301 Cybersecurity Engineer jobs in Washington

Amex GBT is a place where colleagues find inspiration in travel as a force for good and - through their work - can make an impact on our industry. We're here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.
Amex GBT is seeking a Cyber Security Engineer with an analytical mind and a detailed understanding of cyber security methodologies. Cyber Security Engineers are expected to provide meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure and deliver on tight deadlines.
To ensure success, a Cyber Security Engineer must display an excellent understanding of technology infrastructures which include but are not limited to Encryption, Certificates, Security governance and oversight, Security Controls, Security tooling, and Security policies and procedures. Top candidates must be comfortable working with a variety of technologies, large scale deployments, security problems and troubleshooting and providing CyberSecurity engineering deliverables in a secure/compliant manner.
**What You'll Do:**
+ Working with CyberSecurity Architects team for the planning, proposal and implementation of security controls and platforms.
+ Working knowledge in the field of CyberSecurity, including but not limited to Cloud deployments, application integration, and APIs.
+ Project level experience working in a team environment with multiple parallel workflows, team members, Project Managers, and defined deliverables.
+ Identify and define system security requirements including requirements for achieving audit requirements.
+ Preparing and documenting standard operating procedures and protocols for the Projects and workflows that the Engineer is participating in for the team.
+ Configure and troubleshoot security infrastructure devices as necessary for a smooth and highly available set of controls.
+ In a team environment, develop technical solutions and deploy security tools to help mitigate security vulnerabilities and automate repeatable tasks
+ Troubleshooting and diagnostic skills for the purpose of providing long term actionable solutions and remediation of issues.
+ Responding to and participating in incidents as a representative of the CyberSecurity Engineering team.
+ Ensuring that the organization's data and infrastructure are protected by enabling and maintaining security controls. This includes Gap Analysis as necessary.
+ Participating in the change management process
+ Daily administrative tasks, reporting and communication with the relevant stakeholders, managers and directors.
+ Delivering comprehensive reports including assessment-based findings, outcomes and solutions for increased system security enhancements
+ Working as part of a team with similarly tasked Engineers and Analysts in a diverse, engaging, supportive and respectful manner
**What We're Looking For:**
+ 5+ years working experience as a Cyber Security Engineer
+ BS degree in Computer Science, Cyber Security or related field or equivalent work experience
+ Knowledge of risk assessment tools, technologies and methods
+ Experience designing secure networks, systems and application architectures
+ Use and deployment of encryption for data protection at rest and in transit for contractual, regulatory and audit requirements
+ Direct experience with implementation of security tools such as WAF, DAM, IPS/IDS, Anti-DDoS, Bot Detection, SIEM, Data Leakage Prevention, Proxy, Automation & Orchestration, etc.
+ Experience working in a team environment for planning, researching and developing security policies, standards and procedures
+ Ability to communicate security issues to peers and management
+ Detailed technical knowledge of database and operating system security
+ Experience with network security and networking technologies and with system, security, and network monitoring tools
+ Thorough understanding of the latest security principles, techniques, and protocols
+ Maintaining current knowledge of technology capabilities and trends
+ Problem solving skills and ability to work under pressure
+ Understanding of the OSI (Open Systems Interconnection) model and well-known ports and services
+ Industry certifications in cyber security such as but not limited to, CISSP, GSEC, CSSP, CEH highly desired
**Location**
United States
The US national annual base salary range for this position is from $110,000 to $220,000. The national range provided includes the base salary that GBT expects to pay for the role. Actual base salary will be based on factors including the scope and complexity of the role and the successful candidate's relevant experience, skills, knowledge, and work location.
In addition to base salary, this role is eligible for our Annual Incentive Award plan, which rewards participants based on company and individual performance. For information about our comprehensive US benefits programs and eligibility, please review our Benefits-at-a-Glance document.
Benefits at a glance ( #TeamGBT Experience**
Work and life: Find your happy medium at Amex GBT.
+ **Flexible benefits** are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and wellbeing resources to support you and your immediate family.
+ **Travel perks:** get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.
+ **Develop the skills you want** when the time is right for you, with access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.
+ **We strive to champion Inclusion** in every aspect of our business at Amex GBT. You can connect with colleagues through our global INclusion Groups, centered around common identities or initiatives, to discuss challenges, obstacles, achievements, and drive company awareness and action.
+ And much more!
All applicants will receive equal consideration for employment without regard to age, sex, gender (and characteristics related to sex and gender), pregnancy (and related medical conditions), race, color, citizenship, religion, disability, or any other class or characteristic protected by law.
Click Here ( for Additional Disclosures in Accordance with the LA County Fair Chance Ordinance.
Furthermore, we are committed to providing reasonable accommodation to qualified individuals with disabilities. Please let your recruiter know if you need an accommodation at any point during the hiring process. For details regarding how we protect your data, please consult the Amex GBT Recruitment Privacy Statement ( .
**What if I don't meet every requirement?** If you're passionate about our mission and believe you'd be a phenomenal addition to our team, don't worry about "checking every box;" please apply anyway. You may be exactly the person we're looking for!
Click Here to Learn More (

