Providence
Principal Cyber Threat Intelligence Security Engineer IS
Providence, Irvine, California, United States, 92713
Job Overview
Join to apply for the
Principal Cyber Threat Intelligence Engineer IS
role at
Providence . Providence is a national healthcare organization dedicated to providing patient‑focused, whole‑person care. We value the voice of every team member and strive to empower them.
About the Role We are looking for a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence. In this pivotal role you will be the strategic force behind identifying and neutralizing emerging threats, safeguarding critical systems, and empowering Providence’s Global Security Operations Center. Your insights will directly inform risk strategies and guide executive decision‑making—making you a key player in protecting millions of lives through secure healthcare technology.
Key Responsibilities
Conduct in‑depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization.
Prepare and deliver well‑researched, impactful analytic findings that combine self‑driven research and team threat‑hunting efforts to convey cyber threat risk and impact, tailored to technical and non‑technical stakeholders, including executives.
Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques.
Classify, categorize, and analyze malware and threats; translate findings into actionable detections using frameworks such as MITRE ATT&CK.
Maintain a strong breadth and depth of knowledge about the healthcare industry threat landscape, including threat actors, malware, hacking techniques, emerging threats, and trends that may impact the organization.
Collaborate with internal teams to provide timely and actionable intelligence that supports CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives.
Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat‑hunting operations.
Perform root cause analysis and provide recommendations for proactive measures to prevent cyber intrusions.
Continuously update and refine existing threat intelligence processes and methodologies to keep the organization at the forefront of cyber defense.
Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations.
Monitor emerging technologies, such as AI and machine learning, to augment and enhance threat detection, triage, and analysis.
Required Qualifications
Bachelor's Degree in Computer Engineering, Computer Science, Mathematics, Engineering – or equivalent education/experience.
Upon hire: CISSP, CEH, or an equivalent certification.
8 or more years of related experience.
Experience designing security controls and countermeasures for operating systems, databases, applications, web services, user devices, and wireless networks.
Preferred Qualifications
Master's Degree in Computer Engineering, Computer Science, Mathematics, Engineering.
Experience in a healthcare environment.
8 or more years of cyber threat intelligence analysis experience.
Experience conducting in‑depth analysis and research on cyber threats, including identifying threat actors’ motivations, intent, and TTPs.
Skilled in correlating intelligence from multiple sources to assess potential organizational impact.
Familiarity with reverse engineering and categorizing malware.
Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply‑chain vulnerabilities.
Demonstrated experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model of Intrusion Analysis, and others.
Experience working cross‑functionally with CIRT/IR teams, vulnerability management, and SOC operations teams.
Experience working with insider‑threat teams (a plus).
Capability to develop threat profiles and integrate tactical intelligence into detection rules.
Ability to influence risk‑based decision‑making with clear, concise reporting.
Hybrid Work Options The role is hybrid, with a combination of in‑office and remote work. Locations within a 65‑mile commuting radius are eligible.
Washington: Seattle, Redmond, Renton, Vancouver
California: Los Angeles, Irvine
Oregon: Portland
Salary Range by Location
California (Los Angeles & Irvine): Min $71.23, Max $121.29
Oregon (Portland): Min $68.33, Max $116.36
Washington (Seattle, Renton, Redmond): Min $71.23, Max $121.29
Washington (Vancouver): Min $68.33, Max $116.36
Benefits Providence offers a comprehensive benefits package including a retirement 401(k) plan with employer matching, health care benefits (medical, dental, vision), life insurance, disability insurance, paid parental leave, vacations, holidays, and additional incentives. Full details are available at providence.jobs/benefits.
EEO Statement Providence is proud to be an Equal Opportunity Employer. We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law. We believe diversity makes us stronger, so we are dedicated to shaping an inclusive workforce, learning from each other, and creating equal opportunities for advancement.
Additional Information Requisitions ID: 405584 Job Category: Information Security Job Function: Information Technology Job Schedule: Full time Job Shift: Day Career Track: Business Professional Department: 4011 SS IS ESI CYBER Address: CA Irvine 15480 Laguna Canyon Rd Work Location: Providence System Offices Discovery Park‑Irvine Workplace Type: Hybrid Pay Range: See Posting
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology 1
Industries Hospitals and Health Care
Referrals increase your chances of interviewing at Providence by 2x
Sign in to set job alerts for “Threat Intelligence Engineer” roles. We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Principal Cyber Threat Intelligence Engineer IS
role at
Providence . Providence is a national healthcare organization dedicated to providing patient‑focused, whole‑person care. We value the voice of every team member and strive to empower them.
