Talent.com
Security Analyst - Incident Response
Security Analyst - Incident ResponseCollective Health • San Francisco, CA, United States
[error_messages.no_longer_accepting]
Security Analyst - Incident Response

Security Analyst - Incident Response

Collective Health • San Francisco, CA, United States
[job_card.variable_days_ago]
[job_preview.job_type]
  • [job_card.full_time]
[job_card.job_description]

At Collective Health, we're transforming how employers and their people engage with their health benefits by seamlessly integrating cutting-edge technology, compassionate service, and world-class user experience design.

If you are passionate about our mission and you are an experienced hands-on product and application security professional who is excited about developing and leading a broad range of functions at a mission-driven, highly-regulated technology company, this role is for you.

You'll lead initiatives that address the company's-and some of our industry's-most sophisticated and meaningful security and architectural challenges. You will build relationships across all parts of the business and drive multi-functional initiatives to continuously improve our security and privacy posture. You will be responsible for building and implementing controls that can scale and optimize as we move into a context-aware security environment.

This position is a hands-on role as a cybersecurity incident first responder. This analyst will assist the Incident Response Lead in providing a rapid initial response to any cybersecurity threats, incidents or cyber attacks on the organization. The analyst will utilize a suite of forensic tools to enable investigations on any issues as they develop. Once the cause of the problem has been identified, you will need to restrict any damage, provide immediate workarounds, work with corporate communications, engineering, etc and if possible provide a solution or fix, so that any intrusion or threat to the organization is negated rapidly. Prepare and practice IR plans, perform tabletop exercises, etc. When not actively responding to incidents, you will proactively identify, research, and prioritize threats and associated threat actors.

What you'll do :

  • Triage high-visibility incidents and report findings to Incident Response Lead and CISO
  • Work closely with the Incident Response Lead to resolve cyber related issues, by providing detailed explanations of the incidents and necessary remediations
  • Manage the day to day operations to identify opportunities for process automation and orchestration of processes by collaborating with cross-functional teams
  • Assist in the development, implementation, and monitoring of a SIEM
  • Oversee remediation activities related to exploited system security vulnerabilities
  • Update documentation around the Incident Response Policy and Incident Playbooks
  • Assist in special projects and recommendations for technical security solutions that align with the department's vision and the needs of the business
  • Be an active part of a 24 / 7 / 365 cyber incident response team
  • Collaborate with team members, understand security processes and workflows, prioritize ideas and innovations, and develop improvements to ensure successful execution
  • Educate both security and non-security user groups on security best practices and security policies
  • Assist in facilitating phishing campaigns and other training opportunities
  • Assist with gathering audit evidence to ensure compliance to security policies as well as regulatory compliance (HIPAA, HITRUST, SOC 1, SOC 2, etc.).
  • Assist in creating and tuning alerting rules from various security tools.

Your skills include :

  • Experience developing threat indicators to be used to develop correlated SIEM alerts
  • Experience in managing incident response and forensic tools
  • Strong experience in performing threat assessments, determining what data is applicable to an industry vertical, and reporting on those findings
  • Basic to moderate experience with common attack scenarios in various common layers within enterprise infrastructure (cloud-based issues, code quality, insider threat, etc.,)
  • Moderate experience with socializing and building partnership on security programs and user expectations
  • Moderate experience with training and mentoring the entire company on security
  • Familiarity with security industry standards (ISO 17799, NIST 800 series, etc.) and best practices
  • Understanding of common cyber attack and defense frameworks such as MITRE, NIST 800-61r2.

    • Pay Transparency Statement

    This is a hybrid position based out of our San Francisco office, with the expectation of being in office at least two weekdays per week. #LI-hybrid

    The actual pay rate offered within the range will depend on factors including geographic location, qualifications, experience, and internal equity. In addition to the salary, you will be eligible for stock options and benefits like health insurance, 401k, and paid time off. Learn more about our benefits at https : / / jobs.collectivehealth.com / benefits / .

    San Francisco, CA Pay Range

    $130,000-$170,625 USD

    Why Join Us?

  • Mission-driven culture that values innovation, collaboration, and a commitment to excellence in healthcare
  • Impactful projects that shape the future of our organization
  • Opportunities for professional development through internal mobility opportunities, mentorship programs, and courses tailored to your interests
  • Flexible work arrangements and a supportive work-life balance

    • We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Collective Health is committed to providing support to candidates who require reasonable accommodation during the interview process. If you need assistance, please contact recruiting-accommodations@collectivehealth.com.

    Privacy Notice

    For more information about why we need your data and how we use it, please see our privacy policy : https : / / collectivehealth.com / privacy-policy / .

    [job_alerts.create_a_job]

    Incident Response Analyst • San Francisco, CA, United States

    [internal_linking.similar_jobs]
    Senior Manager - Security Incident Detection and Response

    Senior Manager - Security Incident Detection and Response

    Lambda Inc. • San Francisco, CA, United States
    [job_card.full_time]
    Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers.Our customers range from AI researchers to enterprises and hyperscalers.Lambda's m...[show_more]
    [last_updated.last_updated_1_day] • [promoted]
    Information Security Risk Analyst

    Information Security Risk Analyst

    Varite • San Francisco, CA, United States
    [job_card.full_time]
    The ideal candidate for this role will have the ability to blend and apply their technical, organizational, business, and cyber security abilities, to : . Support 12th District risk strategies, identi...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Senior Vendor Risk Analyst

