Full-Time

Cyber Security Operations Centers Analyst-Tier 2

Posted on 9/9/2024

Athena Health

Athena Health

5,001-10,000 employees

Cloud-based healthcare management solutions provider

Social Impact
Healthcare

Junior, Mid

Boston, MA, USA

Category
Cybersecurity
IT & Security
Required Skills
PowerShell
Microsoft Azure
ServiceNow
SQL
JIRA
Confluence
Splunk
Linux/Unix
Requirements
  • Bachelor’s Degree in a computer-related field (computer science, information security, etc.) or equivalent job experience.
  • 2-5 years of IT security experience, with some exposure to information security (also known as cyber security).
  • Completion of the Security+ certification, GIAC Certified Incident Handler (GCIH), GIAC Security Essentials (GSEC), GIAC Security Operations Certified (GSOC) or equivalent.
  • Experience or knowledge of endpoint detection and response (EDR) solutions, which are the majority of incident response detections in 2024, which includes a fundamental understanding of memory processes and memory management practices, or the willingness to learn these principles.
  • Information Security familiarity and training, including areas such as incident response, computer forensics, risk assessment, vulnerability testing, penetration testing, secure development lifecycle, threat modeling, and risk management.
  • Experience in distributed systems and cloud-based architecture including Amazon AWS, Microsoft Azure, and the native security tools available in these environments (Data Explorer, GuardDuty, Log Analytics, etc.).
  • Familiarity with Unix/Linux, Windows, SQL, macOS, shell scripting, and various other technologies.
  • Familiarity with common phishing attacks, methods, and risks to look out for from a security perspective.
  • Basic understanding and exposure to project management and collaborative software applications such as Jira, Confluence, SharePoint, ServiceNow, MS Teams, etc.
  • Have strong written and verbal communication skills and not be afraid to ask questions or for advice.
  • Be a strong team member and collaborate often and openly.
Responsibilities
  • Act as the initial triage point for all security-related tickets that come into the team's various queues (including triage, containment, and remediation when necessary).
  • Understand the basic incident response lifecycle and the analytical mindset when it comes to triage and investigations.
  • Follow standard operating procedures (SOPs) to ensure tickets are triaged appropriately and in a timely manner, according to SLAs.
  • Excel at documentation and detailed notetaking, including SOP writing, incident reporting, e-mail and instant messaging etiquette, and most importantly, documenting incident actions in tickets.
  • Ability to know when to appropriately escalate a potential issue to peers and/or leadership.
  • Willingness and ability to review and help develop strong documentation for stakeholders and team members.
  • Desire to learn new concepts and technologies to grow and take on more responsibility over time.
  • Champion security tooling: ensure teams know about it and use it during their daily coding activities.
  • Familiarity with security tools like Splunk, CrowdStrike EDR, Carbon Black EDR, Proofpoint tools, Microsoft Defender components, Cylance Protect, Office 365 tools, PowerShell, and various network tools, etc.
  • Understanding the various stages of incident response, the importance and critical factors of an investigation, and how to contain as soon as possible.
  • Understand the incident response lifecycle, the Lockheed Martin Cyber Kill Chain, the MITRE framework, and the forensic workflows as outlined by NIST.
  • Work with development teams to ensure they're using best practices and company processes in their daily activities.
  • Drive self-organization; help determine how the team functions in collaboration with your peers.
  • Respond to phishing attacks by tracking down and recalling malicious e-mails; contact users who may be impacted.
  • Build strong relationships with cross-functional team members between the three tiers of the CSOC.
  • Participate in off-hours on-call rotation, as required, and necessary.

Athenahealth offers cloud-based services to enhance the efficiency of healthcare providers, focusing on electronic health records (EHR), revenue cycle management (RCM), and patient engagement solutions. Their integrated system helps clinicians manage patient information, streamline billing, and improve communication with patients. Unlike competitors, Athenahealth operates on a subscription model and provides support services to maximize the use of their technology. The company's goal is to reduce administrative burdens and improve healthcare delivery, particularly through its initiative, athenaGives, which supports underserved communities.

Company Stage

IPO

Total Funding

$38.9M

Headquarters

Watertown, Massachusetts

Founded

1997

Growth & Insights
Headcount

6 month growth

25%

1 year growth

25%

2 year growth

25%
Simplify Jobs

Simplify's Take

What believers are saying

  • AI-powered Ambient Notes reduce clinical documentation burden, enhancing efficiency for ambulatory practices.
  • Integration with HealthArc's platform automates documentation and boosts patient engagement.
  • AthenaOne for Behavioral Health addresses unique challenges, improving care coordination and efficiency.

What critics are saying

  • Increased competition from AI-driven EHR solutions like Suki may attract healthcare providers.
  • Data privacy concerns may arise from integrating remote care management platforms.
  • Rising demand and provider shortages may strain athenaOne for Behavioral Health's capacity.

What makes Athena Health unique

  • Athenahealth offers a comprehensive, cloud-based solution integrating EHR, RCM, and patient engagement.
  • The company provides specialized solutions like athenaOne for Orthopedics and Behavioral Health.
  • Athenahealth's Marketplace program enhances interoperability with third-party applications.

Help us improve and share your feedback! Did you find this helpful?

INACTIVE