We are seeking a vigilant and detail-oriented Threat Triage Specialist (Tier 1) to join our MDR team, specializing in protecting healthcare applications within AWS, Azure, and GCP environments. You will play a crucial role in monitoring security systems, identifying potential threats, and implementing initial response procedures to safeguard sensitive patient data and critical healthcare systems.

Responsibilities:

• Threat Detection:
  • Diligently monitor security systems, including SIEM, for alerts and anomalies.
  • Analyze and correlate data from multiple sources to identify potential incidents accurately.
  • Demonstrate a keen understanding of common healthcare cybersecurity threats and vulnerabilities.
• Initial Response and Escalation:
  • Implement basic preliminary response procedures following established playbooks.
  • Conduct initial investigations to assess the scope and severity of potential incidents.
  • Collaborate with customers to validate and gather additional information as needed.
  • Escalate potential incidents to Tier 2 analysts for containment, deeper investigation, and remediation.
• False Positive Management and Documentation:
  • Effectively resolve false positives to minimize alert fatigue and maintain a clear focus on genuine threats.
  • Maintain accurate and comprehensive documentation of all incidents and actions taken.
• Threat Detection Rule Management:
• Manage basic threat and vulnerability detection rules within the MDR platform to ensure optimal coverage and effectiveness.
• Stay updated on emerging threats and vulnerabilities in the healthcare sector and cloud environments.

Qualifications:

• 1-3 years of experience in a cybersecurity analyst role or equivalent experience.
• Strong understanding of cloud security principles and best practices, particularly within AWS, Azure, or GCP.
• Familiarity with common cybersecurity tools and technologies, including SIEM, firewalls, and intrusion detection systems.
• Excellent analytical and problem-solving skills.
• Strong attention to detail and ability to work independently.
• Excellent written and verbal communication skills.

Preferred Qualifications:

• Experience in the healthcare industry or with securing healthcare applications.
• Relevant certifications (e.g., GSEC, Security , CEH).

Additional Information:

• This position requires a high level of attention to detail and the ability to work independently under pressure.
• Must be able to work flexible hours, including evenings and weekends, to respond to security incidents as needed.
• Ability to work effectively in a fast-paced, team-oriented environment.

Key Performance Indicators:

• Alert triage accuracy
  • 85% of alerts correctly categorized in terms of priority:
  • Each alert correctly assigned a priority level (Critical, High, Medium, Low) based on potential impact and urgency.
  • False positives identified and rectified within 24 hours:
  • False positives correctly identified and re-categorized within the given timeframe.
  • Updated detection rules to prevent future false positives of the same type.
• Mean Time to Investigate (MTTI) SLA attainment
  • Achieve MTTI SLA targets for initial investigation and risk assessment.
  • Achieve and consistently meet SLA targets (e.g., 30 minutes, 4 hours) for 90% of triaged alerts.
  • Time measured from alert receipt to initial investigation and risk assessment.
• Customer satisfaction with initial threat investigation:
• Maintain an average client satisfaction score of 4 out of 5 for incident response handling:
• Regularly collect and analyze customer feedback on communication, effectiveness, and timeliness of alert triage an initial investigation.

Why You’ll Like Working Here:

• A dynamic company that rewards high-performers.
• Be on the cutting edge of new technologies and services.
• Collaborative team environment that values multiple perspectives and fresh thinking.
• Medical, Dental, Vision, HSA, Life and 401K.
• Unlimited Vacation.
• Salary Budget: $60,000

ClearDATA is an EEO/AA employer M/F/V/D