Senior Cyber Security Engineer- Zero Trust

Orlando Health Ventures l LLC

Orlando, FL

JOB DETAILS
SKILLS
Access Control, Bash Scripting, Best Practices, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Career Development, Cloud Computing, Computer Security, Continuous Improvement, Cross-Functional, Cryptography, DNS (Domain Name System), Documentation Standards, Endpoint Security, Event Correlation, Firewalls, GIAC - Global Information Assurance Certification, Healthcare, High Availability, Hospital, Hybrid Cloud, IPsec (IP Security), Incident Response, Information Technology & Information Systems, Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, Linux Operating System, Mac Operating System, Mentoring, Microsoft Product Family, Microsoft Windows Operating System, Mobile Operating System, Network Monitoring, Network Protocols, Network Routers, Network Security, Network Switching, On Call, Operational Improvement, Operational Strategy, Operations Security (OPSEC), Outpatient Care, Patient Care, People Management, Performance Tuning/Optimization, Policy Implementation, Primary Care, Privacy Controls, Problem Solving Skills, Process Improvement, Public Key Infrastructure (PKI), Python Programming/Scripting Language, Regulatory Requirements, Remote Access, Risk, Risk Analysis, Risk Management, SSCP - Systems Security Certified Practitioner, SSL-TLS (Secure Socket Layer - Transport Layer Security), Scripting (Scripting Languages), Security Architecture, Security Infrastructure, Security Monitoring, Security Policy, Security Protocols, Standards Development, TCP/IP (Transmission Control Protocol/Internet Protocol), Technical Leadership, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), Urgent Care, User Interface/Experience (UI/UX), VPN (Virtual Private Network), Vendor/Supplier Selection, Windows PowerShell
LOCATION
Orlando, FL
POSTED
30+ days ago

Position Summary

Status: Full-Time Schedule: Hybrid Monday-Friday 8am-5pm Location: Downtown Orlando On Call Required

At Orlando Health, we are ordinary people with extraordinary individuality working together to bring help, healing, and hope to those we serve. By daily embodying our over 100-year legacy, we reinforce our reputation as a trusted and respected healthcare organization that delivers professional and compassionate care to our patients, families, and communities. Through our award-winning hospitals and ERs, specialty institutes, urgent care centers, primary care practices, and outpatient facilities, our 27,000 team members serve communities that span Floridas east to west coasts and beyond.

ORLANDO HEALTH - BENEFITS & PERKS

All Inclusive Benefits start day one Student loan repayment tuition reimbursement FREE college education programs retirement savings paid paternity leave fertility benefits back up elder and childcare pet insurance PTO/Holidays and more for full-time and part-time employees.

Forbes Recognizes Orlando Health as a Best-In-State Employer Forbes has named Orlando Health as one of Americas Best-In-State Employers for 2024. Orlando Health is the top healthcare organization in the Metro Orlando area to make the prestigious list. We are proud to be named once again as a best place to work, said Karen Frenier, VP HR. This achievement reflects our positive culture and efforts to ensure that all team members feel respected, supported, and valued.

Employee-centric Orlando Health has been selected as one of the Best Places to Work in Healthcare" by Modern Healthcare

Senior Cyber Security Engineer Position

The Senior Cyber Security Engineer provides technical leadership in the design, implementation, and operationalization of Zero Trust Architecture across enterprise on-premises, cloud, and hybrid environments. This role leads the deployment and optimization of Zscaler and SASE-based security platforms, driving secure access transformation, network modernization, and identity-centric security controls.

The engineer partners closely with Security Architecture, IAM, SOC, Network, and Infrastructure teams to implement scalable policy-driven security solutions that reduce attack surface, improve user experience, and enhance detection and response capabilities. This position plays a critical role in advancing cloud security, secure remote access, and least-privilege access strategies while ensuring alignment with organizational risk, compliance, and resilience objectives.

Responsibilities

  • Lead design, deployment, and optimization of security solutions for on-premises and cloud environments, ensuring alignment with security requirements and best practices.
  • Lead the design, deployment, and optimization of Zero Trust Architecture, aligning with NIST and industry best practices, including identity-based access, continuous verification, and least-privilege principles.
  • Engineer and operate the Zscaler technology stack, including Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), Zscaler Digital Experience (ZDX), and Zscaler Client Connector.
  • Replace legacy perimeter-based security VPNs and static firewalls with cloud-native identity-aware access controls.
  • Design secure access models for remote users, third parties, and cloud workloads, ensuring consistent policy enforcement regardless of location.
  • Oversee security network tuning and optimization, proactively identifying vulnerabilities, optimizing system performance, and aligning with strategies conceived by Security Architect.
  • Resolve complex security issues, ensuring continuous improvement of security protocols.
  • Drive security standards development and tool/vendor selection to ensure effective security measures.
  • Recommend and implement security enhancements to strengthen the organizations security posture.
  • Collaborate with cross-functional teams, SOC, Resiliency, IAM, etc., to develop and integrate comprehensive security strategies into infrastructure operations and incident response frameworks.
  • High proficiency in network security concepts, such as security event correlation, TCP/IP concepts, DNS, firewall technologies, IPS/IDS, Endpoint protection, routers, switches, perimeter security devices, MFA, encryption, and PKI, as well as IPSEC and SSL-based VPN solutions.
  • Provide expertise in network concepts & protocols and for Windows, Linux, macOS, and mobile OS, guiding the team on platform-specific security measures.
  • Create and maintain automation scripts (Bash, PowerShell, Python) to streamline security tasks.
  • Stay updated on emerging threats, trends, security laws, principles, and practices, and proactively adjust strategies.
  • Serve as a subject matter expert and mentor to junior engineers, providing guidance on complex security practices, technical problem-solving, incident handling, and career development.
  • Partner with project teams to ensure that security is designed in all technology initiatives.
  • Aid in the development and refinement of security policies, ensuring alignment with regulatory requirements and organizational goals.
  • Ensure risk management and compliance initiatives are supported within TPRM validations.
  • Drive continuous improvement in security operations and security culture.
  • Assist teams in various security and privacy risk mitigation efforts, including incident response.
  • Develop and document security standards, configurations, and procedures.
  • Conduct risk assessment and audit on the organizations information technology infrastructure.
  • Ensure high availability and effective incident response by actively participating in the 24/7 On-Call rotation and supporting critical escalations as needed.

Qualifications

  • Education/Training: Bachelors degree preferred. Associates degree or equivalent and five (5) years of directly related experience may substitute for the Bachelors degree in addition to the requirements listed in the Experience section.
  • Licensure/Certification: Required Two or more of the following Security or Network related certification: SC-200, MS-500, AZ-500, AZ-700, AZ-800, Security, CISM, CISSP, GIAC 500 series, SSCP, PCNSE/Linux, or similar, or ability to obtain within 180 days. Microsoft Purview, Varonis, or Imperva certifications strongly preferred.
  • Experience: Five (5) years experience in Information Technology, including three (3) years of IT Security/Engineering related experience.

About the Company

O

Orlando Health Ventures l LLC