About the position

Discover Vanderbilt University Medical Center : Located in Nashville, Tennessee, and operating at a global crossroads of teaching, discovery, and patient care, VUMC is a community of individuals who come to work each day with the simple aim of changing the world. It is a place where your expertise will be valued, your knowledge expanded, and your abilities challenged. Vanderbilt Health is committed to an environment where everyone has the chance to thrive and where your uniqueness is sought and celebrated. It is a place where employees know they are part of something that is bigger than themselves, take exceptional pride in their work and never settle for what was good enough yesterday. Vanderbilt’s mission is to advance health and wellness through preeminent programs in patient care, education, and research. Organization: VEC Cybersecurity Design & Consulting Job Summary: This position is part of the AI Cybersecurity team. This position works with VUMC IT, Health IT, Research IT, to make sure proposed AI solutions are implemented in a secure manor and are following the VUMC AI Cybersecurity strategy. This position develops metrics and KPIs for leadership around AI usage at VUMC and assist with further development of VUMC’s AI Cybersecurity strategy . Vanderbilt Enterprise Cybersecurity (VEC) AI Cybersecurity (AIC) team provides the following services for VUMC Enterprise Cybersecurity (VEC) Security Operations and Services (SOS): Reporting, Project Management, Consulting, Implementation Assist VEC, Research IT, VUMC IT, Health IT with new AI implementations from an operational security standpoint Provide reports to management for various KPIs and metrics around the AI landscape at VUMC Assist various VEC SOS teams with any projects or efforts that involve AI Research new technologies and changes in industry trends to ensure VUMC status current with new cybersecurity incident detection and response technologies. Automation of VEC SOS services where possible Assist with continual development of Cybersecurity programs and initiatives Provide summaries to Directors on certain technologies and the operational impact that they have on cybersecurity Duties of the AI Cybersecurity Analyst will include the following: Assist VUMC with new request to make sure solutions are implemented with a “security first” design Act as a Cybersecurity consultant when needed Solution controls that will encourage adaptation and innovation Development and deployment of new metrics or reports using PowerBI or Tableau Track data using MS Excel, MS SQL Server, or Databricks Provide reports to management for the above services for operational and project efforts; Assist various VEC SOS teams with any projects or efforts Research new technologies and changes in industry trends to ensure VUMC status current with new cybersecurity incident detection and response technologies; Automation of ASC service tasks when possible.

Responsibilities

• Assist VUMC with new request to make sure solutions are implemented with a “security first” design
• Act as a Cybersecurity consultant when needed
• Solution controls that will encourage adaptation and innovation
• Development and deployment of new metrics or reports using PowerBI or Tableau
• Track data using MS Excel, MS SQL Server, or Databricks
• Provide reports to management for the above services for operational and project efforts
• Assist various VEC SOS teams with any projects or efforts
• Research new technologies and changes in industry trends to ensure VUMC status current with new cybersecurity incident detection and response technologies
• Automation of ASC service tasks when possible
• The analyst will be expected to review, edit, and develop various forms of documentation. This will include, but is not limited to, SBARS, Standards, RACIs, Process documentation for various metrics and reporting.
• The analyst will be expected to attend and develop solutions around the Request Coordination and Project Intake. The analyst is required to research and provide summaries of AI initiatives that are presented to VEC Leadership.
• The analyst will be expected to act as a resource for any AI initiatives within VEC.
• The analyst is responsible for AI research and development within VEC data and various cyber security tools. This will be done in a secure manner and act as a way for VEC to explore opportunities to improve.
• The analyst will be expected to attend various meetings and offer insight into the solutions being discussed. The analyst will need to be able to work with ambiguity and help individuals reach a solution that fits their needs.

Requirements

• Bachelor's degree (or equivalent experience) is required
• Anomaly Detection (Novice): Possesses sufficient fundamental proficiency to successfully demonstrate Anomaly Detection practices in practical applications of moderate difficulty. Has a basic understanding of network behavior analysis techniques and tools. Capable of using Intrusion Detection Systems software.
• Network Forensics (Novice): Possesses sufficient fundamental proficiency to successfully demonstrate Network Forensics in practical applications of moderate difficulty.
• Incident Response (Novice): Demonstrates the ability to respond quickly to reports from individuals. Takes immediate action to stop an incident from continuing or recurring. Determines whether an incident should be handled locally or reported to the IT Security Response Team. Works with the IT support staff to repair a system, restore service, and preserve evidence of the incident. Handles sensitive and other critical responses in a professional manner. Evaluates and documents investigation findings after resolving an incident.
• Malware Analysis (Novice): Possesses sufficient fundamental proficiency to successfully demonstrate Malware Analysis in practical applications of moderate difficulty. Has determined the behavior and purpose of a simple malware threat, and eliminated it from the Company's computers. Familiar with Dynamic Analysis, the analysis of software during its execution on a computer or in an virtual machine, and Static Analysis, the method to look at the component without any execution on the component itself. Has used basic Malware Analysis tools and products.
• Vulnerability Assessments (Novice): Demonstrates the ability to successfully review basic Internet connections and internal networks to identify standard hacker/cracker threats. Able to review the configuration of server and major network applications to identify configuration errors and other problems that weaken organizational systems and increase their likelihood of misuse. Has conducted an assessment of at least one of the following: [1] access controls, governing access to applications and files, [2] password controls, determining permissible choice of passwords and governing the requirement to change passwords, [3] connectivity controls [e.g., open ports/ enabled protocols] influencing permissible communications to and from a computer system, [4] inappropriate files [including viruses, worms, Trojan horses, bootleg software, music files, inappropriate image files], and [5] unpatched software, bringing attention to available security-related patches that have not been deployed. Has basic knowledge of several of the following: network foot-printing, port scanning, and enumeration techniques, specific operating system vulnerabilities [like Win-NT, nix,Win-2K, Solaris], web server vulnerabilities, application level exploits, worms, viruses, and Trojans, network vulnerabilities, sniffing, wireless sniffing, IP spoofing, and PPTP/VPN breaking. Generate security reports for management that show system safety and incident reporting.
• Relevant Work Experience Experience Level: 2 years

Nice-to-haves

• Security+ Certification is recommended