Key skills
PythonRisk ManagementCommunication
About this role
Sentara Health is a renowned healthcare organization committed to providing exceptional patient care and advancing health services through innovative solutions. They are seeking a highly skilled Cybersecurity Analyst to safeguard sensitive healthcare data and infrastructure, focusing on incident response and security automation.
Responsibilities:
- Design, develop, and maintain a customized SOAR platform to automate incident detection, analysis, triage, containment, and reporting processes
- Collaborate with stakeholders across clinical, IT, and security teams to identify repetitive security tasks suitable for automation, enhancing operational efficiency
- Integrate SOAR workflows with existing EDR, SIEM, and other security tools to improve visibility and response times during security incidents
- Continuously tune and update SOAR playbooks to adapt to new threats, regulatory changes, and evolving threat intelligence
- Monitor security platforms for potential threats, leveraging automation to enable rapid and coordinated responses
- Lead incident response efforts, including identification, analysis, containment, eradication, and recovery, with a focus on protecting Protected Health Information (PHI) and minimizing impact on patient care
- Analyze logs, forensic data, and network traffic within complex healthcare IT environments to identify vulnerabilities and respond to threats effectively
- Develop and refine SIEM correlation rules and alerts, integrating them with SOAR workflows to enhance threat detection capabilities
- Participate in a 24/7 on-call rotation, responding promptly to security incidents, escalations, and emergencies, including after-hours and weekends
- Ensure all incident handling and automation activities comply with HIPAA and other healthcare regulations, contributing to continuous improvement processes
- Work closely with clinical, IT, compliance, and third-party vendors to assess risks and remediate vulnerabilities across critical systems and devices
- Maintain detailed documentation of incident responses, automation actions, and security procedures for legal and audit purposes
- Engage in healthcare-specific threat hunting, vulnerability assessments, and security exercises to strengthen organizational resilience
- Stay current with emerging cyber threats, SOAR advancements, vulnerabilities, and regulatory updates affecting healthcare security practices
Requirements:
- Minimum of 3 to 5+ years of relevant experience in cybersecurity, incident response, or a Security Operations Center (SOC) environment, preferably within healthcare
- Bachelor's degree in Cybersecurity, Computer Science, IT, or a related field is required; however, extensive experience can be considered in lieu of formal education
- Proficiency in Python is essential
- Demonstrated experience in implementing SOAR solutions, EDR tools, and SIEM platforms
- Familiarity with HIPAA regulations and healthcare risk management practices
- Strong communication skills
- Ability to work independently
- Capacity to collaborate effectively with technical and clinical stakeholders
- Availability to participate in a 24/7 on-call rotation to respond to security incidents outside of normal business hours
- Certifications such as CISSP or CEH are preferred but not mandatory