Apply now »

Lead Security Engineer

About Providence

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 51 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India is bringing to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation of health systems for improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.


Why Us?

  • Best In-class Benefits
  • Inclusive Leadership
  • Reimagining Healthcare
  • Competitive Pay
  • Supportive Reporting Relation

What will you be responsible for?

  • Lead Threat and Attack Surface Management (TASM) efforts, including threat validations and threat modeling activities against internal and external systems, applications, and infrastructure.
  • Conduct in-depth threat hunting operations to identify undetected cyber threats, leveraging a combination of threat intelligence, internal security telemetry, and working to improve prevention and detection methods.
  • Be responsible for Threat-Intel and Attack Surface Management platforms, ensuring their optimal usage for enterprise security monitoring and use-case generation.
  • Collaborate with Security Operations teams to build novel detections and drive threat hunting playbooks to uncover potential adversary activity.
  • Participate in incident response activities and collaborate with other security teams to ensure effective incident response and recovery.
  • Provide tactical briefings on threat observations and findings, and report to stakeholders on the impact and risk to the enterprise.
  • Foster a culture of learning and development within the team by sharing expertise.

 your work week look like?

  • Identify and assess the organization's attack surface, including external-facing systems, applications, and networks. Implement measures to reduce the organization's attack surface and mitigate potential threats.
  • Utilize SIEM, SOAR, EDR, and other security tools to identify anomalous behavior and potential threats.
  • Develop and execute advanced threat hunting strategies, including proactive hunting, reactive hunting, and deception techniques.
  • Analyze security incidents to identify patterns and trends and develop threat hunting hypotheses.
  • Map active threat attack patterns to the MITRE ATT&CK/Diamond Model/Cyber Kill Chain to better understand and address security risks.
  • Perform threat modeling exercises to identify and assess potential vulnerabilities and risks.
  • Participate in incident response activities, including containment, eradication, recovery, and lessons learned.
  • Prepare and present security reports and findings to management and stakeholders.
  • Maintain accurate and up-to-date documentation of hunting procedures, findings, and recommendations.

 

Who are we looking for?

  • Bachelor’s degree in computer science, Information Security, or related field.
  • 8+ years of experience in Incident Management with minimum 4+Threat Hunting, Threat Intelligence.
  • Proficiency in using SIEM (e.g. MS Sentinel/CrowdStrike) SOAR (e.g. Palo Alto XSOAR), XDR (e.g. CrowdStrike Falcon), and other security tools.
  • Knowledge of MITRE ATT&CK Framework, Cyber Kill Chain, and TTP
  • Solid understanding of the cyber threat landscape, including threat actors, TTPs, and attack vectors.
  • Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell.
  • Excellent communication, collaboration, and interpersonal skills.
  • Ability to work independently and take ownership of projects.
  • Additional certifications, such as Certified Threat Intelligence Analyst (C|TIA), GIAC Cyber Threat Intelligence (GCTI), or CEH equivalent are preferred.

Providence’s vision to create ‘Health for a Better World’ aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization’s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.

Contact our Integrity hotline also, read our Code of Conduct.

Apply now »