Cybersecurity Engineer - Information Security - Day Location: WellSpan Health, York, PA Schedule: Full Time Hours: M-F Day Full Time: 40 hours/week General Summary Provides advanced level technical knowledge and expertise with system and network security. Makes enhancements to existing monitoring and security operations. Contributes to a continuous monitoring program framework. Monitors established network and security policies, procedures, and standards to ensure conformance with information services objectives. Develops and maintains various daily reports for audit review (security and change management). Participates with the deployment and operation of information security systems, including integration, testing, troubleshooting, and updating/upgrading of various security tools and appliances such as anti-virus, IPS, malware detection tools, DLP, Identity and access management and encryption tools. Is a key participant/operator in incident response activities to include incident reporting, enterprise coordination, incident resolution management, isolation activities, containment, eradication and recovery activities, and provides forensic analysis for incidents. Coordinates with peers in the organizations outside of the system to form relationships to share incident activity and enhance strategic and tactical protection posture. Duties and Responsibilities + Provides appropriate updates and metrics to leadership regarding security event handling, trends, analysis, incident response resolutions and lessons learned + Monitors information systems and services to audit and maintain security controls to ensure compliance with regulatory policies and industry best practices. + Identifies potential security gaps and articulates enterprise risk. + Makes enhancements to existing monitoring and security operations, based on identified risks. + Responsible for writing the architectural and functional specifications including, but not limited to overall system design, applications, and/or operating system environments as it relates to security and data flows. + Meets defined deliverable deadlines for projects and other assignments. + Provides advanced expertise around the analysis of malware, suspicious emails, and writes protection signatures. + Possesses advanced knowledge of common application-level protocols (i.e. SMTP, SSH, HTTPS, FTP) and network fundamentals (routing, switching). + Advanced understanding of Linux and/or Windows administration. + Advanced scripting knowledge (i.e. Bash, VBScript, Perl, PHP, etc.) + Strong attention to detail with an analytical mind and outstanding problem-solving skills. + Advanced awareness and understanding of cybersecurity trends and hacking techniques. + Provides advanced technical support, to ensure that critical and urgent support cases are handled appropriately. + Ability to troubleshoot both cybersecurity and network issues. + Provides consultation on complex projects and is the top-level contributor/expert. + Identifies malicious, illegal or any other activity that does not fit within the System IT Policy guidelines and reports to leadership. + Participates in tactical efforts to stem attacks and malicious activities. + Provides after hours, on-call support as needed Qualifications Minimum Education: + Associates Degree Required and + Bachelors Degree Preferred Work Experience: + 5 years 5 or more years of Information Technology experience with 3+ years of enterprise information system security experience. Required and + Prior experience in banking, government or health care security procedures, matrix specifically with a network and/or security engineering focus Preferred + Experience with doing Vulnerability Management best practices + Experience doing vulnerability scanning/reporting/interpretation of risk/severity of vulnerabilities. + Deep technical knowledge of network communications and security best practices. Courses and Training: + CISSP, ISSA, CCSP or related security certification(s) Upon Hire Required Knowledge, Skills, and Abilities: + Excellent interpersonal and written communication skills. Benefits Offered: Comprehensive health benefits Flexible spending and health savings accounts Retirement savings plan Paid time off (PTO) Short-term disability Education assistance Financial education and support, including DailyPay Wellness and Wellbeing programs Caregiver support via Wellthy Childcare referral service via Wellthy Apply Now You’re unique and you belong here. At WellSpan Health, we are committed to treating all applicants fairly and equitably, regardless of their job classification. If you require assistance or accommodation due to a disability, please reach out to us via email atcareers@wellspan.org. We will evaluate requests for accommodation on a case-by-case basis. Please note that we will only respond to inquiries related to reasonable accommodation from this email address. Rest assured, all requests for assistance or accommodation are handled confidentially, allowing applicants to share their needs openly and honestly with us. WellSpan Health is an Equal Opportunity Employer. It is the policy and intention of the System to maintain consistent and equal treatment toward applicants and employees of all job classifications without regard to age, sex, race, color, religion, sexual orientation, gender identity, transgender status, national origin, ancestry, veteran status, disability, or any other legally protected characteristic.