Inspired by faith. Driven by innovation. Powered by humankindness. CommonSpirit Health is building a healthier future for all through its integrated health services. As one of the nation’s largest nonprofit Catholic healthcare organizations, CommonSpirit Health delivers more than 20 million patient encounters annually through more than 2,300 clinics, care sites and 137 hospital-based locations, in addition to its home-based services and virtual care offerings. CommonSpirit has more than 157,000 employees, 45,000 nurses and 25,000 physicians and advanced practice providers across 24 states and contributes more than $4.2 billion annually in charity care, community benefits and unreimbursed government programs. Together with our patients, physicians, partners, and communities, we are creating a more just, equitable, and innovative healthcare delivery system.

This is a remote position.

Job Summary

The Cybersecurity Engineer External Attack Surface Management (EASM) position supports the Attack Surface Management (ASM) program for CommonSpirit Health.  This program provides attack surface discovery, performs technical security assessment services, maintains ASM security systems and workflows, and provides engagement and reporting services on specific and systemic security vulnerability and configuration issues for the enterprise.

The Cybersecurity Engineer will report to the Manager, EASM and OffSec, as part of the overall Cyber Vigilance and Defence group, focused on identifying, protecting, responding and containing threats and vulnerabilities to the overall CommonSpirit organization.

The Cybersecurity Engineer performs attack surface discovery activities to identify CommonSpirit systems, applications, services, and repositories available on the Internet, assesses system and application weaknesses, misconfigurations, or other flaws in operating systems, network devices, web applications, or other technologies that could lead to security compromises, as well as gaps in current control states.  Monitors the threat and vulnerability landscape and changing business requirements to identify functional, technological and/or control solutions.  Develops, integrates, and maintains EASM tools and platforms.  Integrates all cybersecurity solutions in an optimal manner to best discover and protect the organization from cyber threats and exposures.    

May drive one or more projects, acts as a subject matter expert (SME) for one or more discovery or scanning methods, tools, and target environments.  Develops and maintains operational security processes, and assists in the remediation of the identified issues.  May act as team-lead for other security personnel.  

Job Responsibilities

• Designs, develops, and implements new discovery and assessment solutions to integrate into and test within existing or newly defined architectures.
• Provide support on team related engagements with Security Engineering, Identity Management Engineering, Security Architecture, SOC, Network Engineering, Clinical Engineering, Systems Engineering, Application Development, and/or other IT Operations and business function owners.
• Act as a security advocate for IT Operations team’s adherence to CommonSpirit Health policies, security standards and requirements, and industry best practices.
• Manage workload, prioritizing tasks and documenting time, and other duties as directed by management.
• Pursue continuing education to grow and maintain knowledge of best practices, compliance requirements, attack surface discovery methodologies, vulnerabilities, threats and trends in information security, translating into operational action items, policies, procedures, standards and guidelines as part of the IT Security team.
• Participate in the collection and documentation of departmental knowledge artifacts, participant in the development and population of knowledge management and collaboration systems for the IT Security team.
• Communicates security and technical information to team members and across the IT Organization.
• Assists Management in identifying knowledge, process, and technology gaps.
• Provide service line support for attack surface discovery and vulnerability scanning operations, and remediation engagement. 
• Perform reviews and analysis of system and applications vulnerabilities and configurations, and support Security technical Risk Management processes.
• Proactively identify, engage on, and escalate vulnerability and configuration issues, either system/application specific or systemic.  Lead specific engagement and remediation efforts.
• Designs, develops, configures, and implements solutions to resolve intermediate technical and business issues related to information security.
• Reviews and consults on security of technology solutions to resolve intermediate to high technical and business issues.
• Provides support and works on multiple functions of intermediate to high complexity. 
• Serves as SME for one or more attack surface discovery or vulnerability scanning platforms and services.

• Bachelor’s Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience required.
• Relevant technical/professional security certifications (such as: COMP-TIA Network+ , Security+, SANS GIAC, CISSP, CRISC, CISA, or vendor-specific) preferred.
• 2-3 years job related experience required, specifically conducting vulnerability scanning or related activity on a multiple set of target types. 
• Experience in Windows, UNIX/Linux OS required.
• Functional understanding of regulatory and compliance mandates and frameworks, including but not limited to: HIPAA, HITECH, PCI, Sarbanes-Oxley, Center for Internet Security (CIS), NIST, or MITRE Attack Framework preferred.
• Experience conducting Vulnerability Testing (Network, Application, Database, and/or System Security), Analysis, Prioritization, and Documentation, and the management of communication with leadership and affected stakeholders preferred.
• Knowledge of healthcare environments preferred.
• Previous project management or project coordination experience preferred.
• Previous Information Security experience in the healthcare/medical environment strongly preferred.

#LI-Remote

#LI-CSH