Atlantic Health System, Inc

Cybersecurity Engineer III

Atlantic Health System, Inc$100K — $130K *
Healthcare
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in vulnerability management, cybersecurity, or IT, preferably in healthcare.
  • Strong understanding of vulnerability management principles and risk-based remediation practices.
  • Hands-on experience with Rapid7 and Tenable Nessus for vulnerability scanning.
  • Experience with incident response processes, including triage and remediation.
  • Relevant certifications such as CISSP, GIAC GEVA, or CompTIA Security+.

Responsibilities

  • Lead design, deployment, and maintenance of vulnerability management solutions.
  • Administer and optimize vulnerability scanning tools across various assets.
  • Perform risk-based prioritization of vulnerabilities and develop scanning policies.
  • Drive closure of vulnerability remediation in coordination with various teams.
  • Develop metrics and reporting for leadership and technical teams.
  • Mentor junior cybersecurity engineers and provide strategic direction.
  • Support incident response and participate in on-call rotations.

Benefits

  • Comprehensive medical, dental, and vision coverage.
  • 403(b) retirement plan with employer match.
  • Generous PTO and paid sick leave.
  • Tuition assistance for further education or training.
  • Flexible spending and commuter accounts.
Full Job Description
Job Description

This Cybersecurity Engineer III position, with a primary focus on senior-level vulnerability management, is responsible for providing thought leadership and enhancing the cybersecurity team in identifying, assessing, prioritizing, and remediating security vulnerabilities across the organization's endpoints, servers, networks, cloud, and applications. This role involves designing, implementing, and optimizing enterprise vulnerability management solutions-including Rapid7 and Tenable Nessus-to reduce risk to protected health information (PHI) and other regulated data, as well as performing vulnerability scanning, risk-based prioritization, remediation tracking, metrics and reporting, and mentoring junior team members while providing strategic direction to the team and organization. While vulnerability management is the primary focus of this position, the successful applicant will also work as part of a dynamic team responsible for cybersecurity incident response, as well as other cybersecurity-related initiatives, and will share in rotating on-call responsibilities, drawing on broad cybersecurity knowledge to support detection, triage, and response activities.

Qualifications

Duties and Responsibilities
  • Lead efforts in designing, deploying, and maintaining enterprise vulnerability management solutions and scanning infrastructure across endpoints, servers, network devices, cloud, and applications.
  • Administer, configure, and optimize Rapid7 (InsightVM/Nexpose) and Tenable Nessus to discover assets, scan for vulnerabilities, and assess exposure across the environment.
  • Perform risk-based prioritization of vulnerabilities using CVSS, threat intelligence, and asset criticality, and develop, tune, and continuously improve scanning policies and remediation workflows.
  • Track and drive vulnerability remediation to closure in coordination with IT, infrastructure, application, and patch management teams, including validation and root cause analysis of recurring findings.
  • Develop and maintain vulnerability metrics, dashboards, and reporting for technical teams and leadership, and collaborate with teams throughout ISS, as well as Privacy and Compliance, to ensure the protection of PHI and adherence to HIPAA and other regulatory requirements.
  • Provide mentorship and guidance to junior and mid-level cybersecurity engineers.
  • Participate in the development and implementation of cybersecurity strategies and policies.
  • Serve as part of a dynamic incident response team, assisting with the detection, triage, investigation, containment, and remediation of security incidents.
  • Conduct offensive security exercises, such as penetration testing and red team activities, to proactively identify vulnerabilities and validate defenses across the network.
  • Participate in a rotating on-call schedule to support time-sensitive vulnerability and incident response activities outside of normal business hours.


Education, Training and Certification
  • Bachelor's degree or higher in Cybersecurity, Information Technology, or a related field is preferred; equivalent experience may be considered in lieu of a degree for exceptionally qualified candidates.
  • Relevant certifications such as CISSP, GIAC GEVA (GIAC Enterprise Vulnerability Assessor), CompTIA Security+, CompTIA PenTest+, or equivalent are highly desirable.


Knowledge and Experience
  • Strong understanding of vulnerability management principles, the vulnerability lifecycle, CVSS scoring, and risk-based remediation practices.
  • Hands-on proficiency with Rapid7 (InsightVM/Nexpose), Tenable Nessus, and other vulnerability scanning and assessment technologies across endpoints, servers, network, cloud, and applications.
  • Extensive experience implementing and operating enterprise vulnerability management programs, including scan configuration, risk-based prioritization, and remediation tracking.
  • 3-5 years of experience in vulnerability management, information security, or information technology in a large organization, preferably a large healthcare environment.
  • Hands-on experience contributing to incident response, including alert triage, investigation, containment, and remediation.
  • While not a requirement, the candidate should have some hands-on experience with, and be comfortable conducting, offensive security exercises such as penetration testing to actively identify vulnerabilities on the network, going beyond traditional vulnerability scanning. Deep expertise in this area is not expected.
  • Broad, well-rounded knowledge of cybersecurity domains and concepts; a certification such as CISSP is a plus to demonstrate this overall cybersecurity knowledge.
  • Willingness and availability to participate in a rotating on-call schedule.


Skills and Abilities
  • Strong analytical and problem-solving skills.
  • Excellent communication and teamwork abilities.
  • Ability to learn and adapt to new technologies quickly.
  • Attention to detail and a proactive approach to security.
  • Leadership and mentoring skills.
  • Ability to manage cybersecurity projects within a healthcare organization, coordinating effectively with both technical and non-technical team members.


Atlantic Health offers a competitive and comprehensive Total Rewards package that supports the health, financial security, and well-being of all team members. Offerings vary based on role level (Team Member, Director, Executive). Below is a general summary, with role-specific enhancements highlighted:

Team Member Benefits
  • Medical, Dental, Vision, Prescription Coverage (22.5 hours per week or above for full-time and part-time team members)
  • Life & AD&D Insurance.
  • Short-Term and Long-Term Disability (with options to supplement)
  • 403(b) Retirement Plan: Employer match, additional non-elective contribution
  • PTO & Paid Sick Leave
  • Tuition Assistance, Advancement & Academic Advising
  • Parental, Adoption, Surrogacy Leave
  • Backup and On-Site Childcare
  • Well-Being Rewards
  • Employee Assistance Program (EAP)
  • Fertility Benefits, Healthy Pregnancy Program
  • Flexible Spending & Commuter Accounts
  • Pet, Home & Auto, Identity Theft and Legal Insurance


Note: In Compliance with the NJ Pay Transparency Act (effective Sunday, June 1, 2025), all job postings will include the hourly wage or salary (or a range), as well as this summary of benefits. Final compensation and benefit eligibility may vary by role and employment status and will be confirmed at the time of offer.

About Atlantic Health System, Inc

Atlantic Health System is a non-profit healthcare organization that operates hospitals and other medical facilities in New Jersey. The organization was founded in 1998 and is headquartered in Morristown, New Jersey. Atlantic Health System operates six hospitals, including Morristown Medical Center, Overlook Medical Center, Newton Medical Center, Chilton Medical Center, Hackettstown Medical Center, and Goryeb Children's Hospital. The organization also operates a number of outpatient facilities and clinics.
Learn more about Atlantic Health System, Inc
Size
17,000 employees
Industry
Founded
1932

Similar Jobs

More Jobs at Atlantic Health System, Inc

More Healthcare Jobs

Find similar Cybersecurity Engineer III jobs: