Information Security Incident Handler
athenaSIRT, athenahealth’s Security Incident Response Team, is responsible for effectively and efficiently detecting and responding to computer security incidents across athenahealth’s corporate and production environments and for providing real-time security intelligence to react to our changing threats.
What makes a successful Incident Handler?
We focus on analyzing scaled event data, distilling events into timelines, applying context from our own experience and that of our peers, and deriving meaningful incident narratives. You might be a fit if you have a track record of:
- Developing ways to find anomalies across distributed, heterogeneous infrastructure
- Maintaining a cool head under pressure
- Extracting and evaluating evidence
- Building incident timelines, uncovering facts, distilling underlying weaknesses
- Driving organizational change in response to risk
Core responsibilities:
- Triage security event alerts, escalate incidents and drive response actions
- Automate security analytics. Drive up signal-to-noise ratio and eliminate low-value work
- Participate in incident handler on-call rotation
- Hunt for threats across networks, endpoints, and cloud infrastructure
- Lead postmortems that improve security posture
Areas we’re investing in:
- DevOps+cloud lifecycle forensics
- Response automation
- Purple-teaming
- Malware analysis
- Host, network, cloud infrastructure instrumentation
Experience relevant to us:
- CSIRT / SOC
- Pentest / red team
- Systems / network engineering and administration
- Malware triage (static, dynamic)
- Forensics (disk, memory, network)
- Big data / data science / analytics
- Development and automation (Python, Perl, Ruby, bash, PoSH, API-based integration)
- Threat analysis and intelligence
- Certifications such as GCIH, GCFE, GCFA, GREM, OSCP, OSCE a plus
Information Security Incident Handler
athenaSIRT, athenahealth’s Security Incident Response Team, is responsible for effectively and efficiently detecting and responding to computer security incidents across athenahealth’s corporate and production environments and for providing real-time security intelligence to react to our changing threats.
What makes a successful Incident Handler?
We focus on analyzing scaled event data, distilling events into timelines, applying context from our own experience and that of our peers, and deriving meaningful incident narratives. You might be a fit if you have a track record of:
- Developing ways to find anomalies across distributed, heterogeneous infrastructure
- Maintaining a cool head under pressure
- Extracting and evaluating evidence
- Building incident timelines, uncovering facts, distilling underlying weaknesses
- Driving organizational change in response to risk
Core responsibilities:
- Triage security event alerts, escalate incidents and drive response actions
- Automate security analytics. Drive up signal-to-noise ratio and eliminate low-value work
- Participate in incident handler on-call rotation
- Hunt for threats across networks, endpoints, and cloud infrastructure
- Lead postmortems that improve security posture
Areas we’re investing in:
- DevOps+cloud lifecycle forensics
- Response automation
- Purple-teaming
- Malware analysis
- Host, network, cloud infrastructure instrumentation
Experience relevant to us:
- CSIRT / SOC
- Pentest / red team
- Systems / network engineering and administration
- Malware triage (static, dynamic)
- Forensics (disk, memory, network)
- Big data / data science / analytics
- Development and automation (Python, Perl, Ruby, bash, PoSH, API-based integration)
- Threat analysis and intelligence
- Certifications such as GCIH, GCFE, GCFA, GREM, OSCP, OSCE a plus