BlueCross BlueShield of Western New York

About BlueCross BlueShield of Western New York

 

Job Category:

Information Technology

Country:

United States

Postal Code:

14201

Approximate Salary:

Not Specified

Position Type:

Full Time

Cybersecurity Threat Analyst

Posted: 09/1/2018

Auto req ID 1853BR Company BlueCross BlueShield of WNY About Us BlueCross BlueShield of Western New York is a division of HealthNow New York Inc., one of New York’s leading health care companies that provides access to quality health care and solutions for members throughout Upstate New York. Since 1936, BlueCross BlueShield has helped millions of people gain access to health care. Headquartered in Buffalo, NY, the company is an independent Licensee of the BlueCross BlueShield Association. As the region’s leading health plan, serving over 800,000 members, BlueCross BlueShield believes in taking small steps towards healthier living. You can visit our website at www.bcbswny.com. Title Cybersecurity Threat Analyst Position Posting Location Buffalo Status Full Time Regular Hours 8:00 am - 5:00 pm Job Description The Cybersecurity Threat Analyst is responsible for researching and reporting on cyber threats that are potential risks to HealthNow; leading an interdisciplinary team of engineers and analysts to evaluate tools deployed in these attacks as well as the tactics and procedures used by cyber-espionage operators; mining existing threat research and external open sources for indicators of cyber-attacks to create actionable intelligence reports for HealthNow; including short-term analysis of individual attacks to validate and publish indicators, but also long-term analysis of tools, infrastructure and tactics to create and augment profiles of intrusion sets and operators. This position will actively engage with the intelligence community, participating in discussions that enable cyber threat awareness of observed threat activity in the sector. They will also work with internal teams to identify, analyze, and share correlated and enriched threat Intel to assist incident response and threat detection, allowing efficient and improved time to action. Primary Responsibility Leads cyber threat analysis and reporting efforts on information from both internal and external sources, and appropriately manage and communicate relevant cyber threat intelligence. Actively monitor and research cyber threats on the Internet and Dark Web with a direct or indirect impact/relevance to financial services, business operations, technology infrastructure, and member trust. Identifys gaps in collection and capabilities to provide enhancement recommendations to strategic decision-makers Collects, analyzes, stores, reports, maintains, and applies information pertinent to security investigations and incidents in a form that can support current and/or future analysis, situational awareness, and law enforcement investigation efforts. Leads efforts to identify, validate, and enrich indicators of compromise (IoC). Initiates and participates in cyber threat intelligence exchanges with the in the HealthCare sector. Develop and further relationships with personnel at other institutions, government agencies, and other appropriate organizations both locally and nationally. Leverages experience monitoring and collecting cyber intelligence from Open Source, and Classified (S/TS/SCI) sources of threat data in order to assess the potential risks from threat actors. Mentors, supports and leads in the training of cybersecurity staff to increase their understanding of complex security analysis methodologies and issues. Supports security reviews/vulnerability risk assessments of network environments by providing guidance and follow-up for service acquisition and remediation recommendations & activities Establishes close relationships with business and technology stakeholders outside of the security and compliance disciplines, working closely with physical security, fraud, legal, and senior leadership. Proactively keeps EIA management team informed of trends, possible problems, latest pertinent intelligence and any other information that will help them to stay in front of any potential cybersecurity related events. Perform reverse-engineering and malware analysis, document results and share with EIS management team. Performs other duties as required Knowledge and Skills Advanced proficiency in data and cybersecurity (technical, operational and administrative) practices, IT Infrastructure Technology and HIPAA Security regulations Intermediate proficiency in MS Office (Word, Excel, PowerPoint, Visio)

Intermediate proficiency in Project Management Intermediate proficiency in hacking tools, penetration testing techniques, anti-malware tools and other tools needed for collecting information for analysis related to cybersecurity Demonstrable experience in scripting/programing in one or more of the following languages (Python, Perl, shell) Excellent organizational skills and an acute attention to detail Effective information-gathering skills, efficient meeting facilitation, one-on-one interactions and/or observations, including effective note taking Excellent verbal, written and interpersonal communication skills with the ability to communicate technical information in a non-technical manner a plus A self-starter with strong planning and organizational skills to set priorities and achieve goals while supporting multiple projects simultaneously Ability to produce meaningful and value-added reporting and metrics. Ability to work on-call for escalated cybersecurity incidents. Ability to work effectively with minor supervision Able to work in a fast-paced environment with daily work processing deadlines Knowledge of portfolio-specific applications and technologies Experience with the Cyber Kill Chain and Intelligence Driven Defense Knowledge of cyber attack infrastructure, including computer systems and networks. Experience with enterprise incident handling; including investigation, facilitation and remediation. Experience with researching and tracking Advanced Persistent Threat (APT) campaigns Knowledge of the technical aspects associated with external IT threats Experience with malware analysis or malware reverse engineering Knowledge of cyber-attack infrastructure, including computer systems and networks Knowledge of the security concerns facing medium/large enterprises Experience with enterprise incident handling Analytical and problem-solving skills
Experience Minimum of five (5) years IT experience required OR Technical Certification and seven (7) years experience in IT OR nine (9) years experience in IT. Preferred Masters Degree in Information Technology/ Information Systems Education Required Education:Bachelors Degree (N/A) Working Conditions Manual Dexterity Req: Eye-hand coordination and manual dexterity sufficient to effectively use a computer with all its components for prolonged periods of time and for the majority of required tasks Manual Dexterity Req: Eye-hand coordination and manual dexterity sufficient to effectively utilize various office equipment (phone, computer, fax machine, printer, copier, filing cabinet, etc) Removal Date 08-Jun-2019

Apply Now