Cyber Incident Response Engineer II jobs in United States
cer-icon
Apply on Employer Site
company-logo

Excellus BCBS · 1 day ago

Cyber Incident Response Engineer II

positionBinghamton, NY
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$110K/yr - $198K/yr
date5+ years exp

Excellus BCBS is focused on delivering comprehensive healthcare solutions, and they are seeking a Cyber Incident Response Engineer II. This role is essential for detecting, investigating, and responding to cybersecurity threats, while also leading security operations and collaborating across various security technologies.

Health CareHealth InsuranceNon Profit
check
Work & Life Balance
check
H1B Sponsor Likelynote

Responsibilities

Designs, implements, and conducts the operation of IR operations tools including logging, SIEM, EDR, UEBA, SOAR etc
Evaluates and proposes new security solutions for IR operations
Investigates and presents recommendations to the security manager and various levels of management regarding protection of computing resources and information assets
Builds & updates playbooks/SOAR automations, etc
Assists with monitoring escalations from analysts and provides technical input during investigations
Performs proactive threat hunting to identify potential threats or anomalous behavior
Leverages MITRE ATT&CK framework to provide security monitoring recommendations and improvements
Participates in rotation of 24/7/365 on call coverage
Leads tactical project initiatives including design of solutions in conjunction with management and other cyber defense team members
Assists in the operational support for security technologies in defense against modern cybersecurity threats
Responds to requests within defined SLAs relating to various information security systems, programs, and processes
Enforces information security policies, standards, and procedures and investigates possible security exceptions
Assists in the execution of HIPAA, MAR, PCI, and COBIT compliance activities
Consults on the integration of cyber defense tools and appropriate controls into new and existing systems and applications
Assists in internal and external audits, self-assessments, and risk reviews for security processes
Hardens the operational security ecosystem and evolve mitigation techniques through ongoing threat intelligence assessment
Participates in incident response activities, including containment, triage, and root cause analysis
Research, design and integrate new operational security solutions with an emphasis on solutions that aligns with overall cybersecurity strategy
Consistently demonstrates high standards of integrity by supporting the Lifetime Healthcare Companies’ mission and values, adhering to the Corporate Code of Conduct, and leading to the Lifetime Way values and beliefs
Maintains high regard for member privacy in accordance with the corporate privacy policies and procedures
Regular and reliable attendance is expected and required
Performs other functions as assigned by management
Acts as a technical lead and provides mentoring, training, and technical support to engineers and analysts
Hardens security ecosystem and evolves mitigation techniques through ongoing threat intelligence assessments
Serves as the technical escalation point for complex incidents and operational challenges
Designs and leads threat hunting engagements and proactively identifies advanced threats
Leads the blue team side of purple team exercises to validate and improve detection and response capabilities. Leads cyber defense incident response activities end to end
Performs as the subject matter expert for more than three information security technology, processes, and practices internally to the Health Plan
Provides advanced technical expertise and process improvement support
Designs and implements automated solutions for common security administration tasks

Qualification

CybersecurityIncident ResponseThreat HuntingMITRE ATT&CKSecurity AutomationCloud SecurityNetwork SecurityIdentity ManagementPythonCISSPCISACISMCommunication SkillsOrganizational Skills

Required

Five (5) years of related work experience
Bachelor's degree in computer science, information technology, or relevant field. In lieu of degree, six (6) cumulative years of related experience are required
Hands on experience with the following operating systems preferred: Windows, and UNIX (Linux, AIX, Solaris, etc.)
Strong knowledge of several concepts and/or tools listed: Cloud infrastructure services, including IaaS, PaaS, and SaaS models
Intermediate knowledge of network and application security, including firewalls and web application firewalls (e.g., Palo Alto Networks, Imperva)
Experience and knowledge of identity and access management systems, including Active Directory, Entra ID, LDAP, and various authentication protocols
Knowledge of endpoint protection and antivirus solutions
Demonstrated experience identifying malicious actors, TTPs, and using the MITRE ATT&CK framework
Experience using IDS/IPS and/or related tools
Knowledge with cloud-native security solutions for multi-cloud environments, such as SIEM, CSPM, threat detection, compliance enforcement, and governance frameworks
Security incident response experience
Demonstrated experience with common query techniques including Kusto query language and Python
Advanced communication skills with the ability to present clear and concise information to all levels and technical abilities
Excellent organization and multi-tasking skills
Eight (8) years of related work experience with and strong knowledge of all concepts and/or tools listed above (under Level I)
Experience in evaluating security software packages and systems
Experience with security automation, including associated playbooks, reporting and notification
Knowledge of network regulations, industry standards and operational constraints of networks systems

Preferred

CISSP, CISA, CISM or other relevant security certification, or equivalent experience, and knowledge preferred
Experience providing work direction for one or more individual's specific projects and initiatives

Benefits

Participation in group health and/or dental insurance
Retirement plan
Wellness program
Paid time away from work
Paid holidays

Company

Excellus BCBS

twittertwittertwitter
Glassdoor4.0
company-logo
Excellus BlueCross BlueShield, a nonprofit independent licensee of the BlueCross BlueShield Association, is part of a family of companies that finances and delivers vital health care services to about 1.5 million people across upstate New York.
dateFounded in 1932
location
Rochester, New York, USA
people-size5001-10000 employees
web-link
https://www.excellusbcbs.com/

H1B Sponsorship

Excellus BCBS has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (18)
2023 (12)
2022 (15)
2021 (17)
2020 (20)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Jeremy Donath
Director, Provider Reimbursement Analytics & Operations
linkedin

Recent News

Rochester Business Journal
An ounce of prevention is worth a pound of cure: Infusing wellness into your health benefits
2026-01-03
Rochester Business Journal
Excellus BCBS announces 2025 Health Equity Innovation funding awards
2025-12-07
Rochester Business Journal
Strategies to curb rising pharmacy costs for employers | Coverage and Care
2025-12-05
Company data provided by crunchbase