Cybersecurity Engineer II Security Operations Center

Mercy Health - Cincinnati, OH

Thank you for considering a career at Mercy Health!

This is what we were meant to do - Together!

The role of the cybersecurity engineer II is responsible for supporting the cybersecurity program, which includes but is not limited to incident response, malware analysis, and digital forensics. This position requires the candidate to be able to work independently and with minimum supervision, and have excellent written and verbal communication skills. The position is located in Cincinnati Ohio and reports to the Manager Cybersecurity, Security Operations Center.

Essential Job Functions /Core Responsibilities:
Manage defenses against unauthorized activity within computer networks, including monitoring, detection, analysis (such as trend and pattern analysis), and response and restoration activities
Support data loss prevention configuration, security information and event management configuration and administration
Work effectively with others in the Information & Technology organization, operations in support of security policies and standards.
Participate in rotating on-call schedule. Support security architecture review. Support joint “Purple Team” cybersecurity exercises.
Support tuning of cybersecurity tools and proactive threat-hunting. knowledge of network address translation, packet analysis, TCP three-way handshake, IPV6, IPV4, TCP-IP and UDP, and troubleshooting analysis.
Complete technical documentation to include network security diagrams, build of materials (BOMS), incident response playbooks, procedures in support of Payment Card Industry Compliance Data Security Standard (PCI-DSS), Health Information Trust Alliance (HITRUST), Health Insurance Portability and Accountability Act (HIPAA), and cybersecurity defense and protection due-diligence and due care.
Work with Network Operations Center to ensure security measures are consistent with network architecture.
Travel 10% of the time to support cybersecurity enterprise incident response, “Blue Team” security operations west and east team building.
Support cybersecurity architecture to include defense in-depth designs for network security monitoring (NSM) continuous security monitoring (CSM) to proactively detect and prevent advanced persistent threats, ransomware, and data exfiltration. Complete reverse malware engineering analysis and identify TPP’s for internal and external threats.
Support after hours’ system tuning configuration changes in compliance with the Bon Secours Mercy Health change management policy

Qualifications Include:
Associates or Bachelor’s degree in Electrical Engineering, Information Security, Information Assurance, Cybersecurity, Computer Science, Information Technology, Information System, Business Management preferred.
3+ years professional work experience in information technology preferred
Certifications such as ISC2 (CISSP, SSCP), CompTIA (Security+, Network+, Server+, CySA+, Linux+), SANS (GSE, GWAPT, GPEN, GCIH, GCFA, GCIA, GMON), Microsoft 365 Certified Security Administrator Associate, CEH, CHFI, CND, Cisco CCNA Security, McAfee Product Specialist Certification (ePO, ATD, SIEM, DLPe, ENS, HIPS), VMware Certified (VCP, VCPA, VCDX), CWSP preferred.
Experience with McAfee enterprise policy orchestrator and SIEM preferred.
Experience with cyber threat hunting for indicators of compromise, malware forensic analysis, Tactics, Threat Procedures (TTP) preferred.
Experience with sniffer protocol analyzer and analyzing and interpreting TCP packets data flows.
Experience sub netting IPv4, IPv6.
Experience creating Visio network, and data flow diagrams.
Knowledgeable of routing protocols OSPF, BGP, IBGP, VRRP, EIGRP.
Experience performing vulnerability assessments and penetrations testing.
Knowledgeable network firewall and intrusion prevention appliance order of operations.
Excellent communication skills to effectively annotate findings in both written and oral form
Ability to communicate clearly and present security findings with technical staff as well as non-technical colleagues.
Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative.
Strong analytical and problem solving skills.
Experienced performing malware analysis and incident response.
Ability to work independently with minimum supervision.
Ability to work with highly confidential information.
Willing to sign a training reimbursement contrac.t
Must have legal authorization to work in the U.S.
M ercy Health is an equal opportunity employer.

We’ll also reward your hard work with:
Great health, dental and vision plans
Prescription drug coverage
Flexible spending accounts
Life insurance w/AD&D
An employer-matched 403(b) for those who qualify.
Paid time off
Tuition reimbursement
And a lot more

S cheduled Weekly Hours:

Work Shift:
Days/Nights (United States of America)

CHPIT-Information Security
Mercy Health provides reasonable accommodations to qualified individuals with disabilities in accordance with the Americans with Disabilities Act and applicable state and local law. If you require accommodation in the application process please contact our Human Resources Department at (513)952-5280 or by email at . This department will make sure you get connected with a Human Resources representative that can assist you.

Compensation & Benefits
EEO is the Law
Privacy Statement
FMLA Rights - English

La FMLA Español