information Security) or a minimum of 5 years’ experience in an Information Technology or Information Security Department with incident response experience.
Preferred: Bachelor of Science Degree in an IT-related discipline (e.g. Computer Science, MIS, Information Security).Preferred: 3 - 5 years experience in the healthcare industry; experience in incident response activities aligning with essential jobs functions.
Preferred: An industry-recognized certification or vendor training related to vulnerability scanning/management, Centralized log management, firewalls, IPS/IDS, or incident response.
Travel: Up to 20%
EQUAL OPPORTUNITY EMPLOYER
It is the policy of Franciscan Alliance to provide equal employment to its employees and qualified applicants for employment as otherwise required by an applicable local, state or Federal law.
Franciscan Alliance reserves a Right of Conscience objection in the event local, state or Federal ordinances that violate its values and the free exercise of its religious rights.
Franciscan Alliance is committed to equal employment opportunity.
Beech Grove, IN, US, 46107
Up to 20%
1500 Albany Street