**Department Name:**
IT Network Services
**Work Shift:**
Day
**Job Category:**
Information Technology
**Estimated Pay Range:**
$50.12 - $83.54 / hour, based on location, education, & experience.
In accordance with State Pay Transparency Rules.
Banner Health was named to Fortune's Most Innovative Companies in America 2025 list for the third consecutive year and named to Newsweek's list of Most Trustworthy Companies in America for the second year in a row. We're proud to be recognized for our commitment to the latest health care advancements and excellent patient care.
Our team is Firewall Services within the Banner Infrastructure department and our team supports all perimeter Palo Alto firewalls that protect all hospitals, clinics, MOBs, Cloud, Data Centers, etc. from security breaches such as patient PHI and PII data.
As Banner continues to leverage technology to deliver the highest quality of possible care, Cybersecurity is a top priority. Firewalls Services is responsible for planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks as well as troubleshooting security and network platforms. This position ensures that the organization's data and infrastructure are protected from insider and outsider threats by enabling the appropriate security controls while responding to all system and/or network security breaches. As a Cybersecurity Engineer III, you will be on the front lines and help investigate and remediate cybersecurity incidents, escalate cybersecurity incidents as defined by procedure, and help liaise closely with other teams to ensure the correct response and remediation of cybersecurity incidents. Also in the CSE III role, you will be an innovator and SME within design and architecture as well as helping see major Cyber Security projects through to completion within the Banner team.
**The typical schedule for this role is Monday - Friday 8AM - 5PM AZ time.**
**This can be a remote position if you live in the following states only: AL, AK, AZ, AR, CA, CO, GA, FL, IA, ID, IN, KS, KY, LA, MD, MI, MO, MN, MS, NH, NM, NY, NC, ND, NE, NV, OH, OK, OR, PA, SC, TN, TX, UT, VA, WI, WV, WA, & WY**
Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.
POSITION SUMMARY
This position leads the designs, develops, configures, implements, tunes, maintains solutions, resolve technical and business issues related to cybersecurity threat & vulnerability management, identity management, security operations center, forensics, and data protection. Cybersecurity Engineers work with Cybersecurity Architects to execute strategic cyber initiatives, evaluate security components of the network, applications and end-user devices, and provides guidance to ensure new systems meet regulatory and technical standards. Cybersecurity Engineers leads root-cause analysis on Cyber systems to determine improvement opportunities when failures occur. Cybersecurity Engineers work closely with other IT organizations to ensure cyber products are working and integrating with non-cyber environments (apps, networks, End User devices, Servers, etc).
CORE FUNCTIONS
1. Proactively initiates the design and implementation of cybersecurity solutions, upgrades, enhancements, while looking forward three to five years.
2. Leads in providing technical expertise and support for cybersecurity solutions, including operational aspects of the software.
3. Serves as subject matter expert in the design, implementation, and compliance of secure baseline configurations for applications and infrastructure components.
4. Proactively initiates technical assessments of systems and applications to ensure compliance with policy, standards and regulations. 
5. Authors new cybersecurity standards and procedures. Leads the revision of existing cybersecurity policies, standards, and procedures, as needed. 
6. Serves as technical leader for cybersecurity projects, including the development of project scope requirements, budgeting, work breakdown and operational handoff.
7. Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cybersecurity white papers, and provide first-class support to the cybersecurity operations staff for resolving difficult cybersecurity issues.
8. Under limited direction, self starter, this position is responsible for cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management. Work closely on cross functional IT Teams. Leads work through indirect leadership across other cyber resources. Articulate complex Security functions into simple business ease.
MINIMUM QUALIFICATIONS
Must possess strong knowledge of business, information security and/or computer science as normally obtained through the completion of a bachelor's degree.  Bachelor's Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent.
Experience normally obtained through seven plus years of experience of enterprise-scale information security engineering, preferably in healthcare. Must also possess three plus years' experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience. 
Experience with IT operations, automation of security processes, coding and scripting languages, ability to document security processes as well as use case development. Experience with the assessing cyber products, including vendor selection, define requirements, contractual documentation development. Experienced assessing and reaching out to vendors for needed features via enhancement requests. Expert understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley. Experienced in planning, designing and implementing cybersecurity solutions, operating, maintaining and managing the lifecycle of cybersecurity solutions. Advanced knowledge of Security Engineering Principles, including risk management, resilience, vulnerability management, Information Security, NIST, MITRE , etc. Advanced expertise in Cyber products supporting Data Loss Prevention, EDR, AntiVirus, Perimeter services, threat systems, cyber platform analytics, SIEM, CASB, CLOUD Security, ETC. Proven Cloud Security experience. Requires independent judgment, critical decision making, excellent analytical skills, with excellent verbal and written communications. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; ability to balance project workloads with customer support and on-call demands. Must demonstrate deep knowledge of information technology and information security principles and practices. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Incumbent will have skills to mentor less experienced team members. As is typical in this industry, variable shifts and hours and responding to after-hours notifications may be required. 
PREFERRED QUALIFICATIONS
Certification in two or more of the following areas Systems Security Certified Practitioner (SSCP), HealthCare Information Security & Privacy Practitioner, (HCISPP), CompTIA Security+, Certified Information Systems Security Professional (CISSP) - Engineering (ISSEP), Certified Ethical Hacker (CEH), SANS GIAC, or Certified Information Systems Auditor (CISA).  Four plus years as a System Administrator or in IT Operations. Or four plus years in risk management or GRC experience in the healthcare/medical environment. Five plus years' experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience. 
Additional related education and/or experience preferred.
**Anticipated Closing Window (actual close date may be sooner):**

