Apply for this job now

Cyber Security Engineer III (Remote)

Jacksonville, Florida
Job Type
20 Jul 2022
Availity delivers revenue cycle and related business solutions for health care professionals who want to build healthy, thriving organizations. Availity has the powerful tools, actionable insights and expansive network reach that medical businesses need to get an edge in an industry constantly redefined by change.

Availity is a Healthcare IT company headquartered in Jacksonville, FL with an office in Indianapolis, IN and a significant US based remote workforce. Availity is the nation's largest health information network, connecting 2 million providers nationwide and processing more than 12 billion transactions a year, and growing! We work collaboratively with health plans and providers to disrupt an antiquated healthcare system by solving core issues in the way stakeholders communicate. Fixing the broken provider data management process and creating real time communication of risk and quality information are just two of the ways Availity is streamlining this process. Availity also offers providers, hospitals, and health systems revenue cycle and patient financial management solutions. We help prepare our providers for the rise in consumerism and value-based care, so that they can get paid accurately, and timely, for their services.

Our mission is to create connections and deliver products that help healthcare businesses succeed. We do this by connecting, delighting, and empowering the nation's premier healthcare ecosystem; providing multi-stakeholder solutions that simplify the business relationship between providers and health plans.

The Cyber Security Engineer III (CSE III) is a member of the Security Operations Center, Cyber Defense team responsible for the protection of Availity's online and corporate systems. The member will be exposed to and contribute to other elements of the Cyber Defense team's functions such as host and network forensics, threat intelligence and SIEM operations. This role will serve the Cyber Defense team as a whole in several aspects. The CSE III will be expected to demonstrate proficiency with working with a SIEM, to include offense analysis, fine-tuning alerts, crafting detections, building dashboards, and serving as the escalation point for analysts. In addition, the candidate should have a working knowledge in host and/or network-based forensics, automation, and threat intelligence concepts. This role will be part of a 24/7/365 work effort, and therefore may be required to work after hours and will be required to participate in an on-call rotation. The member will serve as the on-call engineer for one week every seven weeks, where he or she will be responsible for responding to any major offenses that are triggered after normal working hours.

Sponsorship, in any form, is not available for this position.

Location: Jacksonville, FL or Remote, US

Why you want to work on this team:
  • This team is highly invested in sharpening and growing your skills, therefore advanced and continuation training is a high priority.
  • We strive to grow our analysts and engineers to be versatile and highly contributable to the team's mission, therefore we encourage members to experience and gain exposure to multiple functions and capabilities of the SOC.
  • We pride ourselves in constantly searching for the best technologies to achieve our mission of protecting and securing healthcare data; you will be performing your duties on the most modern and efficient technologies and software!

Role qualifications:
  • Bachelor's degree in Computer Science or a related technology field or equivalent in comparable work experience within the information security field.
  • At least 5 years of experience in cybersecurity operations, with at least 2-3 years as a cybersecurity engineer.
  • At least 3 years of experience with SIEM tools.
  • Expert understanding of network traffic principles, as well as ports, protocols and services.
  • Strong understanding of Windows and Linux host file structures, protocols, and normal vs abnormal events in a variety of files and logs.
  • Strong understanding of network infrastructure devices such as firewalls, proxies, routers, switches, IDS/IPS.
  • Strong understanding of cybersecurity concepts such as authentication procedures, access controls, encryption, etc.
  • Strong familiarity and application of governing cyber frameworks such as NIST and NICE.
  • Good understanding of modern cyber threats / APTs.
  • Proficiency to navigate, understand, and command both Windows and Linux operations systems.

Job Preferences:
  • Experience with healthcare-related standards (HIPAA).
  • Experience in network and/or host forensics.
  • Strong understanding of the MITRE ATT&CK framework and Cyber Kill Chain.
  • Good understanding of host-based forensics and methodologies to detect IOCs .
  • Proficiency in languages of automation such as Python, PowerShell, etc.

