Job Description

Enterprise Information Security at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients)
What will you be responsible for?

• Plan, track and monitor threat intelligence research to identify new threats.
• Assist in the responsibility for the reviewing vulnerabilities' data from multiple sources (i.e. external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies to determine risk rating of vulnerabilities to business assets.
• Assist in improving and automating existing vulnerability management lifecycle. Including but not limited, data ingestion & normalization, compliance metrics and detections on assets.
• Develops and maintains strong partnerships to drive end-to-end vulnerability remediation.
• Supports compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risk.
• Participating and creation of detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team.
• Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE)
• Knowledge of threat centric framework Cyber Kill chain and NIST Cyber Security Framework.
• Ensure that system vulnerabilities (new and backlogged) across the enterprise are dealt with in an efficient and timely manner.

What would your work week look like?

• Collaborate with the other security teams to contain and investigate major incidents.
• Analyze and report/present the vulnerabilities to multiple stakeholders for remediation and prioritization & ensuring scan results are presented in appropriate dashboards & reports.
• Maintain intelligence network to discover any reported exploits, zero day vulnerabilities and its applicability to Organization.
• Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs.
• Lead, train and supervise a team of security personnel, ensuring they have the necessary skills and knowledge to perform their duties effectively.
• Perform reoccurring and on demand scanning activities of both corporate and cloud environments utilizing enterprise platform.

Who are we looking for?

• Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience
• 10 plus years of directly related experience as a Vulnerability Management SME or similar role.
• Demonstrated understanding of vulnerability management and security testing practices and methodologies.
• Proven understanding of common vulnerability frameworks (e.g., CVSS, OWASP Top 10)
• Experience with vulnerability scanners, vulnerability management systems, patch management, and host-based security systems (Qualys preferred)
• Scripting or programming (Shell scripting, Power Shell, Python etc.)
• Strong leadership and teambuilding skills.

Providence's vision to create 'Health for a Better World' aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization's success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.
Contact our also, read our .

Skills Required