**EEO Statement:**
EEO/Disabled/Veterans ( organization supports a drug-free work environment.
**Privacy Policy:**
Privacy Policy ( Health supports a drug-free work environment.
Banner Health complies with applicable federal and state laws and does not discriminate based on race, color, national origin, religion, sex, sexual orientation, gender identity or expression, age, or disability

Our client is seeking a highly experienced and visionary Lead Cybersecurity Engineer specializing in Threat Intelligence to join their cutting-edge security operations center in Seattle, Washington, US . This senior role demands a deep understanding of global threat landscapes, advanced persistent threats (APTs), and sophisticated attack vectors. You will be responsible for developing and executing our organization's threat intelligence strategy, identifying emerging threats, and providing actionable insights to protect critical assets and sensitive data. This includes leading a team of intelligence analysts, establishing processes for threat hunting, and integrating threat intelligence into our defensive security measures.

Key responsibilities include gathering, analyzing, and disseminating threat intelligence from various sources, such as open-source intelligence (OSINT), dark web monitoring, and vendor feeds. You will conduct in-depth research on threat actors, their motivations, and their tactics, techniques, and procedures (TTPs). The Lead Cybersecurity Engineer will also be tasked with developing custom detection rules, correlating security events, and supporting incident response activities with timely intelligence. You will collaborate closely with security architects, engineers, and SOC analysts to enhance our security posture and reduce our attack surface. The ideal candidate will possess exceptional analytical and problem-solving skills, a proactive mindset, and the ability to mentor and guide junior team members. Expertise in security information and event management (SIEM) systems, threat intelligence platforms (TIPs), and various cybersecurity tools is crucial. This is a unique opportunity to lead and innovate within a critical function, safeguarding the organization against evolving cyber threats.

