Architect, Cyber Engineer

EEOC Statement

Lifepoint Health is an Equal Opportunity Employer. Lifepoint Health is committed to Equal Employment Opportunity for all applicants and employees and complies with all applicable laws prohibiting discrimination and harassment in employment.

You must be authorized to work in the United States without employer sponsorship.

Work Environment and Travel Requirements

• This position is: Hybrid
• Travel Requirements: Travel required up to 10%
  

Job Summary
The Cybersecurity Engineer Architect is responsible for leading supporting cybersecurity operations through tiered response tool-agnostic analysis AI-enabled workflows and contributions to cyber resiliency and exposure management. This role serves as the technical leader for the cybersecurity defense program setting detection strategy control roadmaps and resiliency patterns. The Architect leads preparation for and response actions to cyber events champion for exposure management and partners with privacy compliance legal clinical operations and enterprise architecture.

Essential Functions

• Event Lead for enterpriselevel incident response for priority events; coordinate with Legal/Privacy/Communications and external partners as needed.
• Perform Tier 3-level ticket intake triage investigation remediation and document corrective actions in corporate ticketing systems.
• Deliver correlated and complex crossplatform detections.
• Lead cyber defense operations across detection response and prevention functions.
• Evaluate and integrate AI across detections hunting triage and automation.
• Utilize AI-assisted analysis and automation to improve accuracy and efficiency of investigations.
• Maintain awareness of emerging threats vulnerabilities and adversary techniques and translate threat intelligence into operational response tasks.
• Author and conduct cyber defense exercises; measure and improve Mean Time to Detect (MTTD)/Mean Time to Remediate (MTTR) detection coverage and recovery.
• Define and author tool agnostic outcomedriven strategy and roadmaps.
• Drive cyber resiliency engineering (backup/restore assurance segmentation strategy recovery SLOs tabletop design chaos/resilience testing).
• Support exposure management program: scoping discovery prioritization adversarial validation mobilization; exposure lifespan and business risk reduction.
• Mentor engineers; set documentation and operational standards.

Job Requirements

• Education: Masters degree in Cybersecurity Information Technology Computer Science or equivalent depth of cybersecurity engineering experience.
• Experience: 58 years in security operations incident response or cybersecurity roles with multiplatform ownership and proven enterprise impact.
• Certifications (preferred): ISC2 Certified Information Systems Security Professional (CISSP) CompTIA Advanced Security Practitioner (CASP) / SecurityX or similar.
• Clearances/Background: Able to pass healthcare compliance/background checks.

Required Skills

• Curiosity and willingness to learn new technologies including use of AI and AI-enabled security capabilities.
• Full-spectrum security domain expertise (identity endpoint email/phishing cloud network data protection etc).
• Expert understanding of identity threats (MFA fatigue token theft OAuth abuse) email threats EDR evasion and cloud/system misconfigurations.
• Deep architecture and content engineering depth: detections analytics automation data pipelines quality gates and measurement.
• Demonstrated leadership of largescale incident response actions detection/resiliency initiatives with measurable risk reduction.
• Ability to solve complex cybersecurity operational problems without guidance.
• Master-level executive communication risk storytelling stakeholder influence and crossfunctional leadership.
• Ability to quickly organize and manage multiple competing tasks simultaneously.
• Ability to translate adversary TTPs into engineering changes for security tools.

Functional Demands

• Ability to sit for extended periods and operate a computer.
• Occasional lifting up to 20 pounds.
• Extended screen time; rapid context switching; occasional highstress majorincident participation.
• Participation in on-call coverage including nights/weekends/holidays as assigned.
• Ability to analyze alerts logs and reports for extended periods.
• Ability to prioritize tasks and manage multiple tickets simultaneously.
• Attention to detail and consistency in documentation.
• High focus for long periods during monitoring shifts; ability to communicate technical alerts to non-technical staff.