JOB SUMMARYThe Sr. Incident Response Engineer will take on the lead cyber security incident responder role on the Baylor Scott & White Health cyber defense team. This role will be responsible for leading the incident response capabilities of the organization by developing and improving runbook procedures to mitigate risk and enhance incident response processes.The Pay range for this position is $56.02/hour ($116,521 annualized) for those with entry-level qualifications up to $100.75/hour ($209,560 annualized) for those highly experienced. The specific rate will depend upon the successful candidate's specific qualifications and prior experience..KEY RESPONSIBLITIESConduct security investigations and lead security incident response in cross-functional environment and drive incident resolutionActively call and lead security incident bridges and coordinate internal incident response efforts between operations team, and managed security services.Develop Incident Response initiatives that improve our capabilities to effectively respond and remediate security incidentsExpand SIEM program, ensuring log coverage, alert development, and process improvement.Partner with cyber threat intelligence, the vulnerability management team, and technology remediation groups to deliver shared outcomes that measurably improve our efficacy to detect, respond to, and remediate vulnerabilitiesSupport broader security operation initiatives both within the cyber defense team, and within engineering and operation departments across the organizationBe a security liaison and enabler to Managed Service counter parts.Create and improve security playbook for a variety of incident and compromise types for all levels of engineers and stakeholders.KEY SUCCESS FACTORSMore advanced leadership, problem solving, team building, and judgment-making skills.Skilled project manager with ability to articulate business needs.Excellent written, verbal, and social communication skills.Proficient computer software and database skills.Ability to focus and prioritize strategic targets and work in a growing and challenging environment.Drives long term planning and strategic portfolio vision creation for improvements and strategies, with oversight from Director and VP as neededKnowledge of interdependencies of healthcare landscape and its influence on portfolioEstablishes external relationships with other thought leaders in healthcare ITMaintains a broad knowledge of state-of-the-art technology, equipment, and systems.BENEFITSOur competitive benefits package includes the followingImmediate eligibility for health and welfare benefits401(k) savings plan with dollar-for-dollar match up to 5%Tuition ReimbursementPTO accrual beginning Day 1Note: Benefits may vary based upon position type and/or levelBASIC QUALIFICATIONS:BS degree in computer science, computer engineering, software engineering, cybersecurity or related technical degree; or 5 years equivalent technology experience5+ years’ experience in information security in an enterprise environment3+ years’ experience and understanding of incident response processes in both datacenter and cloud based environments, forensic techniques, executing and administration of crisis bridges, and preparation and delivery of incident reports for executivesKnowledge of malware trends and behaviors and the ability to work with other teams to detect and respond to these threatsExperience with Intrusion Detection and Prevention Systems (IDS/IPS), Firewall and Network Log analysis, Security Information and Event Management (SEIM) tools, threat intelligence services, and malware analysisExperience analyzing network and host-based security eventsExperience with attacker tactics, techniques, and proceduresExperience with Windows and Linux Operating SystemsKnowledge of common software, operating systems vulnerabilities, and Unix/LinuxUnderstanding of cybersecurity organizational practices, operations risk management processes, architectural requirements, and vulnerability riskExperience with controls or frameworks such as NIST 800-53, NIST CSF, CIS, MITRE ATT&CKKnowledge of existing, emerging, and long-range issues related to cyber operations strategy, policy, and organizationExperience creating workflows and remediation plans for vulnerabilities identifiedIncident Response experience in a healthcare environmentExperience using ServiceNow for SIR, CMDB, and/or ITSM functionsContribution or development of policies and standardsExperience participating in or leading security table top exercisesPREFERRED CERTIFICATIONSCertified Information Systems Security Professional (CISSP) certificationCertified Information Security Manager (CISM) certificationGIAC Certified Incident Handler (GCIH) certificationFOR508: Advanced Incident Response, Threat Hunting, and Digital ForensicsFOR500: Windows Forensic AnalysisMINIMUM QUALIFICATIONSEDUCATION - Bachelor's or 4 years of work experience above the minimum qualificationEXPERIENCE - 7 Years of ExperienceAs a health care system committed to improving the health of those we serve, we are asking our employees to model the same behaviours that we promote to our patients. As of January 1, 2012, Baylor Scott & White Health no longer hires individuals who use nicotine products. We are an equal opportunity employer committed to ensuring a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.