Cyber Security Engineer - Corporate Headquarters

Come work where passion, quality, vision, professionalism, and synergy are valued! BayCare Clinic's mission is to provide measurably superior specialty medical services to our patient

BayCare Clinic Corporate Headquarters is looking for a Cyber Security Engineer to join our team in Green Bay, WI. We’re looking for a compassionate, thoughtful candidate who wants to contribute to a positive experience for all our patients. The hours of this role are primarily Monday-Friday between 8:00 a.m. - 5:00 p.m. No Holidays! No Weekends!

The Clinic

BayCare Clinic is a successful, dynamic group comprised of 19 specialties. We are a physician-owned entity with joint ownership in Aurora BayCare Medical Center, a 167-bed hospital located in Green Bay, WI, offering us a built-in referral base. Each of our specialty practices have clinical autonomy and are financially sound.

BayCare Clinic offers part-time and full-time employees a comprehensive benefits package including health, dental, disability and life insurance, as well as flexible spending options. We also offer a 401k retirement plan with a company match, generous PTO, and paid holidays.

The Team

The unique skills and talents of each member of our team contributes to our synergy and our overall goal of providing our patients with excellent care. We believe in the power of a positive, collaborative culture, and we strive to provide a supportive and energizing work environment.

Every member of our team has a voice and is trusted to have ownership over their work. To encourage this, we provide regular opportunities for professional development, we seek out feedback and ideas, and we invite participation on a variety of projects.

The Job

• Implement and maintain network segmentation controls across clinic sites and data center infrastructure, including Palo Alto next-generation firewall rule sets, zone architecture, and security policies.
• Harden system configurations against established baselines (CIS Benchmarks, DISA STIGs, or equivalent) across Windows Server, Active Directory, and network infrastructure.
• Manage and enforce conditional access policies, multi-factor authentication configurations, and identity protection controls within Microsoft Entra ID (Azure AD) and on-premises Active Directory.
• Administer and optimize Microsoft 365 security tooling including Defender for Endpoint, Defender for Office 365, and Microsoft Purview compliance features.
• Performs ongoing risk assessments of environments based on security best practices and/or compliance frameworks and report findings, risks, and recommendations.
• Monitors SIEM tools or other security tools for alerts, triage alerts, and performs follow-up investigations.
• Prioritize and coordinate remediation of identified vulnerabilities with IT infrastructure and application teams, tracking progress against established risk treatment timelines
• Manage patching cadence for internet-facing systems, servers, endpoints, and network appliances; validate patch deployment and document compliance
• Maintain vulnerability metrics and gap-to-goal reporting for leadership visibility
• Evaluate and recommend security tool improvements; participate in technology selection, proof-of-concept testing, and implementation planning
• Stay current on emerging threats, vulnerabilities, and attack techniques relevant to healthcare environments; translate threat intelligence into actionable defensive improvements
• Serve as the primary internal point of contact for security incidents; lead internal triage, containment, and remediation activities
• Execute incident response procedures in accordance with the organization’s IR plan, including evidence preservation, stakeholder notification, and post-incident review
• Coordinate with external incident response resources, legal counsel, and cyber insurance carrier requirements (including notification timelines and documentation) as directed by security leadership.
• Participate in and help facilitate tabletop exercises, purple team engagements, and other simulation activities to test and improve response capabilities
• Support HIPAA Security Rule compliance activities including risk assessments, control documentation, and evidence collection for audit and regulatory requirement
• Maintain current documentation for security architectures, network diagrams, standard operating procedures, and configuration baselines
• Assist with cyber insurance application attestation validation by maintaining evidence of deployed controls (MFA, EDR, backup, patching, segmentation) aligned to policy requirements
• Creates IT and Information Security Standard Operating Procedures.
• Design and executes audit procedures to assess and measure company compliance with its security policies and procedures.
• Collects, analyzes, and prepares reports required for management, regulators, and other relevant stakeholders. Also produces reports on the adherence to frameworks and standards.
• In conjunction with IT management, disaster recovery and cybersecurity solutions, plans, and processes develop
• Validates that systems contingency plans are developed, and testing processes are conducted on an annual basis.
• Champions efforts to proactively search for misconfigurations, errors, policy violations, and misuse of systems and resources that may result in security incidents.
• Expected to independently handle multiple competing initiatives, escalate issues effectively and respond to changes in priorities.
• Executes the enforcement and administration of the information security program's monitoring and governance efforts.
• Carry out penetration testing and vulnerability assessments to identify potential areas of improvement in security infrastructure.
• Other duties may be assigned as necessary to meet the needs of the organization.
• Respects and maintains confidentiality.
• Works in a safe, compliant and ethical manner at all times.
  
  

The Requirements

• Bachelor’s degree in information technology, computer science, or related business discipline or 3 or more years of overall information technology experience in lieu of education will be considered.
• 3 or more years of experience in IT compliance or security preferred.
• Demonstrated experience with Microsoft 365 security administration (Defender suite, Entra ID/Azure AD, conditional access, DLP)
• Familiarity with endpoint detection and response (EDR) platforms (CrowdStrike, Sentinel, Microsoft Defender for Endpoint, or equivalent)
• Strong knowledge and experience with regulatory compliance standards such as PCI- DSS, HIPAA, and cybersecurity frameworks such as NIST 800-53, CIS preferred.
• Demonstrated experience of the following areas: Computer networking concepts, protocols, and security methodologies. Risk management processes (methods for assessing and mitigating risk). Cyber threats and vulnerabilities.
• Experience with vulnerability management platforms and remediation workflows (Nessus, Qualys, Rapid7, or equivalent)
• Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering preferred.
• Possess strong problem solving and analytical skills.
• Excellent verbal and written communication skills.
• Knowledge of healthcare industry and associated technologies is a plus.
• Certifications like Certified Information Systems and Security Professional (CISSP), Certified Ethical hacker (CEH), and CompTIA Security preferred.
• Microsoft certifications: AZ-500 (Azure Security Engineer), SC-200 (Security Operations Analyst), or SC-300 (Identity and Access Administrator)