Key Responsibilities:

• Develop and implement comprehensive threat intelligence strategies and programs.
• Lead and mentor a team of cybersecurity threat intelligence analysts.
• Identify, analyze, and track emerging cyber threats, threat actors, and their TTPs.
• Collect and curate threat data from diverse sources (OSINT, dark web, commercial feeds).
• Develop actionable intelligence reports and briefings for technical and executive audiences.
• Integrate threat intelligence into security operations, incident response, and risk management processes.
• Design and implement threat hunting methodologies and playbooks.
• Configure and optimize SIEM and TIP platforms for effective threat detection.
• Collaborate with security engineering and operations teams to deploy defensive countermeasures.
• Conduct vulnerability assessments and penetration testing support.
• Stay current with the latest cybersecurity trends, vulnerabilities, and threat actor methodologies.
• Contribute to the development of security policies and procedures.

Qualifications:

• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Minimum of 7 years of experience in cybersecurity, with at least 3 years focused on threat intelligence or advanced security analysis.
• Proven experience leading technical teams and managing security projects.
• Expertise in threat intelligence methodologies, frameworks (e.g., MITRE ATT&CK), and tools.
• Strong understanding of network security, endpoint security, cloud security, and malware analysis.
• Proficiency with SIEM, SOAR, and threat intelligence platforms.
• Excellent analytical, research, and problem-solving skills.
• Strong written and verbal communication skills, with the ability to present complex technical information clearly.
• Relevant cybersecurity certifications (e.g., CISSP, GIAC certifications).
• Experience with scripting or programming languages (e.g., Python, PowerShell) is a plus.

This position offers a highly competitive salary, excellent benefits, and the chance to work at the forefront of cybersecurity in a collaborative and innovative environment.

Are you interested in working at the cutting edge of industrial cybersecurity? Does securing high criticality operational technology systems and leading a team of cyber professionals motivate you? Are you ready to take your career in Cybersecurity of Operational Technology and Industrial Control Systems to the next level with one of the largest technology and engineering firms in the world? As the OT/ICS Cybersecurity Engineer (mid level), you'll work at the forefront of contemporary industrial systems to secure these systems from design through deployment. Jacobs designs and builds the world's infrastructure, and you'll play a key role in protecting industrial systems that enable our client's most important programs.
As the OT/ICS Cybersecurity Engineer - Mid, you will work with a team of cybersecurity professionals that provide support across the Jacobs delivery lifecycle. From ensuring design compliance with standards to providing discrete cybersecurity assessments, you'll identify risk and provide mitigation measures that protect our clients from the most dangerous forms of cyber-attacks. You will design cybersecurity offerings to be consistent with NIST, NERC CIP and other contemporary cybersecurity standards in ICS environments. You'll understand the cybersecurity needs of large infrastructure programs and develop cybersecurity offerings to include 3rd party technologies that ensure that system and network data is visible and secure. In this role, you'll work with both sales and operations teams to embed cybersecurity and risk reduction into new contract opportunities as well as active programs. You'll work in close coordination with SCADA instrumentation and controls teams to design and integrate SCADA and OT with contemporary security architectures. From design through the commissioning of large infrastructure, you'll put your hands on experience with ICS cybersecurity to work at Jacobs.
Are you ready to be part of our team of ICS cybersecurity professionals at the cutting edge of SCADA and cybersecurity? At Jacobs, we are building a more connected and sustainable world. Come join us as we engineer and secure networks at the heart of today's global infrastructure.
Responsibilities:
* Support cybersecurity design of OT networks through compliance with appropriate security standards
* Provide cybersecurity assessments of OT/ICS across Jacobs markets with analysis of current state, mitigation, and solution implementation
* Support OT integration of switching, servers, firewalls, virtual machines, and other technology with proper security standards
* Perform forensics analysis of OT devices to support cyber incident analysis
* Develop consultative OT security solutions which include services such as attack emulation, penetration testing, threat hunting, and deception operations
* Travel to project sites to provide support of ICS networks, manage and maintain converged platforms, virtualization, networks, security platforms and various other OT/IoT technologies
* 5+ years of experience in OT (operational technology) / ICS (industrial control systems) security with experience leading engagements
* Experience with OT network monitoring and data collection tools
* Technical background with hands-on experience in the conduct of security reviews and assessments of OT security and cybersecurity risk landscapes
* Knowledge of DNP, Modbus, SEL, IEC-61850 protocols - serial & IP based
* Experience working with firewalls and wireless communication technology
* Experience working with virtualization platforms, Active Directory Domain Services, and DNS
* Familiarity with IEC-62443 and other industrial cybersecurity standards
* Knowledge of the Purdue Enterprise Reference Architecture
* Knowledge of Zero Trust Architecture
Preferred:
* IAT Level II Certification (Security+, GICSP)
* Cisco CCNA, Fortinet NSE-4, JNCIA or equivalent network certification
* Expertise in MITRE ATT&CK® and ATT&CK for ICS Frameworks
* Hands-on experience programming ICS vendor Human Machine Interface (HMI) equipment as well as Programmable Logic Controllers (PLCs)
* Experience with Industrial Internet of Things and edge computing
* Working knowledge of NIST SP 800 series guidelines
* Experience implementing secure remote access solutions
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language.

