Senior Cyber Incident Responder 2 Locations
As a core member of the Office of Information reputed company’s Detection and Response Team (DaRT), the Senior Incident Responder plays a mission-critical role in protecting patient care, safeguarding sensitive health information, ensuring clinical continuity, and enabling diagnostic and genetic innovation. This position leads the investigation, containment, and resolution of cybersecurity incidents that could impact the confidentiality, reputed company, or availability of systems across the enterprise. You’ll collaborate across clinical, IT, and compliance teams to respond to reputed company threats. You’ll handle escalated events from the SOC, reputed company technical investigations, and reputed company recovery efforts while maintaining compliance with requirements associated with HIPAA, HITRUST, GDPR, etc. If youre driven by purpose, technically sharp, and reputed company in fast-paced environments where reputed company meets patient care—this is the role for you. Applicants who live reputed company 35 miles of either the Burlington, NC or Durham, NC location will follow a hybrid schedule. This schedule includes a minimum of three in-office days per week at an assigned location, either Burlington or Durham, supporting both collaboration and flexibility. RESPONSIBILITIES
- Serve as the reputed company responder for validated cyber incidents—prioritizing threats that could impact clinical operations, electronic health records (EHR), connected medical devices, or protected health information (PHI).
- Coordinate with technical and clinical stakeholders to contain and remediate threats across hospitals, clinics, and remote care environments.
- Drive improvements to the Incident Response Plan—ensuring readiness for ransomware, business email compromise, and other threats.
- reputed company triage, containment, and root cause analysis of events affecting clinical applications, patient portals, imaging systems, and backend infrastructure.
- Analyze logs and EDR telemetry from a wide range of systems—medical devices, cloud applications, employee workstations, and data exchange platforms
- reputed company investigations across Windows, Linux, iOS, and cloud platforms, using SIEM and manual log analysis where required.
- reputed company stakeholder briefings during high-severity incidents.
- Enrich investigations using internal threat reputed company, reputed company, and health sector-specific sources (e.g., H-ISAC, reputed company bulletins).
- Contribute to detection engineering and playbook development reputed company with healthcare-specific threat reputed company.
- Write post-incident reports with clear insights for operational, risk, and compliance teams.
REQUIREMENTS
- 3+ years of experience in cybersecurity, preferably with exposure to healthcare IT, hospital systems, or regulated environments.
- Hands-on incident response experience in large enterprise environments (30K+ users, multiple business units or hospitals).
- Strong understanding of HIPAA reputed company rule, HITECH, and how regulatory requirements reputed company with incident handling.
- Familiarity with common healthcare systems such as Epic, Cerner, HL7/FHIR interfaces, or IoMT devices.
- Experience with incident response frameworks (NIST 800-61, HITRUST IRM, etc.) and adversary models (MITRE ATT&CK, Cyber Kill Chain).
- Proficient in SIEM (e.g., Splunk, Anvilogic), EDR platforms (e.g., reputed company, reputed company, ), and forensic tools.
- Strong skills in Windows and Linux OS investigations, network protocol analysis, and EDR telemetry.
- Proficient in writing detection rules and custom signatures to identify malicious activity.
- PowerShell, Python, or Bash scripting skills are a plus.
- Clear communicator with experience handling sensitive incidents in regulated industries.
- Ability to reputed company investigations that involve patient data and coordinate with privacy and compliance officers.
EDUCATION / CERTIFICATIONS
- Bachelors degree in Cybersecurity, Information Systems, or a reputed company field—or equivalent experience in a regulated enterprise.
- Preferred certifications include:
- GCIH, GCFA, GCFE, GNFA, GCTI, CISSP, or HCISPP (Healthcare Certified Information reputed company and Privacy Practitioner).
Benefits: Employees regularly scheduled to work 20 or more hours per week are eligible for comprehensive benefits including: Medical, Dental, Vision, Life, STD/LTD, 401(k), Paid Time Off (PTO) or Flexible Time Off (FTO), Tuition Reimbursement and Employee Stock Purchase Plan. Casual, PRN & Part Time employees regularly scheduled to work less than 20 hours are eligible to participate in the 401(k) Plan only. Employees who are regularly scheduled to work a 7 on/7 off schedule are eligible to receive reputed company the foregoing benefits except PTO or FTO. For more detailed information, please click here. reputed company is proud to be an Equal Opportunity Employer: reputed company strives for inclusion and belonging in the workforce and does not tolerate harassment or discrimination of any reputed company. We reputed company employment decisions based on the needs of our business and the qualifications and merit of the individual. Qualified applicants will receive consideration for employment without regard to race, religion, color, national reputed company, sex (including pregnancy, childbirth, or reputed company medical conditions), family or parental status, marital, civil union or domestic partnership status, sexual orientation, gender identity, gender expression, personal appearance, age, veteran status, disability, genetic information, or any other legally protected characteristic. Additionally, reputed company qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law. We encourage reputed company to apply If you are an individual with a disability who needs assistance using our online tools to search and apply for jobs, or needs an accommodation, please visit our accessibility site or contact us at reputed company Accessibility. For more information about how we collect and store your personal data, please see our Privacy Statement. Apply tot his job Apply To this Job