The Threat Detection & Response Analyst c onducts computer and network intrusion detection, incident response, forensic investigations, data recovery and electronic discovery under occasional guidance. The Threat Detection & Response Analyst c onducts small and medium scale threat analysis for the environment. Troubleshoots and resolves complex security issues. Implements small and medium technology projects or components of large projects. Ability to solve medium to complex problems.
Performs intrusion detection and incident response.
Conducts computer investigations.
Conducts threat analysis for the environment.
The responsibilities listed are a general overview of the position and additional duties may be assigned.
ANOMALY AND INTRUSION DETECTION (NOVICE): Possesses sufficient fundamental proficiency to successfully demonstrate Intrusion and Anomaly Detection practices in practical applications of moderate difficulty. Has a basic understanding of network behavior analysis techniques and tools. Capable of using various detection systems and software.
INCIDENT RESPONSE (NOVICE): Demonstrates the ability to respond quickly to reports from individuals. Takes immediate action to stop a cybersecurity incident from continuing or recurring. Determines whether an incident should be handled locally or reported to the IT Security Response Team. Works with the IT support staff to repair a system, restore service, and preserve evidence of the incident. Handles sensitive and other critical responses in a professional manner. Evaluates and documents investigation findings after resolving an incident. Capable of using various computer forensic systems and software.
MALWARE ANALYSIS (NOVICE): Possesses sufficient fundamental proficiency to successfully demonstrate Malware Analysis in practical applications of moderate difficulty. Has determined the behavior and purpose of a simple malware threat and eliminated it from the Company's computers. Familiar with Dynamic Analysis, the analysis of software during its execution on a computer or in a virtual machine, and Static Analysis, the method to look at the component without any execution on the component itself. Has used basic Malware Analysis tools and products.
NETWORK AND SYSTEMS FORENSICS (NOVICE): Possesses sufficient fundamental proficiency to successfully demonstrate Digital Forensics capability on system and network data in practical applications of moderate difficulty.
THREAT DATA (NOVICE): Proficient to review and collect pertinent Indicators of Compromise and other threat data from available sources (feeds, community communications, etc) to feed into existing Intrusion Detection systems and processes, to enhance discovery of threats in the environment.
SECURITY POSTURE ASSESSMENT (NOVICE): Demonstrates the ability to successfully review basic Internet connections and internal networks to identify standard hacker/cracker threats. Able to review the configuration of server and major network applications to identify configuration errors and other problems that weaken organizational systems and increase their likelihood of misuse. Has conducted an assessment of at least one of the following:  access controls, governing access to applications and files,  password controls, determining permissible choice of passwords and governing the requirement to change passwords,  connectivity controls [e.g., open ports/ enabled protocols] influencing permissible communications to and from a computer system,  inappropriate files [including viruses, worms, Trojan horses, bootleg software, music files, inappropriate image files], and  unpatched software, bringing attention to available security-related patches that have not been deployed. Has basic knowledge of several of the following: network foot-printing, port scanning, and enumeration techniques, specific operating system vulnerabilities [like Win-NT, *nix,Win-2K, Solaris], web server vulnerabilities, application level exploits, worms, viruses, and Trojans, network vulnerabilities, sniffing, wireless sniffing, IP spoofing, and PPTP/VPN breaking. Generate security reports for management that show system safety and incident reporting.
Organizational Impact: Executes job responsibilities with the understanding of how output would affect and impact other areas related to own job area/team with occasional guidance.
Problem Solving/ Complexity of work: Analyzes moderately complex problems using technical experience and judgment.
Breadth of Knowledge: Has expanded knowledge gained through experience within a professional area.
Team Interaction: Provides informal guidance and support to team members.
About the Department:
VUMC IT provides hardware, software and service solutions for the entire Medical Center. With over 40,000 workstations in the Medical Center, our teams can assist not only with hardware support, but also software and application support and services to enhance security and protection of your information.
Position Shift : Days
Discover Vanderbilt University Medical Center:
Located in Nashville, Tennessee, and operating at a global crossroads of teaching, discovery and patient care, VUMC is a community of individuals who come to work each day with the simple aim of changing the world. It is a place where your expertise will be valued, your knowledge expanded, and your abilities challenged. It is a place where your diversity -- of culture, thinking, learning and leading -- is sought and celebrated. It is a place where employees know they are part of something that is bigger than themselves, take exceptional pride in their work and never settle for what was good enough yesterday. Vanderbilt's mission is to advance health and wellness through preeminent programs in patient care, education, and research.
VUMC Recent Accomplishments
Because we are committed to providing the best in patient care, education and research, we are proud of our recent accomplishments:
US News & World Report: #1 Adult Hospital in Tennessee and metropolitan Nashville, named to the Best Hospitals Honor Roll of the top 20 adult hospitals, 10 nationally ranked adult specialty programs, with 3 specialties rated in the top 10 nationally, Monroe Carell Jr. Children's Hospital at Vanderbilt named as one of the Best Children's Hospital in the nation, with 10 out of 10 pediatric specialties nationally ranked.
Healthcare's Most Wired: Among the nation's 100 "most-wired" hospitals and health systems for its efforts in innovative medical technology.
Becker's Hospital Review: named as one of the "100 Great Hospitals in America", in the roster of 100 Hospitals and Health Systems with Great Oncology Programs and to its list of the 100 Hospitals with Great Heart Programs.
The Leapfrog Group: One of only 10 children's hospitals in the to be named at Leapfrog Top Hospital.
American Association for the Advancement of Science: The School of Medicine has 112 elected fellows
Magnet Recognition Program: Received our third consecutive Magnet designations.
National Academy of Medicine: 22 members, elected by their peers in recognition of outstanding achievement
Human Rights Campaign Healthcare Equality Index: 6 th year in a row that Vanderbilt University Medical Center was a Leader in LGBTQ Healthcare Equality.
Vanderbilt University Medical Center is home to Vanderbilt University Hospital, The Monroe Carell Jr. Children’s Hospital at Vanderbilt, the Vanderbilt Psychiatric Hospital and the Vanderbilt Stallworth Rehabilitation Hospital. These hospitals experienced more than 61,000 inpatient admissions during fiscal year 2015. Vanderbilt’s adult and pediatric clinics treated nearly 2 million patients during this same period. Vanderbilt University Hospital and the Monroe Carell Jr. Children’s Hospital at Vanderbilt are recognized again this year by U.S. News & World Report’s Best Hospitals as among the nation’s best with 18 nationally ranked specialties. Vanderbilt University Medical Center is world renowned because of the innovation, work ethic and collegiality of its employees. From our health care advances to our compassionate care, Vanderbilt owes its accomplishments and reputation to staff and faculty who bring skill and drive and innovation to the medical center day after day. World-leading academic departments and comprehensive centers of excellence pursue scientific discoveries and transformational educational and clinical advances across the entire spectrum of health and disease.As t...he largest employer in middle Tennessee, we welcome those who are interested in ongoing development in a caring, culturally sensitive and professional atmosphere. Most of us spend so much of our lives at work, we want to be part of maintaining a workplace in which people support one another and encourage reaching for excellence. Many high-achieving employees stay at Vanderbilt because of the professional growth they experience and because of their appreciation of Vanderbilt’s benefits, public events and discussions, athletic opportunities, beautiful setting and, above all, sense of community and purpose.Vanderbilt and its employees share a set of mutual expectations that have been created with productivity, legality, fairness and safety always in mind. We believe that our investment in training and compensating employees multiplies in value when we enable individuals to deliver their best performance for the benefit of us all.