**Department Name:**
IT Identity Access Mgmt-Corp
**Work Shift:**
Day
**Job Category:**
Information Technology
**Estimated Pay Range:**
$50.12 - $83.54 / hour, based on location, education, & experience.
In accordance with State Pay Transparency Rules.
Banner Health was named to Fortune's Most Innovative Companies in America 2025 list for the third consecutive year and named to Newsweek's list of Most Trustworthy Companies in America for the second year in a row. We're proud to be recognized for our commitment to the latest health care advancements and excellent patient care.
The Cybersecurity Engineer III is highly proficient in Cloud Identity and Access Management (IAM) technologies, best practices, and processes. The position requires expertise in Microsoft Identity (Active Directory, Entra ID, Entra External ID, Entra Connect, Conditional Access Policies), AWS Identity & Access Management, and Single Sign-On Authentication technologies (SAML, OIDC, OAuth). Proficiency in Okta Customer Identity is desirable. The candidate should have extensive knowledge of IAM standard methodologies and be able to advise other teams on the use of cloud identity governance and management. The role focuses on IAM within Azure and AWS, developing standards, processes, and procedures to advance IAM governance and facilitate secure operations in a multi-cloud environment.
Candidates with experience in developing strategies, leading implementations and updates of IAM technologies, integrating IAM solutions with business systems is highly desired. Possession of a professional-level certification, such as Azure Administrator Associate, Azure Solutions Architect Expert, Azure Security Engineer Associate, or AWS Certified Security - Specialty, is preferred. The position requires self-motivation, attention to detail, collaboration with teams, and the ability to work toward delivery objectives in a dynamic and technically complex environment. Additional responsibilities include mentoring junior engineers, coordinating with cross-functional teams, supporting process simplification, and contributing to end-user satisfaction.
**Schedule is generally Monday - Friday 8am - 5pm AZ MST Time**
**This can be a remote position if you live in the following states only: AK, AZ, AR, CA, CO, GA, FL, IA, ID, IN, KS, KY, LA, MD, MI, MO, MN, MS, NH, NM, NY, NC, ND, NE, NV, OH, OK, OR, PA, SC, TN, TX, UT, VA, WI, WV, WA, & WY**
Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.
POSITION SUMMARY
This position leads the designs, develops, configures, implements, tunes, maintains solutions, resolve technical and business issues related to cybersecurity threat & vulnerability management, identity management, security operations center, forensics, and data protection. Cybersecurity Engineers work with Cybersecurity Architects to execute strategic cyber initiatives, evaluate security components of the network, applications and end-user devices, and provides guidance to ensure new systems meet regulatory and technical standards. Cybersecurity Engineers leads root-cause analysis on Cyber systems to determine improvement opportunities when failures occur. Cybersecurity Engineers work closely with other IT organizations to ensure cyber products are working and integrating with non-cyber environments (apps, networks, End User devices, Servers, etc).
CORE FUNCTIONS
1. Proactively initiates the design and implementation of cybersecurity solutions, upgrades, enhancements, while looking forward three to five years.
2. Leads in providing technical expertise and support for cybersecurity solutions, including operational aspects of the software.
3. Serves as subject matter expert in the design, implementation, and compliance of secure baseline configurations for applications and infrastructure components.
4. Proactively initiates technical assessments of systems and applications to ensure compliance with policy, standards and regulations. 
5. Authors new cybersecurity standards and procedures. Leads the revision of existing cybersecurity policies, standards, and procedures, as needed. 
6. Serves as technical leader for cybersecurity projects, including the development of project scope requirements, budgeting, work breakdown and operational handoff.
7. Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cybersecurity white papers, and provide first-class support to the cybersecurity operations staff for resolving difficult cybersecurity issues.
8. Under limited direction, self starter, this position is responsible for cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management. Work closely on cross functional IT Teams. Leads work through indirect leadership across other cyber resources. Articulate complex Security functions into simple business ease.
MINIMUM QUALIFICATIONS
Must possess strong knowledge of business, information security and/or computer science as normally obtained through the completion of a bachelor's degree.  Bachelor's Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent.
Experience normally obtained through seven plus years of experience of enterprise-scale information security engineering, preferably in healthcare. Must also possess three plus years' experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience. 
Experience with IT operations, automation of security processes, coding and scripting languages, ability to document security processes as well as use case development. Experience with the assessing cyber products, including vendor selection, define requirements, contractual documentation development. Experienced assessing and reaching out to vendors for needed features via enhancement requests. Expert understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley. Experienced in planning, designing and implementing cybersecurity solutions, operating, maintaining and managing the lifecycle of cybersecurity solutions. Advanced knowledge of Security Engineering Principles, including risk management, resilience, vulnerability management, Information Security, NIST, MITRE , etc. Advanced expertise in Cyber products supporting Data Loss Prevention, EDR, AntiVirus, Perimeter services, threat systems, cyber platform analytics, SIEM, CASB, CLOUD Security, ETC. Proven Cloud Security experience. Requires independent judgment, critical decision making, excellent analytical skills, with excellent verbal and written communications. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; ability to balance project workloads with customer support and on-call demands. Must demonstrate deep knowledge of information technology and information security principles and practices. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Incumbent will have skills to mentor less experienced team members. As is typical in this industry, variable shifts and hours and responding to after-hours notifications may be required. 
PREFERRED QUALIFICATIONS
Certification in two or more of the following areas Systems Security Certified Practitioner (SSCP), HealthCare Information Security & Privacy Practitioner, (HCISPP), CompTIA Security+, Certified Information Systems Security Professional (CISSP) - Engineering (ISSEP), Certified Ethical Hacker (CEH), SANS GIAC, or Certified Information Systems Auditor (CISA).  Four plus years as a System Administrator or in IT Operations. Or four plus years in risk management or GRC experience in the healthcare/medical environment. Five plus years' experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience. 
Additional related education and/or experience preferred.
**Anticipated Closing Window (actual close date may be sooner):**

