[Hiring] Cyber Security Operations Center (CSOC) Analyst- Tier 3 @athenahealth

Role Description

This role involves working as a security analyst in the Cyber Security Operations Center (CSOC) team at athenahealth. It is a highly technical, hands-on position that acts as a top-tier (Tier 3) incident responder for various cyber security incidents.

• Handle potential incidents and act as a subject matter expert for all security-related tickets.
• Receive incident escalations from Tier 1 and 2 analysts, assisting with real-time advanced analysis, response, and reporting.
• Mentor and assist in training Tier 1 and 2 analysts.
• Proactively hunt for threats and enact identification, containment, and eradication measures.
• Serve as a point person for coordination during security incidents.
• Create thorough reports and documentation of all incidents and procedures.
• Conduct remote remediation and work with onsite teams when necessary.
• Initiate root cause analysis and ensure quality forensic materials are captured.
• Assist in the general maintenance and improvement of procedures, processes, and playbooks.
• Conduct research regarding the latest methods, tools, and trends in digital forensics analysis.
• Follow standard operating procedures (SOPs) to ensure timely triage of tickets.
• Excel at documentation and detailed note-taking.
• Communicate risk, prioritize incident response actions, and maintain composure under pressure.
• Participate in off-hours on-call incident handler rotation.

Qualifications

• Bachelor's degree or higher in cyber security, computer science, or related field.
• 6-10 years of cyber security experience, including at least five years in an incident response role.
• Completion of relevant certifications such as GIAC Certified Incident Handler (GCIH) or equivalent.
• Experience with endpoint detection and response (EDR) solutions.
• Familiarity with information security areas such as incident response, computer forensics, and malware analysis.
• Experience in distributed systems and cloud-based architecture.
• Familiarity with common phishing attacks and security risks.
• Strong written and verbal communication skills.

Requirements

• Advanced experience with security tools like Splunk, CrowdStrike EDR, and Microsoft Defender components.
• Understanding of the incident response lifecycle and forensic workflows.
• Ability to work independently and as part of a team.
• Strong analytical and problem-solving skills.
• Ability to prioritize work and complete tasks in a timely manner.

Benefits

• Health and financial benefits.
• Perks specific to each location, including commuter support and employee assistance programs.
• Flexible work-life balance with options for remote work.
• Company culture based on learning and inclusivity.

Work Environment

• Requires being on-call during off hours.
• May require occasional weekend work.
• Remote, but must be physically located within the USA.
• Must work in Eastern Standard Time (ET).

Expected Compensation

$121,000 - $207,000. The base salary range reflects the full range for this role from minimum to maximum, depending on multiple factors.