Incident Response Analyst II

You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world.  As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.
 

Position Purpose:
Investigates and resolving security incidents, recommending enhancements to improve security, identifying common attack patterns to publicly exposed aspects of the organization's environment, and contributing to the implementation of scalable and preventative security measures. Executes enterprise-wide Incident Response Plan. Partners with business units to accomplish enterprise-wide remediation and develops and delivers presentations to senior leadership team.

• Participates in the review of current configurations of Centene’s production information systems and networks against compliance standards
• Assists with the prevention and resolution of security breaches and ensure incident and response management processes are initiated
• Assists with the implementation of and discuss security service audit schedules, review access authorization, and perform the required access controls testing to identify security shortfalls
• Participates in the design of automated scripts, contingency plans, and other programmed responses which are launched when an attack against Centene’s systems has been detected
• Collaborates with Information Security Architects, Information Security Engineers, and software or hardware stakeholders at Centene
• Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, triaging of security alerts, events, and notifications
• Ties third party attack monitoring services and threat reporting services, into internal CIRT (Cyber Incident Response Team) communications systems
• Performs post-mortem analysis with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users
• Performs other duties as assigned
• Complies with all policies and standards

Education/Experience:
A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science).
Requires 2 – 4 years of related experience.
Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.
Technical Skills:

• Knowledge of tools, techniques and processes (TTP) used by threat actors
• Knowledge of Indicators of compromise (IOC)
• Experience with Endpoint protection and enterprise detection & response software (such as CrowdStrike, Proofpoint, Microsoft Defender, Splunk, or query languages like SPL, KQL, or SQL)
• Knowledge of Network and infrastructure technologies including routers, switches, firewalls, etc.

Soft Skills:

• Intermediate - Seeks to acquire knowledge in area of specialty
• Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
• Intermediate - Ability to work independently

License/Certification:

• SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent, SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules.  Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law, including full-time or part-time status.  Total compensation may also include additional forms of incentives. Benefits may be subject to program eligibility.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.

Qualified applicants with arrest or conviction records will be considered in accordance with the LA County Ordinance and the California Fair Chance Act