**EEO Statement:**
EEO/Disabled/Veterans ( organization supports a drug-free work environment.
**Privacy Policy:**
Privacy Policy ( Health supports a drug-free work environment.
Banner Health complies with applicable federal and state laws and does not discriminate based on race, color, national origin, religion, sex, sexual orientation, gender identity or expression, age, or disability

Senior Information Security Analyst

Location WA - Seattle

Job Family Technology Management

Apply Now (

Build the future, spark innovation and align your career with purpose.

McKinstry is innovating the waste and climate harm out of the built environment and creating lasting impact. Together, we’re building a thriving planet.

Buildings are a leading contributor to the climate crisis, generating nearly 40% of total global energy-related carbon emissions. We’re making a lasting impact on our industry and within our communities by addressing the climate, affordability and equity crises through:

• renewables and energy services

• engineering and design

• construction and facility services

To get where we’re going, we need big thinkers, problem solvers and collaborative mindsets. Does that sound like you?

The Opportunity with McKinstry

We are adding a Senior Information Security Analyst to our growing Technology division in Seattle, WA.  This person will increase the security team’s capabilities by offering a well-rounded and deep understanding of security threats and risk mitigation strategies. Leveraging extensive industry and previous experience, this role provides thorough analysis of complex security issues and possesses hands-on capabilities with current technologies and tools.  Additionally, the senior analyst effectively communicates security concepts to both technical and non-technical stakeholders, ensuring a cohesive and informed approach to maturing the security posture.  Some additional responsibilities include:

• Take lead in response to security incidents, coordinating remediation efforts across teams.

