Cybersecurity Engineer III

Nordic Healthcare Group (NHG)Shaft, MD
21h
Match Resume

About The Position

The Cybersecurity Engineer III supports the enterprise Cybersecurity program with a primary focus on combined Vulnerability Management and Red Team operations. This role is responsible for identifying, validating, and prioritizing security weaknesses through continuous vulnerability assessment, penetration testing, and adversary emulation activities. The position requires the ability to work independently with moderate supervision, collaborate across technical and business teams, and clearly communicate security risks and remediation guidance. The Cybersecurity Engineer III provides operational information security support to the enterprise, acting as a technical resource for infrastructure, application, and business teams. This role works closely with Blue Team/SOC, Infrastructure Services, Application Development, Risk Management, and Internal Audit to improve the organization’s security posture through coordinated offensive and defensive security activities. The position conducts and documents vulnerability assessments, penetration tests, and red team engagements across networks, systems, applications, and cloud environments. Assignments vary in scope and complexity and may include targeted testing, assumed breach scenarios, and validation of security controls. The Cybersecurity Engineer III identifies security risks, analyzes findings within the context of business impact, and provides actionable remediation recommendations. The role requires consistent documentation of methods, evidence, and conclusions so results can be reproduced and understood by both technical and non-technical stakeholders.

Requirements

  • 6+ years of relevant experience in cybersecurity, vulnerability management, penetration testing, or red team operations.
  • Hands-on experience with vulnerability scanning tools, exploitation frameworks, and manual testing techniques.
  • Strong understanding of network, endpoint, application, and cloud security concepts.
  • Working knowledge of common attack techniques, tactics, and procedures (TTPs) and defensive controls.
  • Experience analyzing and validating vulnerabilities beyond automated scan results.
  • Ability to communicate technical security findings clearly to both technical and non-technical audiences.
  • Experience producing high-quality technical documentation and assessment reports.
  • Familiarity with security frameworks and regulatory requirements such as NIST, PCI-DSS, HIPAA, HITRUST, and SOC 2.
  • Strong collaboration skills and the ability to work effectively in a team-oriented environment.
  • Requires a Bachelor's degree and 8 years of related experience, a Master's degree and 6 years of related experience, or 11 years of related experience and no degree.

Nice To Haves

  • Industry-recognized certifications such as: CEH, OSCP, GPEN, GWAPT, GCIH, CISSP, CISM, CRISC, or equivalent.
  • Cloud or platform security certifications (AWS, Azure, GCP) are a plus.

Responsibilities

  • Execute and support enterprise vulnerability management activities including scanning, validation, risk scoring, prioritization, and remediation tracking.
  • Conduct penetration testing and red team activities against networks, endpoints, applications, and cloud services to simulate real-world adversary techniques.
  • Collaborate with Blue Team and SOC resources during purple team exercises to improve detection, response, and prevention capabilities.
  • Validate the effectiveness of security controls and compensating controls through hands-on testing and adversary emulation.
  • Develop and maintain tools, scripts, and techniques to support automated and manual security testing.
  • Analyze vulnerabilities and exploitation paths, clearly articulating risk, likelihood, and potential business impact.
  • Provide detailed technical reports and executive-level summaries of findings, including clear remediation guidance and risk-based prioritization.
  • Support continuous improvement of vulnerability management processes, metrics, and reporting.
  • Partner with infrastructure, application, and cloud teams to support secure design, remediation validation, and architecture reviews.
  • Stay current on emerging threats, attack techniques, exploitation frameworks, and defensive countermeasures.
  • Participate in incident response activities by providing exploitation analysis, attacker tradecraft insights, and root-cause validation as needed.
  • Support compliance and risk management efforts by mapping findings to applicable frameworks and standards (e.g., NIST, PCI-DSS, HIPAA, SOC 2).
  • Participate in on-call or after-hours activities as required to support testing, remediation validation, or incident response.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Cybersecurity Engineer III job opportunities

CyberSecurity Engineer III
American Systems
American Systems • Chantilly, VA10d
Cybersecurity Engineer III
Simventions
Simventions • Virginia Beach, VA2d • $90,000 - $140,000
Engineer, Cybersecurity III
Pantheon Data
Pantheon Data12d • $86,591 • Remote
Cybersecurity Engineer III
cFocus Software Incorporated
cFocus Software Incorporated • Philadelphia, PA4d • Remote
🔥 New JobCybersecurity Threat Intelligence Engineer III
Premera Blue Cross
Premera Blue Cross • Mountlake Terrace, WA21h • $109,000 - $185,300 • Hybrid
Cybersecurity Analyst III
A-TEK
A-TEK • Rockville, MD10d • $130,000 - $140,000 • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service