Cybersecurity Engineer - Threat Intelligence

    Cleveland Clinic
    Beachwood, OH
    Full-time, Part-time

    Job Description

    Job Summary:

    Performs all necessary duties to ensure the safety of information technology assets and to protect systems from intentional or inadvertent access. Assists with the design, development, or recommends integrated cybersecurity infrastructure/system solutions that will ensure all proprietary/confidential data and systems are protected. Aligns Cybersecurity strategies with the business vision and objectives through research, design and architecture of new technologies. Frequently collaborates with peers to meet design requirements. Provides best solutions to identified needs, meeting specific operational and business objectives, technology capabilities, and human resource requirements. Frequently collaborates with peers plus perform monitoring, testing, remediation, and documentation of ongoing projects.

    • Designs, engineers and implements Cybersecurity infrastructure.
    • Monitors, maintains and optimizes all system hardware and associated operating systems.
    • Ensures the stability, integrity and efficient operation of Cybersecurity systems.
    • Troubleshoots and resolves problems in the systems environment.
    • Develops build and standardized documentation for Cybersecurity systems.
    • Engages with Cybersecurity projects, including planning, obtaining customer input and projecting resource requirements.
    • Designs and deploys numerous enterprise technical security services such as SIEM, DLP, PKI, IDS/IPS, and enterprise authentication/authorization frameworks and models.
    • Reviews security system requirements with customers and translates requirements into specific functions or deliverables.
    • Analyzes flow chart processes and recommends ways to reduce steps and increase efficiency through use of technology.
    • May coach or provide guidance to lower-level security professionals and supports the continuous process of optimizing department resources.
    • Applies proven communication, analytical and problem-solving skills to help identify, communicate and resolve issues.
    • Provides after-hours support.
    • Other duties as assigned.
    Preferred Qualifications:
    • Leads in actively monitoring external sources for Threat Intelligence with a focus on Healthcare. Which includes tracking emerging and ongoing cyber and physical threats using OSINT and deep/dark web research as well as compile and validate data from internal, commercial and open sources to recognize threat trends and patterns.
    • Identify and process indicators of compromise and threat actor TTPs for correlation, detection and alerting in appropriate security tools. Share timely intelligence and insights with internal and external partners to enhance situational awareness of the global threat landscape.
    • Execute and Support the Threat Intel domain operational procedures (communication and tracking). Participate in creating / maintaining policies and standards. Generate and publish Threat Intel metrics.
    • Author weekly and adhoc intelligence products for various internal customers. Including executive level communications.
    • Works closely with the cyber incident teams, threat hunting teams, and various lines of business to mitigate risk.
    • Identify and drive process improvement within Threat Intel program, including Identifying new sources for threat intel.
    • A High School diploma/GED required.
    • Bachelor's degree in Information Technology/Computer Science or related field preferred.
    • Certifications from SysAdmin, Audit, Network and Security Institute (SANS), International Information Systems Security Certification Consortium (ISC2) or Computing Technology Industry Association (CompTIA) preferred or other position related certifications.
    • For Information Technology Division caregivers, ITIL Foundations certification is required within 6 months of position start date.
    Complexity of Work:
    • Ability to analyze and integrate Security Solutions into multiple platforms, including Clinical and Financial Systems.
    • Understands and stay current on best practices and guidance on achieving security.
    • Ability to weigh business needs against security concerns and articulate issues to management.
    • Elevated knowledge of networking/distributed computing environment concepts.
    • Requires advanced knowledge with complex domain structures, user authentication mechanisms and cryptography.
    • Has in-depth knowledge of intrusion detection and data correlation.
    • Practical knowledge of network topology and the underlying OSI model.
    • Understands principles of client/server configuration.
    • Excellent knowledge of security technology and strong analytical skills.
    • Must be able to work in stressful environment and take appropriate action.
    • Strong analytical, administrative, presentation, and project management skills are required.
    • Must have strong communication skills (both written and verbal) and the ability to work independently.
    Work Experience:
    • A minimum of 10 years of Information Technology experience, including a minimum of 3 years in Engineering, including directing, planning and scheduling a major information system project required.
    • Offset: Bachelor's Degree and 5 years of Information Technology experience, including a minimum of 3 years in Engineering, including directing, planning and scheduling a major information system project.
    Physical Requirements:
    • Requires the ability to sit and be stationary for prolonged periods of time, normal or corrected vision and manual dexterity sufficient to perform work on a personal computer.
    • Requires the ability to walk to various locations throughout the organization and to function in a stressful environment.
    Personal Protective Equipment:
    • Follows standard precautions using personal protective equipment as required.
    Keywords: Cyber, cyber security, cybersecurity, IT security, threat intelligence, healthcare IT, Healthcare intelligence, OSINT, global threat security, healthcare cyber security, threat intel


    The policy of Cleveland Clinic and its system hospitals (Cleveland Clinic) is to provide equal opportunity to all of our employees and applicants for employment in our tobacco free and drug free environment. All offers of employment are followed by testing for controlled substance and nicotine. Job offers will be rescinded for candidates for employment who test positive for nicotine. Candidates for employment who are impacted by Cleveland Clinic's Smoking Policy will be permitted to reapply for open positions after 90 days. Decisions concerning employment, transfers and promotions are made upon the basis of the best qualified candidate without regard to color, race, religion, national origin, age, sex, sexual orientation, marital status, ancestry, status as a disabled or Vietnam era veteran or any other characteristic protected by law. Information provided on this application may be shared with any Cleveland Clinic facility.

    Cleveland Clinic is pleased to be an equal employment employer: Women/Minorities/Veterans/Individuals with Disabilities
    Posting ID: 552787264Posted: 2020-05-21