Humana San Juan Province, Argentina
Aug 12, 2019
Description The Senior Threat Management Engineer ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. The Senior Threat Management Engineer work assignments involve moderately complex to complex issues where the analysis of situations or data requires an in-depth evaluation of variable factors. Responsibilities The primary objectives of the Senior Threat Management Engineer are to participate and lead the delivery of Incident Response and Threat Hunting services within Humana. The services include the response to incidents in public/private client cloud environments, digital and network forensics, memory analysis of user endpoints and servers, malware and exploit analysis, finding, analyzing and researching new exploits. It also requires to handle (leverage, create and share) threat intelligence to enhance the overall quality of services and our security posture. This role will also lead the research on new cyber security tools to complement or upgrade the existing toolset. This is a hands-on role, requiring strong technical skills as well as a good understanding of the Cyber security problem and solutions. Key Responsibilities: You will be responsible for the execution of incident handling functions as well as direct response to security incidents affecting Humana and its subsidiaries. Propose and coordinate incident response plans Correlate incident data to identify specific vulnerabilities and make recommendations that enable containment of the threats and an expeditious remediation Conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations. Recognize and organize attacker tools, tactics, and procedures (TTPs) and indicators of compromise (IOCs) that can be applied to current and future investigations. Conducts as needed ad-hoc incident analysis Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities Periodically assess the limitations of the existing methods and tools in the hunter/responder toolset and propose enhancements. Leverage threat intelligence, document threats as needed and share intelligence from analysis to further enhance service quality and delivery Coach less experienced members of the team in threat hunting and incident response topics Required Qualifications Minimum 5 years working experience in IT Security, preferably with exposure to security analysis, incident response and threat intelligence analysis. Strong sense of ethics & values, ability to handle confidential situations with discretion Strong understanding of the cyber security capabilities and threat landscape Strong understanding of network and computer forensics Understanding of malware analysis and reverse engineering Strong understanding of network protocols, design and operations Vulnerability and threat analysis experience Working knowledge of Security principles, techniques and technologies This role requires experience effectively communicating event details and technical analysis to technical audiences and stakeholders on the client side. Strong analytical and problem solving skills Ability to multi-task and prioritize workload Excellent/clear communication skills (written and oral) in to participate in security incidents Willingness to learn Preferred Qualifications Bachelor degree or higher, technical discipline CISSP, GCFA, GNFA, GCIA, GCIH, OSCP and other relevant information security certifications Big data / Analytics experience Understanding of artificial intelligence algorithms and application Experience with various security monitoring and endpoint security tools Good understanding of the components of a threat intelligence capability Experience with a scripting language such as Perl, Ruby, Python, and BASH Additional Information The role is eligible for remote/work at home. Scheduled Weekly Hours 40 About Us Mission: At Humana, our cultural foundation is aligned to helping members achieve their best health by delivering personalized, simplified, whole-person healthcare experiences. Recognizing healthcare needs continue to evolve for each person, for each family and for each community, Humana continuously creates innovative solutions and resources that help people live their healthiest lives on their terms when and where they need it. Our employees are at the heart of making this happen and thats why we are dedicated to building an organization of dynamic talent whose experience and passion center on putting the customer first. Equal Opportunity Employer It is our policy to recruit, hire, train, and promote people without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity or expression, disability, or veteran status, except where age, sex, or physical status is a bona fide occupational qualification. View the EEO is the Law poster. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact mailbox tas ...@humana.com for assistance. Humana Safety and Security Humana will never ask, nor require a candidate provide money for work equipment and network access during the application process. If you become aware of any instances where you as a candidate are asked to provide information and do not believe it is a legitimate request from Humana or affiliate, please contact mailbox tas ...@humana.com to validate the request.