What are the responsibilities and job description for the Cyber Security Incident Responder position at CVS Health?
Job Description
To combat cybersecurity threats, CVS Health has established a robust Security Operations Center (SOC) and a professional Computer Security Incident Response Team (CSIRT) that utilize advanced SIEM (Security Incident Element Manager), security appliances, and technologies to monitor the environment for compromise. The CVS Health Computer Security Incident Response Team works to effectively manage incidents according to NIST 800-61 standards recommendations.
CVS Health CSIRT is responsible for assessing, managing, monitoring and correlating a wide range of data, and producing actionable information to be used by the business to enable decisions and define actions relating in keeping CVS Intellectual Property, business information, and customer and employee PII and PHI secure.
CVS Health CSIRT leads advanced threat incident management and response across the enterprise. The CVS Health CSIRT communicates and works with:
Executive Leadership and Senior Management.
- System and Network Administrators.
- Application owners and developers.
- CVS Health Business Units.
- Subject matter and technical experts.
- Loss prevention.
- Security officers.
- Human resources.
- Privacy Office.
- Office of General Counsel.
Roles and Responsibilities
- Computer incident response leadership.
- Log analysis.
- Forensic image analysis.
- Timeline analysis.
- Kill Chain analysis.
- Threat modeling.
- Preparation of incident status and reports.
- Interface to CVS Health Business Units, IT leads, third parties supporting IT Operations, Security Operations, and law enforcement.
Open to office in AZ, CT, RI, IL, or TX.
*Potential for work from home*
Pay Range
The typical pay range for this role is:
Minimum: 90,000
Maximum: 180,000
Please keep in mind that this range represents the pay range for all positions in the job grade within which this position falls. The actual salary offer will take into account a wide range of factors, including location.
Required Qualifications
-5 years relevant work experience in information technology or security roles with experience in the health services or financial industries.
-2 years of professional experience in the health care or insurance industry.
-1 year of incident response experience
-1 years of experience performing and documenting log review focused investigation analysis
Preferred Qualifications
- National Security Administration – Department of Homeland Security certification for NTISSI/CNS standards 4011-4016 – preferred.
- Certified Computer Forensics Examiner (Access Data, SANS) – preferred.
- Certified Information Security Systems Professional (CISSP) – required.
- Certified Information Systems Manager (CISM) – preferred.
- Certified in Information Systems Risk Management (CRISC) – preferred.
- Or the ability to work toward obtaining certifications.
- IT crisis management experience.
- Experience in information security technologies and techniques from architecture to planning and implementation.
- Experience in organizing resources, establishing priorities, and leading information security incidents.
- Experience in DoD, DISA, NSA, and military information security related projects and programs including those requiring a security clearance. Military communications systems and physical security experience desirable.
- Knowledge of information security regulations: PCI, GLBA, and Safe Harbor.
- Knowledge of various industry and government strategies and standards in privacy and security including ITIL, COBIT, ISO 27001, and NIST standards.
- Knowledge of current and evolving Information security technologies that cover all levels of IT architecture including those that affect business processes, data, applications, and network and systems infrastructure.
Technical Skills
- Experience with the following information security technologies and principles:
- Firewalls.
- Proxy.
- Malware sandboxing and reverse engineering.
- EDR.
- AV
- DLP
- EuBA
- Kill Chain Analysis
- Undergraduate degree in information systems or computer science.
- Advanced degree in engineering, Cybersecurity, information assurance, information security, information systems or computer science - preferred.
Education
Bachelors Degree in Information System or Computer Science or Advanced degree in engineering, Cybersecurity, information assurance, information security, information systems or computer science or Equivalent Experience
Business Overview
Bring your heart to CVS Health Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver. Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable. We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an affirmative action employer, and is an equal opportunity employer, as are the physician-owned businesses for which CVS Health provides management services. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for CVS Health job opportunities.
