Jobs · Engineering · New York

Attack Surface Management Engineer

Montefiore Health System · Bronx, NY · 2 mo ago
Engineering$112k–$140k/yrFull-time

Responsibilities

  • Work with architecture and engineering personnel to implement automation and orchestration solutions where appropriate to improve efficiency and reduce manual effort.
  • Collaborate with IT, clinical teams, and other departments to ensure cybersecurity measures are integrated into everyday operations without disrupting patient care.
  • Manage vendor relationships related to security solutions, testing services, and consulting engagements.
  • Maintain security tools and services ensuring continued uptime and efficient execution of scanning activities.
  • Work with DevOps, cloud, and IT infrastructure teams to incorporate secure development practices and vulnerability remediation into their workflows.
  • Perform continuous device and asset discovery across IT, cloud, medical, and IoT/OT environments using approved ASM tooling.
  • Review and validate asset discovery and vulnerability findings to identify unmanaged, unknown, or misclassified assets.
  • Correlate exposure and vulnerability data with CMDBs, internal inventories, and cloud asset repositories to improve accuracy.
  • Support the enterprise vulnerability management lifecycle by tracking findings from identification through remediation.
  • Apply risk-based vulnerability prioritization using exploitability, asset criticality, and business impact.
  • Coordinate with system, application, and device owners to validate their proposed remediation actions and timelines.
  • Review third-party penetration testing results and assist with remediation tracking and validation.
  • Collaborate with SOC and incident response teams to contextualize vulnerabilities during investigations.
  • Develop and maintain technical documentation, SOPs, and workflows related to ASM processes.
  • Contribute to dashboards, KPIs, and reporting that measure attack surface coverage, vulnerability aging, and risk reduction.
  • Monitor vulnerability and threat trends relevant to healthcare and emerging technologies.
  • Assist with automation and orchestration initiatives to improve ASM efficiency under manager guidance.

Requirements

  • Bachelor's degree or equivalent work experience.
  • 4 - 6 years Cybersecurity or IT experience with progression from vulnerability analysis, exposure management, or ASM analyst functions.
  • 4 - 6 years prior experience in highly regulated environments.
  • Strong proficiency with asset discovery and attack surface management technologies across on-prem IT, cloud, and IoMT environments.
  • Strong ability to interpret, validate, and assess findings from attack surface management (ASM) and vulnerability management platforms.
  • Strong understanding of the vulnerability management lifecycle, including remediation processes and governance requirements.
  • Foundational experience correlating data across CMDBs, cloud inventories, and security tools.
  • Ability to communicate technical findings to non-technical stakeholders with guidance.
  • Working knowledge of healthcare cybersecurity frameworks including HIPAA, HITECH, NIST CSF, HITRUST, HICP, and NYSDOH 405.46.
  • Strong analytical skills with attention to detail and data accuracy.
  • Ability to operate effectively within defined processes and escalate appropriately.

Qualifications

  • Prior experience in healthcare.
  • One of the following certifications required or obtained within 18 months of hire:
  • CompTIA PenTest+
  • GIAC Security Essentials (GSEC)
  • Tenable Certified Nessus Auditor (TCNA)
  • CREST Registered Vulnerability Specialist (RVS)

Similar jobs