Cybersecurity Engineer III

Atlantic Health
Morristown, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Morristown, United States of America

Tech stack

Software System Penetration Testing
Cloud Computing
CompTIA Security+
Computer Security
Networking Hardware
Comptia Pentest+ CE
Red Team (Cyber Security)
Software Vulnerability Management
Information Technology
Tenable Nessus
Patch Management
Nexpose
Network Server
Vulnerability Analysis

Job description

This Cybersecurity Engineer III position, with a primary focus on senior-level vulnerability management, is responsible for providing thought leadership and enhancing the cybersecurity team in identifying, assessing, prioritizing, and remediating security vulnerabilities across the organization's endpoints, servers, networks, cloud, and applications. This role involves designing, implementing, and optimizing enterprise vulnerability management solutions-including Rapid7 and Tenable Nessus-to reduce risk to protected health information (PHI) and other regulated data, as well as performing vulnerability scanning, risk-based prioritization, remediation tracking, metrics and reporting, and mentoring junior team members while providing strategic direction to the team and organization. While vulnerability management is the primary focus of this position, the successful applicant will also work as part of a dynamic team responsible for cybersecurity incident response, as well as other cybersecurity-related initiatives, and will share in rotating on-call responsibilities, drawing on broad cybersecurity knowledge to support detection, triage, and response activities.

Duties and Responsibilities

  • Lead efforts in designing, deploying, and maintaining enterprise vulnerability management solutions and scanning infrastructure across endpoints, servers, network devices, cloud, and applications.

  • Administer, configure, and optimize Rapid7 (InsightVM/Nexpose) and Tenable Nessus to discover assets, scan for vulnerabilities, and assess exposure across the environment.

  • Perform risk-based prioritization of vulnerabilities using CVSS, threat intelligence, and asset criticality, and develop, tune, and continuously improve scanning policies and remediation workflows.

  • Track and drive vulnerability remediation to closure in coordination with IT, infrastructure, application, and patch management teams, including validation and root cause analysis of recurring findings.

  • Develop and maintain vulnerability metrics, dashboards, and reporting for technical teams and leadership, and collaborate with teams throughout ISS, as well as Privacy and Compliance, to ensure the protection of PHI and adherence to HIPAA and other regulatory requirements.

  • Provide mentorship and guidance to junior and mid-level cybersecurity engineers.

  • Participate in the development and implementation of cybersecurity strategies and policies.

  • Serve as part of a dynamic incident response team, assisting with the detection, triage, investigation, containment, and remediation of security incidents.

  • Conduct offensive security exercises, such as penetration testing and red team activities, to proactively identify vulnerabilities and validate defenses across the network.

  • Participate in a rotating on-call schedule to support time-sensitive vulnerability and incident response activities outside of normal business hours.

Requirements

  • Bachelor's degree or higher in Cybersecurity, Information Technology, or a related field is preferred; equivalent experience may be considered in lieu of a degree for exceptionally qualified candidates.

  • Relevant certifications such as CISSP, GIAC GEVA (GIAC Enterprise Vulnerability Assessor), CompTIA Security+, CompTIA PenTest+, or equivalent are highly desirable.

Knowledge and Experience

  • Strong understanding of vulnerability management principles, the vulnerability lifecycle, CVSS scoring, and risk-based remediation practices.

  • Hands-on proficiency with Rapid7 (InsightVM/Nexpose), Tenable Nessus, and other vulnerability scanning and assessment technologies across endpoints, servers, network, cloud, and applications.

  • Extensive experience implementing and operating enterprise vulnerability management programs, including scan configuration, risk-based prioritization, and remediation tracking.

  • 3-5 years of experience in vulnerability management, information security, or information technology in a large organization, preferably a large healthcare environment.

  • Hands-on experience contributing to incident response, including alert triage, investigation, containment, and remediation.

  • While not a requirement, the candidate should have some hands-on experience with, and be comfortable conducting, offensive security exercises such as penetration testing to actively identify vulnerabilities on the network, going beyond traditional vulnerability scanning. Deep expertise in this area is not expected.

  • Broad, well-rounded knowledge of cybersecurity domains and concepts; a certification such as CISSP is a plus to demonstrate this overall cybersecurity knowledge.

  • Willingness and availability to participate in a rotating on-call schedule.

Skills and Abilities

  • Strong analytical and problem-solving skills.

  • Excellent communication and teamwork abilities.

  • Ability to learn and adapt to new technologies quickly.

  • Attention to detail and a proactive approach to security.

  • Leadership and mentoring skills.

  • Ability to manage cybersecurity projects within a healthcare organization, coordinating effectively with both technical and non-technical team members.

Benefits & conditions

  • Medical, Dental, Vision, Prescription Coverage (22.5 hours per week or above for full-time and part-time team members)

About the company

At Atlantic Health, our promise to our communities is; Anyone who enters one of our facilities will receive the highest quality care delivered at the right time, at the right place, and at the right cost. This commitment is also echoed in the respect, development and opportunities we give to our more than 22,000 team members. Headquarters in Morristown, New Jersey, we are one of the leading non-profit health care systems in the nation. Our facilities and sites of care include, We have more than 900 community-based healthcare providers affiliated through Atlantic Medical Group. We have received awards and recognition for the services we have provided to our patients, team members and communities. Below are just a few of our accolades: + Chosen for 17 years by Fortune as one of the magazine's "100 Best Companies to Work For." + Atlantic Health Morristown and Atlantic Health Overlook Named by Newsweek as two of the "World's Best Hospitals" in 2026. + Atlantic Health Morristown and Atlantic Health Overlook ranked within the top three hospitals in New Jersey by U.S. News & World Report's 2025-2026 Best Hospital rankings. + Atlantic Health scored four "A" grades by The Leapfrog Group in its Fall 2025 Hospital Safety Grades, performance measures reflecting errors, accidents, injuries and injections, as well as systems hospitals have in place to prevent harm. + Atlantic Health Morristown and Atlantic Health Overlook are New Jersey's only hospitals to be named among America's 50 Best hospitals by Healthgrades in 2026. + Named by Becker's Healthcare as one of the "165 Top Places to Work in Healthcare - 2026. + Atlantic Health Morristown, Atlantic Health Overlook, Atlantic Health Chilton and Atlantic Health Newton all Forbes Top Hospitals for 2026. + Named by Newsweek as one of America's Greatest Workplaces for Inclusion & Diversity 2025. + Atlantic Health rated LEVEL 9 - 2025 CHIME Digital Health Most Wired. Atlantic Health offers a competitive and comprehensive Total Rewards package that supports the health, financial security, and well-being of all team members. Offerings vary based on role level (Team Member, Director, Executive). Below is a general summary, with role-specific enhancements highlighted

Apply for this position