Principal Cyber Threat Intelligence Engineer IS, Hybrid

Overview

Providence is seeking a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence to lead threat analysis, safeguard critical systems, and empower the Global Security Operations Center. The role directly informs risk strategies and guides executive decision‑making to protect millions of lives through secure healthcare technology.

• Conduct in‑depth analysis of cyber threats, identifying threat actors, motivations, tactics, techniques, and procedures (TTPs), and evaluating their potential impact.
• Prepare and deliver well‑researched analytic findings to technical and non‑technical stakeholders, including executives.
• Mentor teammates on advanced analytic tools such as Structured Analytic Techniques.
• Classify, categorize, and analyze malware and threats, translating them into actionable detections using frameworks such as MITRE ATT&CK.
• Maintain knowledge of the healthcare industry threat landscape and emerging threat trends that could impact the organization.
• Collaborate with internal teams to provide timely intelligence supporting CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives.
• Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and hunting operations.
• Perform root‑cause analysis and recommend proactive measures to prevent intrusions.
• Continuously update and refine threat intelligence processes and methodologies.
• Stay informed about the latest trends, tools, and techniques in threat intelligence and incorporate best practices.
• Monitor emerging technologies such as AI and machine learning to augment threat detection and analysis.

• Bachelor’s degree in Computer Engineering, Computer Science, Mathematics, Engineering, or equivalent education/experience.
• Upon hire: CISSP, CEH, or equivalent certification.
• Eight or more years of related experience.
• Experience designing security controls for operating systems, databases, applications, web services, user devices, and wireless networks.

• Master’s degree in a relevant field.
• Experience in a healthcare environment.
• Eight or more years of cyber threat intelligence analysis experience.
• Expertise in analyzing threat actors’ motivations, intent, and TTPs.
• Ability to correlate intelligence from multiple sources to assess organizational impact.
• Familiarity with reverse engineering and malware categorization.
• Strong knowledge of healthcare cybersecurity risks (ransomware, phishing, supply chain).
• Experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model.
• Cross‑functional experience with CIRT/IR, vulnerability management, SOC operations.
• Experience with insider threat teams (plus).
• Capability to develop threat profiles and integrate tactical intelligence into detection rules.
• Skill in influencing risk‑based decision‑making with clear, concise reporting.

• California (Los Angeles & Irvine):
  Min $71.23, Max $121.29
• Oregon (Portland):
  Min $68.33, Max $116.36
• Washington (Seattle, Renton, Redmond):
  Min $71.23, Max $121.29
• Washington (Vancouver):
  Min $68.33, Max $116.36
• Montana (Great Falls):
  Min $55.12, Max $88.75
• Montana (Other):
  Min $55.01, Max $93.68

Providence offers a comprehensive benefits package, including retirement 401(k) with matching, health care (medical, dental, vision), life and disability insurance, paid parental leave, vacations, holidays, well‑being resources, and more. Learn more s/benefits.

Hybrid work is available for candidates within a 65‑mile commuting radius of the following offices:
Washington:
Seattle, Redmond, Renton, Vancouver
California:
Los Angeles, Irvine
Oregon:
Portland
Montana:
Great Falls

Providence is a leading health care organization serving more than 120,000 employees across 50 hospitals, 1,000 clinics, and a broad range of health and social services. Its mission of caring for everyone, especially the most vulnerable, is supported by an inclusive workplace that celebrates diversity.

Providence is an Equal Opportunity Employer and is committed to fostering an inclusive workforce free from unlawful discrimination and harassment. All qualified applicants, regardless of race, color, gender, disability, veteran status, religion, age, national origin, sexual orientation, marital status, or other protected characteristics, will be considered for employment.

Applicants residing in the Unincorporated County of Los Angeles will be considered under the Fair Chance Ordinance. The job is full‑time, day shift, and offers a hybrid workplace type.

Location:

Providence System Offices Discovery Park‑Irvine, CA, 15480 Laguna Canyon Rd. The description includes the minimum and maximum wage rates; placement within the range depends on experience and other factors.