Great careers start with great training. The people of Banner Health are focused on delivering excellent care to our patients. In return, we are committed to excellence in personal development for all our team members.
The Cybersecurity Engineering (CE) pillar is a part of one of the foundational pillars that makes up Banner's Cybersecurity Department. The CE pillar is directly responsible for designing and building secure capabilities and solutions to enable other Cybersecurity and IT groups to provide value in their areas. This position was established to engage in various aspects of Cybersecurity Engineering functions.
As a Cybersecurity Engineer on the CE team you will be assisting in leading, developing, evaluating, supporting and improving security processes using industry leading technologies on one or more aspects of CE including: 1. Process Improvement for Cyber related cloud workflows 2. Cloud monitoring strategy and implementation improvements 3. Tuning of Security Operations tools. In this role you will be collaborating with several other Banner departments and stakeholders to ensure that we are meeting security needs while making healthcare easier for our patients, so that their lives can be better.
Experience in Microsoft Azure and/or cloud engineering is a plus.
Experience in ServiceNow Security Operations is a plus.
Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.
POSITION SUMMARY This position designs, develops, configures, implements, tunes, maintains solutions, resolve technical and business issues related to cybersecurity threat & vulnerability management, identity management, security operations center, forensics, and data protection. Cybersecurity Engineers work with Cybersecurity Architects to execute strategic cyber initiatives, evaluate security components of the network, applications and end-user devices, and provides guidance to ensure new systems meet regulatory and technical standards. Cybersecurity Engineers participate in root-cause analysis efforts to determine improvement opportunities when failures occur. Manage Cyber systems, ensures they are tuned, on the current release and manages appropriate change management across the IT organization and the business.
CORE FUNCTIONS 1. Leads in the design and implementation of cybersecurity solutions.
2. Leads in providing technical expertise and support for cybersecurity solutions, including operational aspects of the software, hardware, network/firewall.
3. Leads in the design, implementation, and compliance of secure configurations for applications and infrastructure components.
4. Leads in technical assessments of systems and applications to ensure compliance with policy, standards and regulations.
5. Leads in the ongoing evaluation and development of security policies and procedures. Leads the revision of policies and procedures, as needed.
6. Serves as technical lead of cybersecurity projects, including the development of project scope requirements, cybersecurity product implementation, tuning, operational support model creation.
7. Under general direction, this position is responsible for cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management. Work closely on cross functional IT Teams.
Performs all functions according to established policies, procedures, regulatory and accreditation requirements, as well as applicable professional standards. Provides all customers of Banner Health with an excellent service experience by consistently demonstrating our core and leader behaviors each and every day.
MINIMUM QUALIFICATIONS Must possess strong knowledge of business, information security and/or computer science as normally obtained through the completion of a bachelor's degree in Computer Science, Information Security, Information Systems, or related field.
Four to six years of experience of enterprise-scale information security engineering, preferably in healthcare. Must also possess one to three years' experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience. Experience, IT operations, automation of cybersecurity processes, coding and scripting languages, ability to document cybersecurity processes as well as use case development. Experience with the assessing cyber products, including vendor selection, define requirements, contractual documentation development. Experienced in planning, designing and implementing cybersecurity solutions. Experienced in operating, maintaining and implementing, upgrading and lifecycle of cybersecurity solutions. Proficient understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley. Advanced knowledge of Security Engineering Principles, including risk management, resilience, vulnerability management, Information Security, NIST, MITRE ATT@CK, etc. Expertise in Cyber products supporting Data Loss Prevention, EDR, AntiVirus, Perimeter services, Threat systems, cyber platform analytics, SIEM, CASB, CLOUD Security, ETC. Requires independent judgment, critical decision making, excellent analytical skills, with excellent verbal and written communications. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; ability to balance project workloads with customer support and on-call demands. Must demonstrate knowledge of information technology and information security principles and practices. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Incumbent will have skills to mentor less experienced team members. As is typical in this industry, variable shifts and hours and responding to after-hours notifications may be required.
Certification in two or more of the following areas: Systems Security Certified Practitioner (SSCP), HealthCare Information Security & Privacy Practitioner, (HCISPP), CompTIA Security+, Certified Information Systems Security Professional (CISSP) - Engineering (ISSEP), Certified Ethical Hacker (CEH), SANS GIAC, or Certified Information Systems Auditor (CISA). Three plus years as a System Administrator, Security Operations or in IT Operations. Or three plus years in risk management or GRC experience in the healthcare/medical environment. Must also possess three plus years' experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience.
Internal Number: R11628
About Banner Health
You want to change the health care industry – one life at a time. You belong here. You’re excited to be part of the dramatic changes happening in the health care field. In fact, you thrive on change. But you also understand that excellent, compassionate patient care is the true measure of the success of these changes. You belong at Banner Health. Our award-winning, comprehensive health system includes 23 hospitals in seven western states, primary care health centers, research centers, labs, a network of physician practices and much more. Throughout our system, skilled, compassionate professionals use the latest technology to change the way care is provided. If you’re looking to be a key contributor to a forward-looking organization, you’ll experience a wide variety of professional advantages: •Our vision for changing the future of health care gives you the opportunity to leverage your abilities to achieve something historic. •Our expansive system offers you an unmatched variety of clinical settings – from large urban trauma center to small rural hospital, ambulatory to home health. Our system also includes hospitals specializing in cancer, heart health and pediatrics. •Our many loc...ations also translate into a broad selection of exciting and rewarding lifestyle options – from the big city to the wide-open spaces. •Our commitment to healthcare innovation means you always have the latest technologies at your fingertips to help you provide the finest care possible. •The size, success and growth of our system provide you with the stability and options to pursue your desired career path. •Our competitive compensation and comprehensive benefits offer you options to complement your unique needs.