Availity delivers revenue cycle and related business solutions for health care professionals who want to build healthy, thriving organizations. Availity has the powerful tools, actionable insights and expansive network reach that medical businesses need to get an edge in an industry constantly redefined by change.
At Availity, we're not just another Healthcare Technology company; we're pioneers reshaping the future of healthcare! With our headquarters in vibrant Jacksonville, FL, and an exciting office in Bangalore, India, along with an exceptional remote workforce across the United States, we're a global team united by a powerful mission.
We're on a mission to bring the focus back to what truly matters - patient care. As the leading healthcare engagement platform, we're the heartbeat of an industry that impacts millions. With over 2 million providers connected to health plans, and processing over 13 billion transactions annually, our influence is continually expanding.
Join our energetic, dynamic, and forward-thinking team where your ideas are celebrated, innovation is encouraged, and every contribution counts. We're transforming the healthcare landscape, solving communication challenges, and creating connections that empower the nation's premier healthcare ecosystem.
The Cybersecurity Engineer III role is a member of the Security Operations Center responsible for the protection of Availity's online and corporate assets. This role will actively analyze and develop solutions to emerging cyber security threats. The member will be a vital player of the security operations team, engineering efficient and effective tools, processes, procedures, and best practices to minimize the time from detection to recovery, and to continuously support and improve the processes we provide the SOC analysts and threat hunters for their day-to-day activities. The new team member will be responsible for multiple security products and will have daily tasks such as helping monitor the ticket and project queues. Additionally, the team member will be exposed to other elements of operations team's functions such as host and network forensics, purple team activities, threat intelligence, and enterprise analytics. This role will be part of a 24/7/365 work effort, and therefore may be required to work after hours and will be required to participate in an on-call rotation. The on-call rotation cycles through approximately every 8 weeks. Sponsorship, in any form, is not available for this position. Location: Remote, US Why work on this team:
- This team is highly invested in sharpening and growing your skills, therefore advanced and continuation training is a high priority.
- We strive to grow our analysts and engineers to be versatile and highly contributable to the team's mission, therefore we encourage members to experience and gain exposure to multiple functions and capabilities of the SOC.
- We pride ourselves in constantly searching for the best technologies to achieve our mission of protecting and securing healthcare data; you will be performing your duties on the most modern and efficient technologies and software!
Role qualifications:
- Bachelor's degree in Computer Science or related field, or equivalent comparable work experience in cybersecurity.
- At least 7 years of experience in cybersecurity operations and incident response.
- At least 3 years of experience implementing and/or supporting network security technologies: ZTNA, WAF, proxies, and IPS.
- Experience with certificate lifecycle management, MPKI in the cloud and on-prem, or other crypto technologies like HSM
- Experience supporting mail security related to Exchange, O365, mail filtering solutions, and DNS.
- Experience investigating malicious emails, analyzing headers and using sandboxing technologies to determine threat level.
- Experience supporting and managing endpoint security solutions and investigating EDR issues and alerts.
- Expert understanding of network infrastructure devices such as firewalls, proxies, enterprise load balancers, IDS/IPS, CASB, and ZTNA.
- Expert understanding of network traffic principles, as well as ports, protocols and services (SSLP, HTTP, FTP, NTP, NSF, SSH, LDAP, etc).
- Expert understanding of cybersecurity concepts such as authentication procedures, access controls, encryption, etc.
- Strong familiarity with python and PowerShell scripting, and use of Power BI.
- Strong familiarity and application of governing cyber frameworks such as NIST and NICE.
- Strong understanding of modern cyber threats and the MITRE ATT&CK framework.
- Proficient in multi cloud and managing and securing assets in the cloud: Azure and AWS.
- Proficient in using, troubleshooting, and securing Windows and Linux operating systems.
- Proficient in using Splunk and other SIEM technologies and creating monitors and alerts for critical systems and malicious activities.
- Proficient in domain management and secure DNS settings for those domains.
- Network and Security certifications such as GIAC, CISSP, GCIA, AWS SSA, AWS Security, or equivalent; total cybersecurity experience will be considered as a certification substitute.
- Excellent analytical, problem-solving, and decision-making abilities.
- Highly motivated professional with strong interpersonal and communication skills.
- Ability to identify, assess, and communicate issues, risk, and remediation recommendations to multiple levels of leadership.
Job Preferences:
- Experience with healthcare-related standards (HIPAA and HITRUST).
- Strong understanding of emerging threats and cyber threat hunting.
- Active CISSP, GIAC, AWS or industry related certifications.
- Experience in more than one cybersecurity role, per NICE framework.
What you will be doing:
- Troubleshoot security and network problems related to ZTNA, Proxy, ICAP, MPKI, IPS, Mail, and EDR.
- Assist in monitoring and closing out incidents, tickets and projects.
- Participate and follow the change management process.
- Working with the vulnerability management and red team to solidify our security posture using the results from scans and penetration tests.
- Engage in purple team exercises to document potential gaps in our security controls and to determine training and capabilities needed to maintain maximum protection against the current threat landscape.
- Assist with network and endpoint analysis to determine IOCs related to incidents, adversarial cyber kill-chain methodology, root cause analysis, and preventative counter measures.
- Evaluate cyber security threats and make assessments to determine the overall risk to the network, product, or company.
- Apply knowledge of controls, threats, and vulnerabilities to build strategic planning and roadmaps to harden systems.
- Contribute to the team's threat intelligence platform to ensure the team remains one step ahead of malicious cyber actors.
- Deliver weekly operational metrics that influence leadership's decision-making on optimizing the security of the network.
- Participate in threat modeling collaboration with development teams and other security team members.
- Assist in investigations and incident response.
Availity culture and benefits:
- Availity is a certified "Great Place to Work", a "Best Workplaces for Technology Companies", a "Best Workplaces for Women" and a "Best Workplaces for Millennials"!
- Culture is important to us and there are many ways for you to make your mark here!
- We have several Diversity & Inclusion teams and various ways to engage with fellow Availity associates. "AvaiLadies", "Beyond Black", "HOLA", "Availity Pride", "VetAvaility" a Young Professionals Group and "She Can Code IT" a group for women in tech are some of the groups you can get involved in.
- Availity is a culture of continuous learning. We have many resources and experts in our tech stack and in our industry that can help get you there too!
- We offer a competitive salary, bonus structure, generous HSA company contribution, healthcare, vision, dental benefits and a 401k match program that you can take advantage of on day one!
- We offer unlimited PTO for salaried associates + 9 paid holidays. Hourly associates start at 19 days of PTO and go up from there with all the same holiday benefits.
- Interested in wellness? We allow our associates to reimburse up to $250/year for gym memberships, participation in racing events, weight management programs, etc.
- Interested in furthering your education? We offer education reimbursement!
- Availity offers Paid Parental Leave for both moms and dads, both birth parents and adoptive parents.
- Want to work for an organization that gives back to the community? You're at the right place! Availity partners with various organizations, both locally and nationally, to raise awareness, funds and morale as our staff members volunteer their time and funds to engage the organizations campaign.
Next steps: After you apply, you will receive text/email messages thanking you for applying and then you will continue to receive more text/email messages alerting you as to where you are in the recruitment process. Interview process:
- Recruiter resume review
- Manager resume review
- Recruiter video interview
- ConveyIQ video interview
- Manager video interview
- Panel video interview
Availity is an equal opportunity employer and makes decisions in employment matters without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, gender expression, genetic information, national origin, religion, marital status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions, or any other classification protected by federal, state, and local laws and ordinances. Availity is a drug-free workplace. Candidates are required to pass a drug test before beginning employment. NOTICE: Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. When required by state law or federal regulation, Availity uses I-9, Employment Eligibility Verification in conjunction with E-Verify to determine employment eligibility. Learn more about E-Verify at http://www.dhs.gov/e-verify. Click the links below to view Federal Employment Notices. Family & Medical Leave Act Equal Employment Law Poster Pay Transparency Employee Polygraph Protection Act IER Right to Work Poster Important Notice about Employee Rights to Organize and Bargain Collectively with Their Employers
|