About the Role We are looking for a seasoned Principal Security Engineer with deep expertise in Cyber Threat Intelligence. In this pivotal role you will be the strategic force behind identifying and neutralizing emerging threats, safeguarding critical systems, and empowering Providence’s Global Security Operations Center. Your insights will directly inform risk strategies and guide executive decision‑making—making you a key player in protecting millions of lives through secure healthcare technology.
Key Responsibilities
Conduct in‑depth analysis and research on cyber threats, including identifying threat actors, their motivations, tactics, techniques, and procedures (TTPs), and providing insights on their potential impact on the organization.
Prepare and deliver well‑researched, impactful analytic findings that combine self‑driven research and team threat‑hunting efforts to convey cyber threat risk and impact, tailored to technical and non‑technical stakeholders, including executives.
Serve as a mentor to teammates for leveraging advanced analytic toolsets such as Structured Analytic Techniques.
Classify, categorize, and analyze malware and threats; translate findings into actionable detections using frameworks such as MITRE ATT&CK.
Maintain a strong breadth and depth of knowledge about the healthcare industry threat landscape, including threat actors, malware, hacking techniques, emerging threats, and trends that may impact the organization.
Collaborate with internal teams to provide timely and actionable intelligence that supports CTI, CIRT, Attack Surface Management, and other cybersecurity initiatives.
Develop and maintain threat profiles with tactical intelligence to enhance detection engineering and threat‑hunting operations.
Perform root cause analysis and provide recommendations for proactive measures to prevent cyber intrusions.
Continuously update and refine existing threat intelligence processes and methodologies to keep the organization at the forefront of cyber defense.
Stay informed about the latest trends, tools, and techniques in the field of threat intelligence and incorporate best practices into daily operations.
Monitor emerging technologies, such as AI and machine learning, to augment and enhance threat detection, triage, and analysis.
Required Qualifications
Bachelor's Degree in Computer Engineering, Computer Science, Mathematics, Engineering – or equivalent education/experience.
Upon hire: CISSP, CEH, or an equivalent certification.
8 or more years of related experience.
Experience designing security controls and countermeasures for operating systems, databases, applications, web services, user devices, and wireless networks.
Preferred Qualifications
Master's Degree in Computer Engineering, Computer Science, Mathematics, Engineering.
Experience in a healthcare environment.
8 or more years of cyber threat intelligence analysis experience.
Experience conducting in‑depth analysis and research on cyber threats, including identifying threat actors’ motivations, intent, and TTPs.
Skilled in correlating intelligence from multiple sources to assess potential organizational impact.
Familiarity with reverse engineering and categorizing malware.
Strong knowledge of healthcare cybersecurity risks, including ransomware, phishing, and supply‑chain vulnerabilities.
Demonstrated experience applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, Diamond Model of Intrusion Analysis, and others.
Experience working cross‑functionally with CIRT/IR teams, vulnerability management, and SOC operations teams.
Experience working with insider‑threat teams (a plus).
Capability to develop threat profiles and integrate tactical intelligence into detection rules.
Ability to influence risk‑based decision‑making with clear, concise reporting.
Hybrid Work Options The role is hybrid, with a combination of in‑office and remote work. Locations within a 65‑mile commuting radius are eligible.
Washington: Seattle, Redmond, Renton, Vancouver
California: Los Angeles, Irvine
Oregon: Portland
Salary Range by Location
California (Los Angeles & Irvine): Min $71.23, Max $121.29
Oregon (Portland): Min $68.33, Max $116.36
Washington (Seattle, Renton, Redmond): Min $71.23, Max $121.29
Washington (Vancouver): Min $68.33, Max $116.36
Benefits Providence offers a comprehensive benefits package including a retirement 401(k) plan with employer matching, health care benefits (medical, dental, vision), life insurance, disability insurance, paid parental leave, vacations, holidays, and additional incentives. Full details are available at providence.jobs/benefits.
EEO Statement Providence is proud to be an Equal Opportunity Employer. We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law. We believe diversity makes us stronger, so we are dedicated to shaping an inclusive workforce, learning from each other, and creating equal opportunities for advancement.
Additional Information Requisitions ID: 405584 Job Category: Information Security Job Function: Information Technology Job Schedule: Full time Job Shift: Day Career Track: Business Professional Department: 4011 SS IS ESI CYBER Address: CA Irvine 15480 Laguna Canyon Rd Work Location: Providence System Offices Discovery Park‑Irvine Workplace Type: Hybrid Pay Range: See Posting
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology 1
Industries Hospitals and Health Care
Referrals increase your chances of interviewing at Providence by 2x
Sign in to set job alerts for “Threat Intelligence Engineer” roles. We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr