Cybersecurity Engineer

Job Type

Full-time

Description

At Wayspring, we are committed to furthering our value of Equity & Inclusion throughout our recruiting practices. We seek diversity of background and opinion, as we think these attributes improve the performance of our company and are the right thing to do for our communities. We recognize and remove barriers to success within our company and communities. We seek to build a recruiting process that is inclusive and fosters diversity.

Overview of the Security Engineer

Wayspring seeks an experience Cybersecurity Engineer, ready to help develop and mature Wayspring's security solutions. This position will work as a tactical developer to continue to build and mature our security efforts including developing procedures, observability, and hands-on implementation, configuration, and hardening of our enterprise technologies. This is a highly collaborative and communicative role that works closely with colleagues throughout IT and the company. Wayspring is HITRUST CSF Certified.

• Contribute, Develop, and Mature all aspects of Wayspring's Information Security Program.
• Deliver Cybersecurity Subject Matter Expertise in the healthcare industry.
• Collaborate with internal business units on cybersecurity to inform, educate, and develop effective security solutions.
• Identify administrative and technical security opportunities and challenges; research, develop, and deliver solutions.
• Deliver and Communicate company security metrics and reporting.
• Ensure effective security monitoring is in place for company assets.
• Ensure application security control recommendations to company.
• Help define role-based access models for use in organization and access review processes.
• Help Develop Information Security Policies, Procedures, Guidelines, and Plans.
• Perform periodic reviews of company assets (e.g., firewalls, M365, applications) to ensure appropriate security controls are in place.
• Contribute to third-party assessments and penetration testing exercises.

Requirements

• Minimum 3 years of prior hands-on vulnerability management
• Minimum 4 years of prior threat detection & analysis experience
• Experience implementing and adhering to HITRUST & NIST CSF/NIST 800.53
• Knowledge and understanding of security architecture and experience managing and hardening of secure configurations of both Corporate and Healthcare systems and protocols
• Experience using scripting languages (Python or similar, PowerShell scripts, bash) to assist in automation efforts
• Experience using at least three vulnerability management tools
• Experience with red team/blue team testing
• Cloud secure architecture knowledge (AWS and Azure are preferred)
• Security Certification is preferred (CISSP, CEH, SSCP, AWS)

Company and Benefit Summary

Wayspring has reimagined substance use disorder treatment. We provide individualized care, delivered with a peer-centered approach. We focus on making sure patients have their basic needs met, like access to care, economic stability, and connection to relationships and community. Then we help each person find their own way to wellness.

• Medical, Dental and Vision Insurance Options
• Company funded HSA
• Monthly Gym Allowance
• Paid parental leave - all parents included!
• Company paid short term disability, long term disability and life insurance
• 401k matching
• Premium Employee Assistance Program, inclusive of counseling sessions
• Company Contributions to Future Minded Savings (think 529, HSA, Student Loan Reimbursement, and Emergency savings fund)
• Generous PTO package (accrual policy based on years of service) and an additional 10 paid company holidays

Research shows that while men apply to jobs when they meet an average of 60% of the criteria, women and other marginalized folks tend to only apply when they check every box. So, if you think you have what it takes, but don't necessarily meet every single point on one of our job openings, please still apply. We'd love to consider your application and see if you could be a great fit!