Duties and Responsibilities:

• Ensure Healthfirst systems and work completed are secure and compliant with policies, standards, guidelines, and laws (i.e., HIPAA, MITRE, NIST, HITRUST, etc.)

• Apply security engineering and implementation expertise to ensure the security of Healthfirst infrastructure

• Ensure IT security solutions and/or initiatives are delivered within financial targets

• Lead multiple security capabilities and/or Programs such as EDR, GRC, Incident Response, PAM, IAM, SOAR. DLP, SEIM, Insider Threat, etc.

• Partner closely and work collaboratively with key stakeholders, team members, and senior leadership in accomplishing cyber security responsibilities and initiatives

• Lead technical teams as assigned and needed

• Assists department leadership by providing informal coaching and direction to Cyber Security Engineers

• Develop and document security procedures in alignment with security policies and audit oversight

• Additional duties as assigned or required

Minimum Qualifications:

• Technical Degree in Computer Science or Cyber Security and/or equivalent work experience

• Prior work Cyber Security work experience

• Experience in security engineering, vulnerability assessment, threat hunting, and incident response

• High School diploma or GED from an accredited institution

Preferred Qualifications:

• Experience in Privilege Access Management, working with solutions such as CyberArk or other PAM tools in a self-hosted or cloud based environment.

• Experience with cloud-based PAM solutions (Entra ID, AWS IAM)

• Experience with Identity Access management, incident response and governance risk and compliance.

• Experience implementing and maturing security processes or solutions. (i.e. PAM, IAM, EPM, EDR, SIEM, GRC, Firewall, DLP, CASB, UEBA, DLP, Vulnerability Management, Red Teaming, Threat Hunting, or A&A, etc.)

• Strong background in infrastructure support, working on mixed environments such as Windows, Linux and Unix, and Macs.

• Knowledge of SIEM tools and security monitoring practices.

• Familiarity with Active Directory, LDAP, and cloud environments (e.g., AWS, Azure).

• Proficiency in scripting languages (e.g., PowerShell, Python) for automation.

• Advanced Cyber Security expertise * Experience communicating across teams and with key stakeholders * Experience leading teams and developing others * Security Plus, CISSP, CISA, CEH, and Operating Certifications

Compliance and Regulatory Responsibilities: See Above

• License/Certification: See Above

WE ARE AN EQUAL OPPORTUNITY EMPLOYER. Applicants and employees are considered for positions and are evaluated without regard to mental or physical disability, race, color, religion, gender, gender identity, sexual orientation, national origin, age, genetic information, military or veteran status, marital status, mental or physical disability or any other protected Federal, State/Province or Local status unrelated to the performance of the work involved.