Vail Health
Cyber Security Defense Engineer
Vail HealthUnited States5 hours ago
Full-timeEngineering
Vail Health has become the world’s most advanced mountain healthcare system. Vail Health consists of an updated 520,000-square-foot, 56-bed hospital. This state-of-the-art facility provides exceptional care to all of our patients, with the most beautiful views in the area, located centrally in Vail. Learn more about Vail Health here.

Some roles may be based outside of our Colorado office (remote-only positions). Roles based outside of our primary office can sit in any of the following states: AZ, CO, CT, FL, GA, ID, IL, KS, MA, MD, MI, NC, NJ, OH, OR, PA, SC, TN, TX, UT, VA, WA, and WI. Please only apply if you are able to live and work primarily in one of the states listed above. State locations and specifics are subject to change as our hiring requirements shift.

About the opportunity:

The Cyber Security Defense Engineer is a critical technical security professional leader responsible for designing, implementing, and operating the systems that actively defend our environment from cyber threats. enterprise-wide cyber risk reduction, owning the strategy, execution, and continuous improvement of vulnerability management, patching, threat monitoring, and incident response capabilities. This role operates at the intersection of security engineering, operations, and risk management, translating threat intelligence and technical findings into prioritized, measurable risk reduction across the organization. The ideal candidate brings deep hands-on expertise, sound judgment, and the ability to influence outcomes across IT, cloud, infrastructure, and business stakeholders. Under the direction of the Chief Information Security Officer (CSIO), this role works closely with IT, compliance, and business units to integrate secure practices and enable proactive defense strategies aligned with organizational objectives and regulatory requirements.

What you will do:

  • Owns and leads the enterprise patch management and security health program across endpoints, servers, cloud platforms, network devices, and security technologies.
  • Designs, implements, and continuously improves secure configuration standards, patch deployment processes, automation, and change workflows in collaboration with Infrastructure and Cloud teams.
  • Defines, tracks, and reports enterprise patch compliance, configuration hygiene, and vulnerability exposure metrics to support risk‑based decision making.
  • Provides advanced (Tier 2/Tier 3) security operations support, investigating and responding to complex security alerts including malware, endpoint compromise, lateral movement, and anomalous behavior.
  • Correlates security telemetry across SIEM, EDR, email, cloud, and network platforms to identify, prioritize, and contain active and emerging threats.
  • Develops and maintains security operations with runbooks, incident response playbooks, escalation procedures, and detection tuning to improve operational effectiveness and signal quality.
  • Leads enterprise email security and social engineering defense, including monitoring and response for phishing, smishing, spoofing, and business email compromise (BEC).
  • Optimizes email and messaging security controls, including DMARC, DKIM, SPF, and anti‑phishing technologies, and analyzes attack trends to strengthen preventive controls and awareness initiatives.
  • Serves as a core incident responder, supporting containment, eradication, recovery, forensic evidence collection, log analysis, and root‑cause investigations for cybersecurity incidents.
  • Drives post‑incident reviews and continuous improvement, including lessons learned, control enhancements, and participation in on‑call incident response rotations.
  • Supports enterprise risk management, audit, and compliance initiatives by delivering defensible security metrics, dashboards, and executive‑level reporting.
  • Oversees and evolves the Vulnerability Management Program, including tooling strategy, continuous scanning, risk‑based prioritization, remediation SLAs, reporting, and validation of remediation effectiveness with system owners.
  • Collaborates cross-functionally and contributes to a security-first culture while supporting on-call rotations for 24/7 system needs.


This description is not intended and should not be construed to be an exhaustive list of all responsibilities, skills and efforts or work conditions associated with the job. It is intended to be an accurate reflection of the general nature and level of the job.

What you will need:

Experience:

  • Five years of progressive experience in cybersecurity engineering, threat detection, vulnerability management, or incident response (multiple areas preferred).
  • Three years of experience in healthcare information security preferred.
  • Hands-on expertise with enterprise patch management platforms (Tanium, HCL BigFix, Automox, KACE, Microsoft System Center Configuration Manager, Intune, Windows Server Update Services, Jamf, etc.).
  • Proven experience with enterprise security tooling such as Tenable, Qualys, Rapid7, Microsoft Defender, CrowdStrike, or equivalent.
  • Strong understanding of security frameworks and methodologies including National Institute of Standards and Technology Cybersecurity Framework, Center of Internet Security Controls, MITRE ATT&CK, and International Organization for Standardization 27001.
  • Experience working with SIEM platforms and performing advanced log analysis.


Education:

  • Bachelor’s degree in computer science or information systems preferred. 


License(s) and Certification(s):

  • Certified Information Systems Security Professional (CISSP), Security+, CompTIA Cybersecurity Analyst+(CYSA+), Certified Ethical Hacker, GCIA Certified Incident Handler (GCIH), GCIA Certified Intrusion Analyst (GCIA), GIAC Continuous Monitoring (GMON) , or cloud security certifications (Azure, AWS, M365).
  • Other IT Security Certifications Desired: Certified Information Security Manager(CISM), Certified Information System Auditor (CISA), Microsoft, Cisco 


Benefits at Vail Health (Full and Part Time) Include:

  • Competitive Wages & Family Benefits:
    • Competitive wages
    • Parental leave (4 weeks paid)
    • Housing programs
    • Childcare reimbursement
  • Comprehensive Health Benefits:
    • Medical
    • Dental
    • Vision
  • Educational Programs:
    • Tuition Assistance
    • Existing Student Loan Repayment
    • Specialty Certification Reimbursement
    • Annual Supplemental Educational Funds
  • Paid Time Off:
    • Up to five weeks in your first year of employment and continues to grow each year.
  • Retirement & Supplemental Insurance:
    • 403(b) Retirement plan with immediate matching
    • Life insurance
    • Short and long-term disability
  • Recreation Benefits, Wellness & More:
    • Up to $1,000 annual wellbeing reimbursement
    • Recreation discounts
    • Pet insurance
The posted salary range for this position is the anticipated hiring range in Colorado and will be adjusted based on geographic location. Vail Health considers a variety of factors in making compensation decisions which influence the offer a candidate receives.

Yearly pay: : $97,406.40 USD - $134,430.40 USD

Key Skills

Ranked by relevance
Apply