This role supports specialized functions within the security organization and plays a key role in enhancing our security posture by minimizing the overall attack surface and risk exposure. Candidates must have hands on experience in threat and vulnerability management, insider threat management, cyber security, or an intelligence related discipline. Applicates must have the ability to methodically examine the organization through the perspective of a threat actor and articulate observed risks with accuracy and precision.
Engage in tactical and strategic design and deployment of defensive operations, preventive measures, and cyber security controls to enhance overall organizational security and minimize attack surface.
Collect, analyze and interpret both structured and unstructured data to formulate a comprehensive view into current and emerging threats.
Engage with technical and non-technical staff to develop, deploy, maintain scalable controls to minimize risk exposure across numerous systems and technologies.
Engage with clinical leaders to evaluate medical devices and other critical systems, identify threats, develop mitigating controls, and communicate business risk as it relates to the overall threat posture.
Conduct end-to-end investigations and identify attack tactics, paths, methods, capabilities with the goal of developingcomprehensive threat detection models and enterprise wide recommendations for scalable mitigating controls.
Develop and analyzedynamic attack indicators or risk detection models to identify patterns of non-compliance and develop capabilities to minimize security risks.
Conduct vulnerability assessments in support of security, compliance, and regulatory controls in alignment with business requirements.
Perform assessments of systems and network environments or enclaves to measure risk associated with assets based on enclave policies, configuration information, vulnerability details, or other risk indicators.
Collaborate and engage internal groups such as security engineering, security operations, network operations, Biomed, Human resources, clinical groups, physical security and other internal stakeholders to identify threats and reach holistic mitigations.
Develop processes and standard operating procedures to support team resiliency and knowledge transfer.
Own and execute on strategic and tactical projects and key initiatives in alignment with organizational goals and objectives.
Experience, Knowledge, Skills, abilities
Minimum 3 years of experience in an intelligence role, engineering, information security, threat intelligence, military intelligence, defense intelligence or equivalent.
Minimum of 3 years of experience in conducting technical investigations or technical audits.
Bachelor’s degree in intelligence studies, cybersecurity, computer science, information technology, information security, engineering, or equivalent working experience; master’s degree is a plus.
Advanced experience with enterprise threat and vulnerability management programs, Insider threat programs, security testing and remediation, and infrastructure scanning.
Advanced Knowledge of OWASP and experience in cyber risks management and threat intelligence related to cyber attackers including common hacking tools, common attack vectors, and knowledge of behavioral patterns connected to fraud, risk, and abuse.
Moderate knowledge and hands-on experience implementing system hardening techniques and best practices.
Moderate knowledge of security technologies, including, SIEM, IDS/IPS, firewalls, endpoint security, content filtering, and packet inspection.
Moderate knowledge of threat hunting tools, open source intelligence collection methods, and related technologies.
Moderate knowledge of common tools and operating systems such as Wireshark, Metasploit, Nmap, Burp suite, Nessus, Kali, Windows, and OSX.
General networking knowledge and an understanding of the OSI Model and TCP/IP.
Experience performing security investigations, triage, and response on cloud platforms (AWS, Azure, Google Cloud).
Advanced analytical skills and ability to identify advanced threats by analyzing various raw data streams.
Moderate knowledge of scripting languages such as Python, Perl, PowerShell, bash or similar.
Moderate knowledge and hands on experience with common industry frameworks such as ATT&CK, Kill Chain, Diamond Model, NIST, HIPPA, PCI.
Experienced with supporting joint enterprise security group in major incidents andcyber investigations.
Experience handling highly confidential, business critical information in a professional manner.
Strategic thinker, data-driven and analytical in approach to solving problems.
Excellent teamwork, interpersonal, effective oral and written communication skills along with prior experience in a dynamicteam environment.
Baylor Scott & White Health (BSWH) is the largest not-for-profit health care system in Texas and one of the largest in the United States. With a commitment to and a track record of innovation, collaboration, integrity and compassion for the patient, BSWH stands to be one of the nation’s exemplary health care organizations. Our mission is to serve all people by providing personalized health and wellness through exemplary care, education and research as a Christian ministry of healing. Joining our team is not just accepting a job, it’s accepting a calling!