What you will be doing:
  • Researching, crafting, and testing detection capabilities of the SIEM.
  • Serving an active role in the incident response lifecycle and supporting the incident commander on any evidence, artifacts, or data necessary to resolve and close incidents that may arise.
  • Evaluating cyber security threats and make assessments to determine the overall risk to the network, product, or company.
  • Applying knowledge of controls, threats, and vulnerabilities to craft plans and roadmaps to harden cybersecurity systems.
  • Performing network and host analysis methodologies to discover, archive, and analyze indicators of compromise (IOCs), the adversarial kill chain, root cause analyses, and recommend preventative counter defenses.
  • Contributing to the team's threat intelligence to ensure the team remains one step ahead of malicious cyber actors, including the mapping of offenses and alerts to the MITRE ATT&CK framework to present trending adversarial tradecraft to leadership.
  • Support the creation of weekly operational metrics that influence leadership's decision-making on optimizing the security of the network.
  • Engage in purple team exercises to document potential gaps in security and security controls to determine capabilities needed to maintain maximum protection against the current threat landscape.
  • Enable more effective and efficient processing of SIEM offenses and incidents through innovative automation and optimization design.

Availity culture and benefits:
  • Availity is a certified "Great Place to Work"! Culture is important to us and there are many ways for you to make your mark here!
  • We have several Diversity & Inclusion teams, a Young Professionals Group, a She Can Code IT group for women in tech, and various ways to engage with fellow Availity associates.
  • Availity is a culture of continuous learning. We have many resources and experts in our tech stack and in our industry that can help get you there too!
  • Don't feel like wearing business attire? Cool, you can wear jeans - we are a casual place.
  • We offer a competitive salary, bonus structure, generous HSA company contribution, healthcare, vision, dental benefits and a 401k match program that you can take advantage of on day one!
  • We offer unlimited PTO for salaried associates + 9 paid holidays. Hourly associates start at 19 days of PTO and go up from there with all the same holiday benefits.
  • Interested in wellness? We allow our associates to reimburse up to $300/year for gym memberships, participation in racing events, weight management programs, etc.
  • Interested in furthering your education? We offer education reimbursement!
  • Availity offers Paid Parental Leave for both moms and dads, both birth parents and adoptive parents.
  • Want to work for an organization that gives back to the community? You're at the right place! Availity partners with various organizations, both locally and nationally, to raise awareness, funds and morale as our staff members volunteer their time and funds to engage the organizations campaign.

Availity perks for remote, hybrid and office-based associates:
  • We offer a flexible working environment! Whether you are a fully remote associate or one that enjoys a hybrid or fully onsite approach we are flexible to help ensure you have a working environment to thrive in!
  • All associates have the opportunity to have 1on1 sessions with their supervisor or manager to help facilitate transparency and growth within the organization
  • Availity holiday parties/events are available to ALL associates no matter if you are fully remote or have a hybrid or onsite schedule
  • You like food trucks? We have them almost daily at our office (when we're back to normal)
  • Like food trucks a little too much? We also have an onsite gym with showers
  • We appreciate work/life balance! Need to get a quick break in between meetings? We have Ping Pong, Foosball, Arcade games, and XBox to help you decompress - and we have a massage therapist onsite once a week for a little relaxation too
  • We've got you covered with free coffee, lemonade and tea anytime you want

Next steps:

After you apply, you will receive text/email messages thanking you for applying and then you will continue to receive more text/email messages alerting you as to where you are in the recruitment process.

Interview process:
  • Recruiter resume review
  • Manager resume review
  • Manager video interview
  • Team video interview
Availity is an equal opportunity employer and makes decisions in employment matters without regard to race, religious creed, color, age..... click apply for full job details
Apply for this job now


  • Job Reference: 662937811-2
  • Date Posted: 20 July 2022
  • Recruiter: Availity
  • Location: Jacksonville, Florida
  • Salary: On Application
  • Sector: Government & Defence
  • Job Type: Permanent