Security Analyst – Cleveland, OH


CarepathRx transforms hospital pharmacy from a cost center into an active revenue generator through a powerful combination of technology, market-leading pharmacy services and wrap-around services.

Job Details:

The Carepath Cyber Security team is responsible for designing, acquiring, configuring, and running security technologies that enable our networks, hosts, and applications to support our core business process. This is a great role for someone who wants to continue their Cyber Security career, touching many aspects of Security while working with a dynamic and talented team.


  • Daily monitoring of existing security tools such as those listed below under security tools

  • Review and follow-up of level 2 alerts and escalation of more complex alerts

  • Identification of gaps that are causing reoccurring issues and advise on procedures or tools to solve them

  • Participate in incident response by providing requested data and investigating additional leads

  • Maintaining solid knowledge of cybersecurity issues via RSS feeds, security blogs, and podcasts.

  • Increasing/Maintaining knowledge of security disciplines through on-the-job and training and online security courses with the preference of obtaining certificates.

  • Determine the impact of current threats to our security posture

  • Maintain operational configurations of all in-place security solutions as per the established baselines.

  • Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).

  • Monitor all in-place security solutions for efficient and appropriate operations.

  • Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.

  • Participate in investigations into problematic activity.

  • Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.

  • Provide on-call support for end users for all in-place security solutions.

  • There will be additional duties performed based on needs and advancement of knowledge


Formal Education & Certification

Security Tools

Hands-on experience managing/using tools in at least 5 of the following areas and knowledge of other areas (sample vendors are in quotes, but these vendors are not required)

Be able to discuss how you deployed them, used them and how they fit into the holistic security picture.

  • Log Management/SIEM (Secure Onix, IBM/Qradar, Splunk, Mcafee/Nitro, ELK, LogRythm, others)

  • Intrusion Detection/Intrusion Prevention Systems (Cisco, TippingPoint, CheckPoint, Juniper, SonicWALL)

  • Incident Response (6 steps)

  • Vulnerability Management (Rapid7 Nexpose, Tenable Nessus, Qualys, Tripwire/nCircle, Veracode, WhiteHat)

  • Data Loss Prevention (Websense, Symantec, Microsoft, Digital Guardian)

  • Encryption (Symantec/PGP, MS Bitlocker, Sophos, McAfee, Symmetric, PKI, Ciphers, Digests, Key Management)

  • EPP – AntiVirus (Crowdstrike, Symantec, Kaspersky, Microsoft Intune, TrendMicro, Sophos)

  • EDR – (CarbonBlack, Cisco AMP, CrowdStrike, Cylance, MS ATP E5, Tanium)

  • Application Security (ZAP, Burp Suite, AppScan, Veracode, WhiteHatSecurity)

  • Web filters (Cisco, McAfee, Websense, BlueCoat, Zscaler)

  • Mail filters – malware (Proofpoint, Microsoft, Barracuda, Cisco)

  • Wireless Intrusion Prevention/Detection Systems (Cisco, Aruba, Airtight, Airwatch, Motorola)

  • Web Application Firewalls (Imperva, Barracuda, Trustwave, Fortiweb)

  • Penetration Testing

CarepathRx provides equal employment opportunity to all qualified applicants regardless of race, color, religion, national origin, sex, sexual orientation, gender identity, age, disability, genetic information, or veteran status, or other legally protected classification in the state in which a person is seeking employment. Applicants encouraged to confidentially self-identify when applying. Local applicants encouraged to apply. Drug-free work environment. Must be eligible to work in this country.


Source link

Author: admin