Centene Corporation · 1 day ago

Incident Response Analyst II (State)

Full-time

Remote

Entry, Mid Level

$34.81/hr - $62.54/hr

2+ years exp

Maximize your interview chances

Hospital & Health Care

Actively Hiring

Insider Connection @Centene Corporation

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Participates in the review of current configurations of Centene’s production information systems and networks against compliance standards

Assists with the prevention and resolution of security breaches and ensure incident and response management processes are initiated

Assists with the implementation of and discuss security service audit schedules, review access authorization, and perform the required access controls testing to identify security shortfalls

Participates in the design of automated scripts, contingency plans, and other programmed responses which are launched when an attack against Centene’s systems has been detected

Collaborates with Information Security Architects, Information Security Engineers, and software or hardware stakeholders at Centene

Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, triaging of security alerts, events, and notifications

Ties third party attack monitoring services and threat reporting services, into internal CIRT (Cyber Incident Response Team) communications systems

Performs post-mortem analysis with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users

Performs other duties as assigned

Complies with all policies and standards

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Security Incident ResponseEndpoint Protection SoftwareNetwork TechnologiesIndicators of CompromiseSANS GIAC CertificationsThreat Actor TechniquesData Analysis

Required

A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science)

Requires 2 – 4 years of related experience

Knowledge of tools, techniques and processes (TTP) used by threat actors

Knowledge of Indicators of compromise (IOC)

Experience with Endpoint protection and enterprise detection & response software (such as CrowdStrike, Proofpoint, Microsoft Defender, Splunk, or query languages like SPL, KQL, or SQL)

Knowledge of Network and infrastructure technologies including routers, switches, firewalls, etc.

Intermediate - Seeks to acquire knowledge in area of specialty

Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions

Intermediate - Ability to work independently

Complies with all policies and standards

Preferred

SANS GIAC Security Essentials (GSEC), SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent, SANS GIAC Certified Incident Handler (GCIH) or equivalent