Apply on Employer Site

Zelis · 14 hours ago

Incident Handler

United States

Full-time

Remote

Mid, Senior Level

$86K/yr - $115K/yr

4+ years exp

Zelis is modernizing the healthcare financial experience across payers, providers, and healthcare consumers. As a Cybersecurity Incident Handler, you will lead the investigation and mitigation of security incidents, perform digital forensics, and guide team members through complex problems while strengthening the organization's detection and response capabilities.

FinanceFinTechHealth Care

No H1B

Responsibilities

Triage alerts, investigate suspicious activity, lead incident response steps, and coordinate containment and recovery efforts

Make sure logs and security data are gathered correctly, cleaned up, and organized so the team can analyze them effectively

Examine systems, files, logs, and network data to understand what happened during security events

Help newer analysts grow by sharing your experience, offering guidance, and running training sessions when needed

Assist team members with technical questions, tool usage, investigation methods, and established response workflows

Act as the point person during your shift: manage workload, oversee investigations, ensure smooth handoffs, and support teammates. Participate in a rotating on-call schedule as required

Look for opportunities to improve processes, recommend new tools or automations, and help refine how the team operates

Reviewing alerts and logs to identify potential threats or unusual activity

Leading or assisting with active investigations and driving them toward containment and resolution

Running forensic analysis on hosts, cloud workloads, or network artifacts to uncover root causes and timelines

Collaborating with IT, cloud, engineering, or other security teams to gather data or take action on investigations

Sharing insights with teammates, helping them troubleshoot difficult cases, or walking them through an investigation technique

Updating documentation, writing reports, or summarizing incident findings

Teaching something new to the team—maybe a tool trick, a technique, or a better approach to analysis

Handling shift responsibilities like queue management, monitoring ongoing investigations, and tracking priorities

Identifying process gaps or tools that could be improved and proposing better ways to do things

Perform other tasks required by management as needed

Qualification

Incident handlingDigital forensicsCybersecurity certificationsScripting languagesIT Security practicesThought leadershipEffective communicationMentoring

Required

Bachelor of Computer Science, Engineering, Information Security, Information Technology, or 4+ years of equivalent experience

3+ years of enterprise level incident handling

Ability to partner with enterprise teams within a cybersecurity context, leveraging diverse ideas, experiences, thoughts, and perspectives to improve the organization

Effective oral and written communication skills with experience in cybersecurity technical process documentation

Demonstrated cyber defense and information security passion, including commitment to maintaining technical proficiency

Proven record of thought leadership via innovation and non-traditional solutions

Fundamental understanding of IT Security practices/programs/tooling, with demonstrated examples of driving initiatives forwards