Banner Health is hiring: Cybersecurity Engineer III in Phoenix

Cybersecurity Engineer III

Join to apply for the Cybersecurity Engineer III role at Banner Health.

Estimated Pay Range: $50.12 - $83.54 / hour, based on location, education, & experience.

Department: IT Data Protection-Corp

Work Shift: Day

Job Category: Information Technology

In accordance with State Pay Transparency Rules.

Banner Health was named to Fortune’s Most Innovative Companies in America 2025 list for the third consecutive year and named to Newsweek's list of Most Trustworthy Companies in America for the second year in a row. We’re proud to be recognized for our commitment to the latest health care advancements and excellent patient care.

The Cybersecurity Network Engineering Team at Banner Health plays a critical role in safeguarding one of the most vital sectors — healthcare. As part of Banner Health’s broader cybersecurity and business strategy, this team is dedicated to detecting, mitigating, and preventing network threats before they can impact patient care or sensitive data. By leveraging advanced technologies and modern security frameworks, the department ensures that the organization’s digital infrastructure remains resilient, compliant, and aligned with the mission of delivering safe, uninterrupted healthcare services. Team members are key contributors to implementing the organization’s Zero Trust Network Access (ZTNA) vision, engineering secure solutions that protect both internal and external access to systems and applications.

A day in the life of a Cybersecurity Network Engineer at Banner Health is dynamic and impactful. You’ll collaborate with cross‑functional teams to analyze network traffic, fine‑tune security controls, and respond to real‑time detections that help prevent potential cyber incidents. Your toolkit will include industry‑leading technologies such as Zscaler, Cloud Browser Isolation (CBI), Web Application Firewalls (WAFs), IDS/IPS, and API security platforms, all essential to defending against evolving threats. Beyond operational responsibilities, you’ll design and implement new security architectures, contribute to the development of secure access models, and ensure certificate management and governance are seamlessly executed. Each day presents the opportunity to enhance both your technical expertise and Banner Health’s cybersecurity maturity—protecting what matters most: patient trust and safety.

Schedule: Monday – Friday 8 am – 5 pm.

Position Summary

This position leads the design, development, configuration, implementation, tuning, maintenance of solutions, and resolution of technical and business issues related to cybersecurity threat & vulnerability management, identity management, security operations center, forensics, and data protection. Cybersecurity Engineers work with Cybersecurity Architects to execute strategic cyber initiatives, evaluate security components of the network, applications and end‑user devices, and provide guidance to ensure new systems meet regulatory and technical standards. Cybersecurity Engineers lead root‑cause analysis on cyber systems to determine improvement opportunities when failures occur. They work closely with other IT organizations to ensure cyber products are working and integrating with non‑cyber environments (apps, networks, end‑user devices, servers, etc.).

Core Functions

• Proactively initiate design and implementation of cybersecurity solutions, upgrades, and enhancements while looking forward three to five years.
• Lead in providing technical expertise and support for cybersecurity solutions, including operational aspects of the software.
• Serve as subject‑matter expert in the design, implementation, and compliance of secure baseline configurations for applications and infrastructure components.
• Proactively initiate technical assessments of systems and applications to ensure compliance with policy, standards and regulations.
• Author new cybersecurity standards and procedures. Lead the revision of existing cybersecurity policies, standards, and procedures, as needed.
• Serve as technical leader for cybersecurity projects, including development of project scope requirements, budgeting, work breakdown and operational handoff.
• Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cybersecurity white papers, providing first‑class support to the cybersecurity operations staff for resolving difficult cybersecurity issues.
• Under limited direction, this position is responsible for cybersecurity across multiple departments system‑wide and requires interaction at all levels of staff and management. Work closely on cross‑functional IT teams, lead work through indirect leadership across other cyber resources, and articulate complex security functions into simple business ease.

Minimum Qualifications

Must possess strong knowledge of business, information security, and/or computer science as normally obtained through completion of a bachelor’s degree. Bachelor’s Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent.

Experience normally obtained through seven plus years of experience in enterprise‑scale information security engineering, preferably in healthcare. Must also possess three plus years’ experience in a healthcare environment or an equivalent combination of relevant education, technical, business, and healthcare experience.

Experience with IT operations, automation of security processes, coding and scripting languages, ability to document security processes as well as use case development. Experience with assessing cybersecurity products, including vendor selection, defining requirements, and contractual documentation development.

Expert understanding of regulatory and compliance mandates, including HIPAA, HITECH, PCI, and Sarbanes‑Oxley. Experienced in planning, designing, and implementing cybersecurity solutions, operating, maintaining, and managing the lifecycle of solutions.

Advanced knowledge of security engineering principles, including risk management, resilience, vulnerability management, information security, NIST, MITRE ATT&CK. Advanced expertise in cyber products supporting DLP, EDR, anti‑virus, perimeter services, threat systems, SIEM, CASB, cloud security, etc. Proven cloud security experience.

Requires independent judgment, critical decision making, excellent analytical skills, with communication and presentation skills to engage technical and non‑technical audiences. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; balance project workloads with customer support and on‑call demands. Demonstrated mentorship for less experienced team members.

Preferred Qualifications

Certification in two or more of the following areas: Systems Security Certified Practitioner (SSCP), HealthCare Information Security & Privacy Practitioner (HCISPP), CompTIA Security+, CISSP – Engineering (ISSEP), Certified Ethical Hacker (CEH), SANS GIAC, or Certified Information Systems Auditor (CISA).

Four plus years as a System Administrator or in IT Operations, or four plus years in risk management or GRC experience in the healthcare/medical environment. Five plus years’ experience in a healthcare environment or an equivalent combination of relevant education, technical, business, and healthcare experience.

Additional Related Education And/or Experience Preferred.

None specified.

Anticipated Closing Window

2026‑02‑13

EEO Statement

EEO/Disabled/Veterans. Our organization supports a drug‑free work environment.

Privacy Policy

Privacy Policy