Share this Job

Cyber Security Incident Response Coordinator

Information Security


Address   Franciscan Alliance
    1500 Albany Street
    Beech Grove, IN 46107

Hours  Days

Calendar  Full-Time

Education Associates Required


Cyber Security Incident Response Coordinator 


The Cyber Security Incident Response Coordinator is an integral part of our IS incident and team. This is the role that provides direction in response to alerts sent from the centralized log management system or from a Managed Security Services Provider, and ensures activities are documented. The person who also leads and assists Franciscan’s security incident response team in information security investigations. This position also works with Franciscan Compliance functions, Privacy Officers, and Physical Security when needed for other investigations.  It leverages knowledge of digital events captured in logs as well as other informaton to recommend courses of action and in making response decisions. The position also provides leadership and logistic support to members of the incident response team, create and maintain policies, standards and procedures.  This Cyber Security Incident Response Coordinator works with security operations and security engineering personnel to research, recommend, and implement open source or commercial tools that may aid in security incident investigations.  Lastly this position is responsible for designing, coordinating, and executing tabletop exercises.  This is a job that requires someone who is prompt, precise and professional. Think you’ve got what it takes?  

Do you have incident response experience? Are you a good problem-solver? Are you quick at learning, applying new information, and following instructions for standardized processes ? We need someone with these skills on our team.     

  • Provide direction to and logistical support for information security incident responders. 
  • Collaborate with internal resources as needed to bring resolution to information security incidents.
  • Work with vendors, including forensic specialists as needed to investigate, manage and resolve incidents.
  • Communicate status of security incidents to appropriate audiences at the appropriate times, including problem escalation and time-sensitive matters. 
  • Establish and enforce incident response processes in cooperation with MSSPs providing centralized log management and review / alerting of noteworthy events.
  • Maintain required documentation in accordance with policy and best practices.
  • Review reports from centralized log management system, take action where necessary or assigns a team member to take action; evaluate the need to add reports to the centralized log management system, working with FAIS staff and MSSP to establish new reports. 
  • Support efforts to design, plan, execute, and report on tabletop exercises.
  • Collect data and create incident metrics.
  • Create and review incident response operational policies, procedures, and standards.
  • Prior experience in an Information Technology or Information Security Department, with incident response experience.
  • Strong familiarity with the phases of security incident response: Detection, Analysis, Containment, Eradication, Recovery, and Post Incident Activities.
  • In-depth understanding of the types of events of interest in electronic logs.
  • Understanding of methodology of designing and executing incident response tabletop exercises.
  • Strong familiarity with best practices related to security incident response activities and protocols, including litigation holds, chain of custody, and playbooks.
  • Awareness of incident response requirements of HIPAA, PCI DSS and other applicable laws, regulations and guidelines.


Required:   Associates Degree in an IT-related discipline (e.g. Computer Science, MIS, Information Security) or a minimum of 5 years’ experience in an Information Technology or Information Security Department with incident response experience.


Preferred:  Bachelor of Science Degree in an IT-related discipline (e.g. Computer Science, MIS, Information Security).
Preferred:  3 - 5 years experience in the healthcare industry; experience in incident response activities aligning with essential jobs functions. 

Preferred:  An  industry-recognized certification or vendor training related to vulnerability scanning/management, Centralized log management, firewalls, IPS/IDS, or incident response. 


Travel: Up to 20%



It is the policy of Franciscan Alliance to provide equal employment to its employees and qualified applicants for employment as otherwise required by an applicable local, state or Federal law.

Franciscan Alliance reserves a Right of Conscience objection in the event local, state or Federal ordinances that violate its values and the free exercise of its religious rights.

Franciscan Alliance is committed to equal employment opportunity.


Beech Grove, IN, US, 46107

Up to 20%
employmentType:  Full-Time
Beech Grove
1500 Albany Street