To combat cybersecurity threats, CVS Health has established a robust Security Operations Center (SOC) and a professional Computer Security Incident Response Team (CSIRT) that utilize advanced SIEM (Security Incident Element Manager), security appliances, and technologies to monitor the environment for compromise. The CVS Health Computer Security Incident Response Team works to effectively manage incidents according to NIST 800-61 standards recommendations.
CVS Health CSIRT is responsible for assessing, managing, monitoring and correlating a wide range of data, and producing actionable information to be used by the business to enable decisions and define actions relating in keeping CVS Intellectual Property, business information, and customer and employee PII and PHI secure.
CVS Health CSIRT leads advanced threat incident management and response across the enterprise. The CVS Health CSIRT communicates and works with:
Executive Leadership and Senior Management.
- System and Network Administrators.
- Application owners and developers.
- CVS Health Business Units.
- Subject matter and technical experts.
- Loss prevention.
- Security officers.
- Human resources.
- Privacy Office.
- Office of General Counsel.
Roles and Responsibilities
- Computer incident response leadership.
- Log analysis.
- Forensic image analysis.
- Timeline analysis.
- Kill Chain analysis.
- Threat modeling.
- Preparation of incident status and reports.
- Interface to CVS Health Business Units, IT leads, third parties supporting IT Operations, Security Operations, and law enforcement.
Open to office in AZ, CT, RI, IL, or TX.
*Potential for work from home*
Pay Range
The typical pay range for this role is:
Minimum: 90,000
Maximum: 180,000
Please keep in mind that this range represents the pay range for all positions in the job grade within which this position falls. The actual salary offer will take into account a wide range of factors, including location.
Required Qualifications
-5 years relevant work experience in information technology or security roles with experience in the health services or financial industries.
-2 years of professional experience in the health care or insurance industry.
-1 year of incident response experience
-1 years of experience performing and documenting log review focused investigation analysis
Preferred Qualifications
- National Security Administration – Department of Homeland Security certification for NTISSI/CNS standards 4011-4016 – preferred.
- Certified Computer Forensics Examiner (Access Data, SANS) – preferred.
- Certified Information Security Systems Professional (CISSP) – required.
- Certified Information Systems Manager (CISM) – preferred.
- Certified in Information Systems Risk Management (CRISC) – preferred.
- Or the ability to work toward obtaining certifications.
- IT crisis management experience.
- Experience in information security technologies and techniques from architecture to planning and implementation.
- Experience in organizing resources, establishing priorities, and leading information security incidents.
- Experience in DoD, DISA, NSA, and military information security related projects and programs including those requiring a security clearance. Military communications systems and physical security experience desirable.
- Knowledge of information security regulations: PCI, GLBA, and Safe Harbor.
- Knowledge of various industry and government strategies and standards in privacy and security including ITIL, COBIT, ISO 27001, and NIST standards.
- Knowledge of current and evolving Information security technologies that cover all levels of IT architecture including those that affect business processes, data, applications, and network and systems infrastructure.
Technical Skills
- Experience with the following information security technologies and principles:
- Firewalls.
- Proxy.
- Malware sandboxing and reverse engineering.
- EDR.
- AV
- DLP
- EuBA
- Kill Chain Analysis
- Undergraduate degree in information systems or computer science.
- Advanced degree in engineering, Cybersecurity, information assurance, information security, information systems or computer science - preferred.
Education
Bachelors Degree in Information System or Computer Science or Advanced degree in engineering, Cybersecurity, information assurance, information security, information systems or computer science or Equivalent Experience
Business Overview
Bring your heart to CVS Health Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver. Our Heart At Work Behaviors™ support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable. We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an affirmative action employer, and is an equal opportunity employer, as are the physician-owned businesses for which CVS Health provides management services. We do not discriminate in recruiting, hiring, promotion, or any other personnel action based on race, ethnicity, color, national origin, sex/gender, sexual orientation, gender identity or expression, religion, age, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for CVS Health job opportunities.
Security Guard - Special Responder
GardaWorld Security Services U.S. -
Manchester, CT
Clinical Director - Adult Medicine
Brilliance Cyber Systems INC -
Hartford, CT
Security Guard
Arrow Security -
Windsor, CT