Department Name:

IT Data Protection-Corp

Work Shift:

Day

Job Category:

Information Technology

Estimated Pay Range:

In accordance with State Pay Transparency Rules.

Banner Health was named to Fortune’s Most Innovative Companies in America 2025 list for the third consecutive year and named to Newsweek's list of Most Trustworthy Companies in America for the second year in a row. We’re proud to be recognized for our commitment to the latest health care advancements and excellent patient care.

The Cybersecurity Network Engineering Team at Banner Health plays a critical role in safeguarding one of the most vital sectors—healthcare. As part of Banner Health’s broader cybersecurity and business strategy, this team is dedicated to detecting, mitigating, and preventing network threats before they can impact patient care or sensitive data. By leveraging advanced technologies and modern security frameworks, the department ensures that the organization’s digital infrastructure remains resilient, compliant, and aligned with the mission of delivering safe, uninterrupted healthcare services. Team members are key contributors to implementing the organization’s Zero Trust Network Access (ZTNA) vision, engineering secure solutions that protect both internal and external access to systems and applications.

A day in the life of a Cybersecurity Network Engineer at Banner Health is dynamic and impactful. You’ll collaborate with cross-functional teams to analyze network traffic, fine-tune security controls, and respond to real-time detections that help prevent potential cyber incidents. Your toolkit will include industry-leading technologies such as Zscaler, Cloud Browser Isolation (CBI), Web Application Firewalls (WAFs), IDS/IPS, and API security platforms, all essential to defending against evolving threats. Beyond operational responsibilities, you’ll design and implement new security architectures, contribute to the development of secure access models, and ensure certificate management and governance are seamlessly executed. Each day presents the opportunity to enhance both your technical expertise and Banner Health’s cybersecurity maturity—protecting what matters most: patient trust and safety. Schedule: Monday - Friday 8am - 5pm AZ Time

This is a fully remote position and available if you live in the following states only: AK, AR, AZ, CA, CO, FL, GA, IA, ID, IN, KS, KY, MD,MI, MN, MO, MS, NC, ND, NE, NM, NV, NY, OH, OK, OR, PA, SC, TN, TX, UT, VA, WV, WA, WI & WY. 

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.

POSITION SUMMARY
This position leads the designs, develops, configures, implements, tunes, maintains solutions, resolve technical and business issues related to cybersecurity threat & vulnerability management, identity management, security operations center, forensics, and data protection. Cybersecurity Engineers work with Cybersecurity Architects to execute strategic cyber initiatives, evaluate security components of the network, applications and end-user devices, and provides guidance to ensure new systems meet regulatory and technical standards. Cybersecurity Engineers leads root-cause analysis on Cyber systems to determine improvement opportunities when failures occur. Cybersecurity Engineers work closely with other IT organizations to ensure cyber products are working and integrating with non-cyber environments (apps, networks, End User devices, Servers, etc).

CORE FUNCTIONS
1. Proactively initiates the design and implementation of cybersecurity solutions, upgrades, enhancements, while looking forward three to five years.

2. Leads in providing technical expertise and support for cybersecurity solutions, including operational aspects of the software.

3. Serves as subject matter expert in the design, implementation, and compliance of secure baseline configurations for applications and infrastructure components.

4. Proactively initiates technical assessments of systems and applications to ensure compliance with policy, standards and regulations. 

5. Authors new cybersecurity standards and procedures. Leads the revision of existing cybersecurity policies, standards, and procedures, as needed. 

6. Serves as technical leader for cybersecurity projects, including the development of project scope requirements, budgeting, work breakdown and operational handoff.

7. Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cybersecurity white papers, and provide first-class support to the cybersecurity operations staff for resolving difficult cybersecurity issues.

8. Under limited direction, self starter, this position is responsible for cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management. Work closely on cross functional IT Teams. Leads work through indirect leadership across other cyber resources. Articulate complex Security functions into simple business ease.

MINIMUM QUALIFICATIONS

Must possess strong knowledge of business, information security and/or computer science as normally obtained through the completion of a bachelor's degree.  Bachelor’s Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent.

Experience normally obtained through seven plus years of experience of enterprise-scale information security engineering, preferably in healthcare. Must also possess three plus years’ experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience. 

Experience with IT operations, automation of security processes, coding and scripting languages, ability to document security processes as well as use case development. Experience with the assessing cyber products, including vendor selection, define requirements, contractual documentation development. Experienced assessing and reaching out to vendors for needed features via enhancement requests. Expert understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley. Experienced in planning, designing and implementing cybersecurity solutions, operating, maintaining and managing the lifecycle of cybersecurity solutions. Advanced knowledge of Security Engineering Principles, including risk management, resilience, vulnerability management, Information Security, NIST, MITRE ATT@CK, etc. Advanced expertise in Cyber products supporting Data Loss Prevention, EDR, AntiVirus, Perimeter services, threat systems, cyber platform analytics, SIEM, CASB, CLOUD Security, ETC. Proven Cloud Security experience. Requires independent judgment, critical decision making, excellent analytical skills, with excellent verbal and written communications. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; ability to balance project workloads with customer support and on-call demands. Must demonstrate deep knowledge of information technology and information security principles and practices. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Incumbent will have skills to mentor less experienced team members. As is typical in this industry, variable shifts and hours and responding to after-hours notifications may be required. 

PREFERRED QUALIFICATIONS

Certification in two or more of the following areas Systems Security Certified Practitioner (SSCP), HealthCare Information Security & Privacy Practitioner, (HCISPP), CompTIA Security+, Certified Information Systems Security Professional (CISSP) – Engineering (ISSEP), Certified Ethical Hacker (CEH), SANS GIAC, or Certified Information Systems Auditor (CISA).  Four plus years as a System Administrator or in IT Operations. Or four plus years in risk management or GRC experience in the healthcare/medical environment. Five plus years’ experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience. 

Additional related education and/or experience preferred.

Anticipated Closing Window (actual close date may be sooner):

2026-05-20

EEO Statement:

EEO/Disabled/Veterans

Our organization supports a drug-free work environment.

Privacy Policy:

Privacy Policy