Architect, Cyber Engineer

About The Position

Requirements

• Master’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent depth of cybersecurity engineering experience.
• 5–8+ years in security operations, incident response, or cybersecurity roles with multi‑platform ownership and proven enterprise impact.
• Able to pass healthcare compliance/background checks.
• Curiosity and willingness to learn new technologies, including use of AI and AI-enabled security capabilities.
• Full-spectrum security domain expertise (identity, endpoint, email/phishing, cloud, network, data protection, etc).
• Expert understanding of identity threats (MFA fatigue, token theft, OAuth abuse), email threats, EDR evasion, and cloud/system misconfigurations.
• Deep architecture and content engineering depth: detections, analytics, automation, data pipelines, quality gates, and measurement.
• Demonstrated leadership of large‑scale incident response actions, detection/resiliency initiatives with measurable risk reduction.
• Ability to solve complex cybersecurity operational problems without guidance.
• Master-level executive communication, risk storytelling, stakeholder influence, and cross‑functional leadership.
• Ability to quickly organize and manage multiple competing tasks simultaneously.
• Ability to translate adversary TTPs into engineering changes for security tools.
• Ability to sit for extended periods and operate a computer.
• Occasional lifting up to 20 pounds.
• Extended screen time; rapid context switching; occasional high‑stress major‑incident participation.
• Participation in on-call coverage including nights/weekends/holidays as assigned.
• Ability to analyze alerts, logs, and reports for extended periods.
• Ability to prioritize tasks and manage multiple tickets simultaneously.
• Attention to detail and consistency in documentation.
• High focus for long periods during monitoring shifts; ability to communicate technical alerts to non-technical staff.

Nice To Haves

• ISC2 Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP+) / SecurityX, or similar.

Responsibilities

• Event Lead for enterprise‑level incident response for priority events; coordinate with Legal/Privacy/Communications and external partners as needed.
• Perform Tier 3-level ticket intake, triage, investigation, remediation and document corrective actions in corporate ticketing systems.
• Deliver correlated and complex cross‑platform detections.
• Lead cyber defense operations across detection, response, and prevention functions.
• Evaluate and integrate AI across detections, hunting, triage, and automation.
• Utilize AI-assisted analysis and automation to improve accuracy and efficiency of investigations.
• Maintain awareness of emerging threats, vulnerabilities, and adversary techniques and translate threat intelligence into operational response tasks.
• Author and conduct cyber defense exercises; measure and improve Mean Time to Detect (MTTD)/Mean Time to Remediate (MTTR), detection coverage, and recovery.
• Define and author tool agnostic, outcome‑driven strategy and roadmaps.
• Drive cyber resiliency engineering (backup/restore assurance, segmentation strategy, recovery SLOs, tabletop design, chaos/resilience testing).
• Support exposure management program: scoping, discovery, prioritization, adversarial validation, mobilization; exposure lifespan and business risk reduction.
• Mentor engineers; set documentation and operational standards.