Cyber Security Analyst III - Automation

We are so glad you are interested in joining Sutter Health!

Organization:

SHSO-Sutter Health System Office-Valley

Position Overview:

As a Cybersecurity Automation Analyst at Level 3, you are responsible for developing, implementing, and optimizing automation processes that enhance security operations. This role involves creating workflows to reduce manual efforts, integrating tools and systems for seamless operations, and supporting incident response through automated solutions.

Key Responsibilities:

Automation Development & Implementation

Design and deploy automated workflows for security tools, including SOAR platforms, SIEM, and EDR systems.
Develop and test scripts or playbooks to streamline repetitive security tasks.
Integrate APIs and connectors to enable interoperability between security tools and platforms.
Incident Response Support

Automate data enrichment and alert prioritization for real-time incident detection and triage.
Provide automation solutions to support containment and remediation efforts during security incidents.
Collaborate with incident response teams to identify gaps that can be addressed with automation.
Process Optimization

Analyze existing security processes to identify inefficiencies and recommend automation solutions.
Ensure that automated workflows are reliable, scalable, and aligned with organizational needs.
Continuously improve automation processes to enhance performance and reduce response times.
Collaboration & Mentorship

Partner with security engineers, analysts, and architects to understand automation requirements.
Share knowledge and mentor junior team members on automation tools and best practices.
Collaborate with external vendors to evaluate and integrate automation technologies.
Research & Innovation

Stay current with emerging trends, tools, and techniques in cybersecurity automation.
Test and implement innovative automation strategies to address evolving security challenges.
Conduct proof-of-concept projects to explore the feasibility of new automation solutions.
Documentation & Reporting

Maintain detailed documentation of automation processes, playbooks, and integrations.
Develop reports and dashboards to measure the impact and effectiveness of automation initiatives.
Communicate the benefits and outcomes of automation to stakeholders through clear metrics.

Job Description:

EDUCATION:
Equivalent experience will be accepted in lieu of the required degree or diploma.

• Bachelor's in Business, Cybersecurity, Computer Science, Information Technology/Security, Risk Management, or related field

TYPICAL EXPERIENCE:

• 5 years recent relevant experience.

PREFERRED EXPERIENCE:

• Demonstrated experience providing cybersecurity support through the strategic planning, coordination, integration, and synchronization of cyber defense and prevention activities.

• Proven ability to ensure compliance with all applicable state and federal cybersecurity laws, regulations, and industry standards.

• Expertise in preparing and presenting comprehensive, accurate, and actionable reports that effectively communicate risk profile impacts to peers and senior leadership.

SKILLS AND KNOWLEDGE:

• In-depth understanding of the anatomy of an attack and the lifecycle of a network threat and network vulnerability exploitation in a healthcare environment.

• Technical skills in planning, administration, and management of information systems; operational and technical security controls; and security risk analysis and management, including end point security controls, such as access control lists (ACLS), host intrusion prevention system (HIPS), registry, logging, and forensics.

• Comprehensive knowledge of end point security technologies (Antivirus, Forensics, Anti-malware, HIPS), data loss prevention (DLP) methodologies, DLP technologies, current information security trends and practices including security processes, methods, and procedures.

• Thorough knowledge of software, hardware, databases, networks, firewalls, encryption, and other systems security devices, including a good understanding of end point operating systems (Windows and Linux), internet technologies such as Domain Name System (DNS), routing, Simple Mail Transfer Protocol (SMTP), Hypertext Transfer Protocol (HTTP), Dynamic Host Configuration Protocol (DHCP), and File Transfer Protocol (FTP), and familiarity in a command line environment.

• Expert knowledge of state and federal information services (IS) security and privacy-related regulatory requirements and laws.

• Detailed knowledge regarding National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act (HIPAA/HITECH), Federal Information Processing Standards (FIPS), and other related industry security standards, regulations, and best practices.

• Superior business acumen and analytic skills, including the ability to analyze data and information, reach practical conclusions, recommend corrective actions, resolve conflicts, and institute effective changes.

• Organizational and project management skills required, including the demonstrated ability to prioritize tasks, manage multiple projects simultaneously, and complete deliverables.

• Exceptional attention to detail with time management and organization skills, including attention to detail, clear documentation, diagnostic capabilities and problem solving skills.

• Communication (written/verbal), interpersonal, and presentation skills to explain complex technical or sensitive information clearly and professionally to diverse audiences and all levels of internal and external constituencies.

• Robust computer skills, including advanced knowledge of Microsoft Office Suite (Word, Excel, Outlook, and Access), various database architectures and related security and assessment tools and applications.

• Leverage vast detailed knowledge and familiarity with security disciplines effectively and convert highly complex technical topics into language and diagrams understandable to a wide audience.

These Principal Accountabilities, Requirements and Qualifications are not exhaustive, but are merely the most descriptive of the current job. Management reserves the right to revise the job description or require that other tasks be performed when the circumstances of the job change (for example, emergencies, staff changes, workload, or technical development).

Job Shift:

Days

Schedule:

Full Time

Days of the Week:

Monday - Friday

Weekend Requirements:

As Needed

Benefits:

Yes

Unions:

No

Position Status:

Exempt

Weekly Hours:

40

Employee Status:

Regular

Sutter Health is an equal opportunity employer EOE/M/F/Disability/Veterans.

Pay Range is $58.95 to $88.43 / hour

The salary range for this role may vary above or below the posted range as determined by location. This range has not been adjusted for any specific geographic differential applicable by area where the position may be filled. Compensation takes into account several factors including but not limited to a candidate’s experience, education, skills, licensure and certifications, department equity, training and organizational needs. Base pay is just one piece of the total rewards program offered by Sutter Health. Eligible roles also qualify for a comprehensive benefits package. ​