Cyber Security Operations Centers Analyst- Tier 2
Athenahealth
Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
The Information Security group at athenahealth is looking for a security analyst to join our Cyber Security Operations Center (CSOC) team. This is a hands-on role that acts as the initial triage for any incoming security incident-related request or alerts via automated workflows.
You must be someone who can debug complex problems and use methodical processes when troubleshooting a technical issue. You must be an excellent communicator who can work with stakeholders to understand employee questions and potential concerns. You must provide strong customer support and understand how and when to appropriately escalate potential issues, but also when to communicate statuses between shifts if issues are not resolved. You are a tenacious, but nimble learner, who demonstrates design and engineering excellence. Being able to communicate security issues to employees in a non-technical manner is critical to success.
The Team:
The CSOC team within the Information Security group at athenahealth is a three-tiered structure responsible for ensuring the company's products and infrastructure are as secure as possible. The team works cross-functionally across the business with stakeholders to provide support, guidance, and technical implementations where appropriate, to include triage, containment, and remediation when applicable.
Job Responsibilities:
- Act as the initial triage point for all security-related tickets that come into the team's various queues (including triage, containment, and remediation when necessary).
- Understand the basic incident response lifecycle and the analytical mindset when it comes to triage and investigations.
- Follow standard operating procedures (SOPs) to ensure tickets are triaged appropriately and in a timely manner, according to SLAs.
- Excel at documentation and detailed notetaking, including SOP writing, incident reporting, e-mail and instant messaging etiquette, and most importantly, documenting incident actions in tickets.
- Ability to know when to appropriately escalate a potential issue to peers and/or leadership.
- Willingness and ability to review and help develop strong documentation for stakeholders and team members.
- Desire to learn new concepts and technologies to grow and take on more responsibility over time.
- Champion security tooling: ensure teams know about it and use it during their daily coding activities.
- Familiarity with security tools like Splunk, CrowdStrike EDR, Carbon Black EDR, Proofpoint tools, Microsoft Defender components, Cylance Protect, Office 365 tools, PowerShell, and various network tools, etc.
- Understanding the various stages of incident response, the importance and critical factors of an investigation, and how to contain as soon as possible.
- Understand the incident response lifecycle, the Lockheed Martin Cyber Kill Chain, the MITRE framework, and the forensic workflows as outlined by NIST.
- Work with development teams to ensure they're using best practices and company processes in their daily activities.
- Drive self-organization; help determine how the team functions in collaboration with your peers
- Respond to phishing attacks by tracking down and recalling malicious e-mails; contact users who may be impacted.
- Build strong relationships with cross-functional team members between the three tiers of the CSOC.
- Participate in off-hours on-call rotation, as required, and necessary.
Typical Qualifications:
- Bachelor’s Degree in a computer-related field (computer science, information security, etc.) or equivalent job experience.
- 2-5 years of IT security experience, with some exposure to information security (also known as cyber security).
- Completion of the Security+ certification, GIAC Certified Incident Handler (GCIH), GIAC Security Essentials (GSEC), GIAC Security Operations Certified (GSOC) or equivalent.
- Experience or knowledge of endpoint detection and response (EDR) solutions, which are the majority of incident response detections in 2024, which includes a fundamental understanding of memory processes and memory management practices, or the willingness to learn these principles.
- Information Security familiarity and training, including areas such as incident response, computer forensics, risk assessment, vulnerability testing, penetration testing, secure development lifecycle, threat modeling, and risk management.
- Experience in distributed systems and cloud-based architecture including Amazon AWS, Microsoft Azure, and the native security tools available in these environments (Data Explorer, GuardDuty, Log Analytics, etc.).
- Familiarity with Unix/Linux, Windows, SQL, macOS, shell scripting, and various other technologies.
- Familiarity with common phishing attacks, methods, and risks to look out for from a security perspective.
- Basic understanding and exposure to project management and collaborative software applications such as Jira, Confluence, SharePoint, ServiceNow, MS Teams, etc.
- Have strong written and verbal communication skills and not be afraid to ask questions or for advice.
- Be a strong team member and collaborate often and openly.
About athenahealth
Here’s our vision: To create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
What’s unique about our locations?
From an historic, 19th century arsenal to a converted, landmark power plant, all of athenahealth’s offices were carefully chosen to represent our innovative spirit and promote the most positive and productive work environment for our teams. Our 10 offices across the United States and India — plus numerous remote employees — all work to modernize the healthcare experience, together.
Our company culture might be our best feature.
We don't take ourselves too seriously. But our work? That’s another story. athenahealth develops and implements products and services that support US healthcare: It’s our chance to create healthier futures for ourselves, for our family and friends, for everyone.
Our vibrant and talented employees — or athenistas, as we call ourselves — spark the innovation and passion needed to accomplish our goal. We continue to expand our workforce with amazing people who bring diverse backgrounds, experiences, and perspectives at every level, and foster an environment where every athenista feels comfortable bringing their best selves to work.
Our size makes a difference, too: We are small enough that your individual contributions will stand out — but large enough to grow your career with our resources and established business stability.
Giving back is integral to our culture. Our athenaGives platform strives to support food security, expand access to high-quality healthcare for all, and support STEM education to develop providers and technologists who will provide access to high-quality healthcare for all in the future. As part of the evolution of athenahealth’s Corporate Social Responsibility (CSR) program, we’ve selected nonprofit partners that align with our purpose and let us foster long-term partnerships for charitable giving, employee volunteerism, insight sharing, collaboration, and cross-team engagement.
What can we do for you?
Along with health and financial benefits, athenistas enjoy perks specific to each location, including commuter support, employee assistance programs, tuition assistance, employee resource groups, and collaborative workspaces — some offices even welcome dogs.
In addition to our traditional benefits and perks, we sponsor events throughout the year, including book clubs, external speakers, and hackathons. And we provide athenistas with a company culture based on learning, the support of an engaged team, and an inclusive environment where all employees are valued.
We also encourage a better work-life balance for athenistas with our flexibility. While we know in-office collaboration is critical to our vision, we recognize that not all work needs to be done within an office environment, full-time. With consistent communication and digital collaboration tools, athenahealth enables employees to find a balance that feels fulfilling and productive for each individual situation.
athenahealth is committed to a policy of equal employment opportunity—that’s why we recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law. We’re happy to provide a reasonable accommodation, for those with a disability, to complete any part of the application process. If you are unable to access or use this online application process and need an alternative method for applying, please contact us at taoperations@athenahealth.com for assistance.