    Senior Vendor Risk Analyst

    Direct Staffing Inc • San Francisco, CA, United States
    [job_card.full_time]
    Coordinate with stakeholders to initiate, scope and plan controls assessments of new and existing vendor engagements.Perform assessments on-site at vendor locations or remotely via conference calls...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Travel Polysomnographic / Sleep Tech - $1,953 to $2,166 per week in Redwood City, CA

    Travel Polysomnographic / Sleep Tech - $1,953 to $2,166 per week in Redwood City, CA

    AlliedTravelCareers • Redwood City, CA, US
    [job_card.full_time]
    Ready to start your next travel adventure? LRS Healthcare offers a full benefits package, 24 / 7 support, and a responsive, traveler-first culture. What are you waiting for? Apply today!.Valid license...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Senior Incident Response Security Consultant, Google Cloud, Mandiant

    Senior Incident Response Security Consultant, Google Cloud, Mandiant

    Google • San Francisco, California, United States
    [job_card.full_time]
    Senior Incident Response Security Consultant, Google Cloud, Mandiant Join to apply for the.Senior Incident Response Security Consultant, Google Cloud, Mandiant. Application window will be open until...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Hybrid Cybersecurity Lead : Incident Response & Emulation

    Hybrid Cybersecurity Lead : Incident Response & Emulation

    A10 Networks, Inc • San Francisco, CA, United States
    [job_card.full_time]
    A leading cybersecurity company in San Francisco seeks a Cybersecurity Lead to oversee offensive and defensive security operations. The role involves managing security monitoring tools, improving in...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Senior Incident Response Investigator

    Senior Incident Response Investigator

    Gruve • Redwood City, CA, United States
    [job_card.full_time]
    Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses.We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced tech...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Product Privacy Counsel : AI, Security & Incident Response

    Product Privacy Counsel : AI, Security & Incident Response

    Dropbox • San Francisco, CA, United States
    [job_card.full_time]
    A leading technology company is seeking an Associate Product Counsel to provide legal guidance on user privacy and data protection issues. The ideal candidate will have 1-3+ years of experience in p...[show_more]
    [last_updated.last_updated_1_day] • [promoted]
    Security Incident Response Manager

    Security Incident Response Manager

    VirtualVocations • Oakland, California, United States
    [job_card.full_time]
    A company is looking for a Security Incident and Response Manager (MSP / MSSP Exp Required).Key Responsibilities Lead the security incident response team in identifying, analyzing, and resolving cl...[show_more]
    [last_updated.last_updated_1_day] • [promoted]
    Senior Threat Hunter & Incident Response Analyst

    Senior Threat Hunter & Incident Response Analyst

    Isc2 Eastbay Chapter • San Francisco, CA, United States
    [job_card.full_time]
    A medical technology firm located in California is seeking an investigator to join their Information Security team.This role focuses on analyzing security telemetry to uncover threats and strengthe...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    GSOC Analyst

    GSOC Analyst

    Control Risks • San Francisco, CA, United States
    [job_card.full_time]
    Control Risks is in process with multiple clients to build out state of the art 24 / 7 / 365 GSOC programs.These teams will be responsible for monitoring major events across the US and internationally ...[show_more]
    [last_updated.last_updated_variable_hours] • [promoted] • [new]
    Senior Security Researcher & Analyst - WAF Application Security Experts

    Senior Security Researcher & Analyst - WAF Application Security Experts

    Cloudflare • San Francisco, CA, United States
    [job_card.full_time]
    Senior Security Researcher & Analyst - WAF Application Security Experts.At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the worlds largest networks ...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Security Operations Analyst

    Security Operations Analyst

    The Voleon Group • Berkeley, CA, US
    [job_card.full_time]
    Voleon is a technology company that applies state-of-the-art AI and machine learning techniques to real-world problems in finance. For nearly two decades, we have led our industry and worked at the ...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Cybersecurity & Incident Response Associate (SF, SE, NY, DC, BN)

    Cybersecurity & Incident Response Associate (SF, SE, NY, DC, BN)

    Orrick Herrington & Suttcliffe • San Francisco, CA, United States
    [job_card.full_time]
    Orrick is seeking a highly motivated Associate to join our fast-growing and internationally recognized.Cybersecurity & Incident Response. This is an opportunity to develop deep expertise in one of t...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Information Security Analyst

    Information Security Analyst

    TradeJobsWorkForce • 94707 Berkeley, CA, US
    [job_card.full_time]
    Monitor their organization’s networks for security breaches and investigate a violation when one occurs Install and use software, such as firewalls and data encryption programs, to protect sensitiv...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Leaks Analyst

    Leaks Analyst

    San Francisco Staffing • San Francisco, CA, United States
    [job_card.full_time]
    Join Apple's New Product Security Team.Imagine what you could do here.At Apple, new ideas quickly transform into extraordinary products, services, and customer experiences.Safeguarding our most inn...[show_more]
    [last_updated.last_updated_variable_hours] • [promoted] • [new]
    Security Operations Center Analyst

    Security Operations Center Analyst

    TechBiz Global GmbH • San Francisco, CA, US
    [job_card.full_time]
    At TechBiz Global, we are providing recruitment service to our TOP clients from our portfolio.Security Operations Center Analyst. If you're looking for an exciting opportunity to grow in a innovativ...[show_more]
    [last_updated.last_updated_30]
    Security Analyst

    Security Analyst

    Minted • San Francisco, CA, US
    [job_card.full_time]
    As a Security Analyst II at Minted, you will help protect both the customer-facing products our community relies on and the enterprise systems our employees use every day.You’ll join a small,...[show_more]
    [last_updated.last_updated_30] • [promoted]