Principal Security Engineer IS, Cyber Threat Intelligence

Principal Security Engineer IS, Cyber Threat Intelligence

Providence caregivers are not simply valued – they’re invaluable. Join our team at Enterprise Information Services and thrive in our culture of patient‑focused, whole‑person care built on understanding, commitment, and mutual respect. Your voice matters here, because we know that to inspire and retain the best people, we must empower them.

We are looking for a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence. In this pivotal role, you’ll be the strategic force behind identifying and neutralizing emerging threats, safeguarding critical systems, and empowering Providence’s Global Security Operations Center. Your insights will directly inform risk strategies and guide executive decision‑making—making you a key player in protecting millions of lives through secure healthcare technology.

Hybrid work options are available for candidates living within a daily commuting distance (up to 65 miles) of any primary office location listed below.

• Washington:
  Seattle, Redmond, Renton, Vancouver
• California:
  Los Angeles, Irvine
• Oregon:
  Portland

Please note the following important details regarding this position:

• This is a hybrid role, involving a combination of in‑office and remote work each week.
• The weekly hybrid schedule will be determined by the manager based on departmental needs.

• Conduct in‑depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on potential impact.
• Prepare and deliver well‑researched, impactful analytic findings that combine self‑driven research and team threat‑hunting efforts to convey cyber threat risk and impact, tailored to technical and non‑technical stakeholders, including executives.
• Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques.
• Classify, categorize, and analyze malware and threats, translating this into actionable detections using frameworks such as MITRE ATT&CK.
• Maintain strong knowledge of the healthcare industry threat landscape, including emerging threats and trends that may impact the organization.
• Collaborate with internal teams to provide timely and actionable intelligence aligned with operational needs, supporting CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives.
• Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat‑hunting operations.
• Perform root‑cause analysis and provide recommendations for proactive measures to prevent cyber intrusions.
• Continuously update and refine threat intelligence processes and methodologies to keep the organization at the forefront of cyber defense.
• Stay informed about the latest trends, tools, and techniques in threat intelligence, incorporating best practices into daily operations.
• Monitor emerging technologies, such as AI and machine learning, to augment and enhance threat detection, triage, and analysis.

• Bachelor’s Degree in Computer Engineering, Computer Science, Mathematics, Engineering—or a combination of equivalent education/experience.
• Upon hire: CISSP, CEH, or an equivalent certification.
• 8 or more years of related experience.
• Experience designing security controls and countermeasures for operating systems, databases, applications, web services, user devices, and wireless networks.

• Master’s Degree in Computer Engineering, Computer Science, Mathematics, Engineering.
• Experience in a healthcare environment.
• 8 or more years of cyber threat intelligence analysis experience.
• Experience conducting in‑depth analysis and research on cyber threats, including identifying threat actors’ motivations, intent, and TTPs.
• Skilled in correlating intelligence from multiple sources to assess potential organizational impact.
• Familiarity with reverse engineering and categorizing malware.
• Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply‑chain vulnerabilities.
• Demonstrated experience applying frameworks such as MITRE ATT&CK,…