• Ensure alignment to industry standards and provide input to security strategy development.

• Contribute to drafting security protocols and take lead on security projects as assigned.

• Continuously monitor and provide recommendations for improvements.

• Conduct vulnerability assessments, identity and mitigate security risks.

• A significant part of this role is an “eyes on glass” role, responsible to triage telemetric data and create a summary of next steps

• Other related duties assigned as needed.

What You Need to Succeed at McKinstry

• Deep knowledge of security frameworks (e.g. NIST, ISO, SOC, GDPR).

• Expertise in threat analysis (identifying, analyzing, mitigating threats).

• 5+ years’ experience with Information Security tools, concepts, and practices.

• 5+ years’ experience with Microsoft AD and Azure technologies

• Experience with drafting security policy, procedure, and standards.

• Excellent verbal and written communication skills to convey complex security concepts to diverse audience

• Has worked in a Services environment, providing consultation, support and oversight

• Has been involved with cybersecurity incident response workflow and triage

PeopleFirst Benefits

When it comes to the basics, we have you covered:

• Competitive pay

• 401(k) with employer match and profit-sharing plan

• Paid time off and holidays

• Comprehensive medical, prescription, dental, and vision with low or zero deductible options and low out of pocket maximums

People come first at McKinstry, and we go beyond the basic benefits with:

• Family formation benefits, including adoption and IVF assistance

• Up to 16 weeks paid parental leave

• Transgender inclusive benefits

• Commuter benefits

• Pet insurance

• “Building Good” paid community service time

• Learning and advancement opportunities via McKinstry University

• McKinstry Moves onsite gyms or reimbursement for remote workers

See benefit plan documents for complete details.

If you’re driven by our vision to build a thriving planet together, McKinstry is the place to build your career.

T he pay range for this position is $80,100 - $134,400 per year; however, base pay offered may vary depending on job-related knowledge, skills, and experience. Base pay information is based on market location. A bonus may be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits, dependent on the position offered.

The McKinstry group of companies are equal opportunity employers. We are committed to providing equal employment opportunities to all employees and qualified applicants without regard to sex, gender identity, sexual orientation, age, race, color, creed, marital status, national origin, disability, veteran status, genetic information or any other basis protected by law. This policy applies to all terms and conditions of employment including, but not limited to employment, advancement, assignment, and training. This commitment to Equal Employment Opportunity is made equally as a social responsibility and as an economic and business necessity.

McKinstry is a drug-free workplace. Employment is _ _ contingent upon successfully passing a pre-employment drug and alcohol test, complying with the requirements of the Immigration Reform and Control Act and a Confidentiality Agreement, in addition to successful outcomes of background and reference checks.

Applicants for this role will only be considered if they possess current US Work Authorization, and do not require employer-sponsored VISA support to begin or remain in this role.

Our client, a leading technology firm based in the vibrant city of Seattle, Washington, US , is seeking a highly motivated and experienced Senior Information Security Analyst to join their dynamic team. This role is crucial in safeguarding the company's digital assets, intellectual property, and sensitive data against an ever-evolving landscape of cyber threats. The successful candidate will be responsible for developing, implementing, and managing robust security strategies and protocols to ensure the confidentiality, integrity, and availability of information systems.

Key responsibilities include performing risk assessments and vulnerability analyses, identifying potential security breaches, and recommending and implementing corrective actions. You will also be involved in designing and deploying security measures, monitoring network traffic for suspicious activities, and responding to security incidents in a timely and effective manner. Furthermore, you will stay abreast of the latest security trends, threats, and technologies, providing expert advice and guidance to IT and business stakeholders. This role requires a deep understanding of security frameworks, compliance regulations, and best practices in cybersecurity.

We are looking for an individual with a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, with at least 5 years of progressive experience in information security. Advanced certifications such as CISSP, CISM, or CEH are highly desirable. Strong analytical and problem-solving skills are essential, along with excellent communication and interpersonal abilities to effectively collaborate with cross-functional teams and present complex security concepts to various audiences. Experience with security tools, including SIEM, IDS/IPS, firewalls, and endpoint protection solutions, is mandatory. The ability to work independently and as part of a team in a fast-paced environment is also critical. This is an exciting opportunity to contribute to a company committed to innovation and security excellence.

• Conduct regular security audits and penetration testing.
• Develop and enforce security policies and procedures.
• Manage incident response plans and conduct post-incident reviews.
• Provide security awareness training to employees.
• Collaborate with IT infrastructure teams to ensure secure system configurations.
• Evaluate and recommend new security technologies.

Our client, a leading technology firm, is seeking a highly motivated and skilled Senior Information Security Analyst to join their robust security team. This is a fully remote position, offering the flexibility to work from anywhere within the US. You will be instrumental in safeguarding the organization's digital assets and infrastructure against evolving cyber threats. The ideal candidate will possess a deep understanding of information security principles, risk management, and best practices in threat detection and incident response. Responsibilities include developing and implementing security policies and procedures, conducting vulnerability assessments and penetration testing, managing security awareness training programs, and staying current with the latest security technologies and threat landscapes. You will play a crucial role in monitoring security systems, analyzing security logs, and responding to security incidents in a timely and effective manner. Collaboration with IT teams across the organization to ensure security is integrated into all systems and processes will be a key aspect of this role. The Senior Information Security Analyst will also be involved in security architecture reviews, compliance initiatives (e.g., GDPR, SOC 2), and disaster recovery planning. A Bachelor's degree in Computer Science, Cybersecurity, or a related field, along with significant hands-on experience in information security is required. Professional certifications such as CISSP, CISM, or CEH are highly desirable. This is an exceptional opportunity for a seasoned security professional to contribute to a cutting-edge organization and advance their career in a dynamic, fully remote environment. If you are passionate about cybersecurity and possess a strong analytical and problem-solving aptitude, we encourage you to apply and help protect our client's digital frontier.

• Implement and manage information security controls.
• Conduct vulnerability assessments and penetration testing.
• Develop and enforce security policies and procedures.
• Monitor security systems and analyze security logs.
• Respond to and investigate security incidents.
• Manage security awareness training programs.
• Perform security architecture reviews.
• Ensure compliance with relevant regulations and standards.
• Contribute to incident response and disaster recovery planning.
• Stay updated on emerging cyber threats and security technologies.

Our client is seeking a highly experienced Senior Information Security Analyst to join their distributed team, working remotely with occasional travel requirements. This pivotal role will focus on protecting the organization's information assets by identifying and mitigating security risks, developing and implementing robust security policies, and responding to security incidents. The ideal candidate will possess a comprehensive understanding of cybersecurity principles, threat landscapes, and best practices across various domains, including network security, endpoint security, cloud security, and application security. You will be responsible for conducting security assessments, vulnerability management, penetration testing, and security awareness training.

Key responsibilities include monitoring security alerts and logs from various security tools (SIEM, IDS/IPS, EDR), analyzing potential threats, and orchestrating incident response efforts. You will play a critical role in developing and maintaining the organization's security posture, including firewalls, VPNs, intrusion detection systems, and data loss prevention (DLP) solutions. This position requires staying up-to-date with the latest cybersecurity threats, vulnerabilities, and attack vectors, and proactively recommending and implementing defensive measures. You will also be involved in managing security compliance requirements (e.g., GDPR, HIPAA, SOC 2) and ensuring the organization adheres to relevant regulations. Developing and refining security policies, procedures, and standards will be a key duty. Collaboration with IT infrastructure, development, and business teams to embed security best practices into their workflows will be essential. You will also contribute to security architecture reviews and provide expert guidance on secure system design. The ability to conduct forensic investigations and analyze security breaches to determine root causes and implement preventative actions is crucial.

The successful candidate will hold a Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience. Professional certifications such as CISSP, CISM, or CEH are highly desirable. A minimum of 7 years of progressive experience in information security roles is required, with a proven track record in incident response, threat analysis, and vulnerability management. Strong knowledge of network protocols, operating systems (Windows, Linux), and security technologies is essential. Experience with cloud security platforms (AWS, Azure, GCP) and security information and event management (SIEM) systems is a must. Excellent analytical, problem-solving, and communication skills are crucial. The ability to work independently, manage multiple priorities, and communicate effectively with both technical and non-technical stakeholders is paramount. This is an excellent opportunity for a seasoned security professional to contribute to a robust security program in a flexible, remote work environment.