Cyber Defense Engineer

At Zelis, we Get Stuff Done. So, let’s get to it! 

A Little About Us 

Zelis is modernizing the healthcare financial experience across payers, providers, and healthcare consumers. We serve more than 750 payers, including the top five national health plans, regional health plans, TPAs and millions of healthcare providers and consumers across our platform of solutions. Zelis sees across the system to identify, optimize, and solve problems holistically with technology built by healthcare experts – driving real, measurable results for clients.

At Zelis, AI is woven into the fabric of how we work. Every associate is expected - and empowered - to partner with AI to challenge the status quo, accelerate innovation, and amplify their impact. This is a place for builders with a growth mindset who act with agility, embrace change, and use modern technology to shape smarter solutions, exceptional experiences, and the future of our industry for our clients, customers, and our culture.

A Little About You 

You bring a unique blend of personality and professional expertise to your work, inspiring others with your passion and dedication. Your career is a testament to your diverse experiences, community involvement, and the valuable lessons you've learned along the way. You are more than just your resume; you are a reflection of your achievements, the knowledge you've gained, and the personal interests that shape who you are.

Position Overview

Your Team & Role

The Cyber Defense Engineer builds, manages, and enhances tools, automations, and data systems that power cyber defense operations. The role involves hands-on work with security technologies, developing workflow efficiencies, supporting detection engineering, ensuring high-quality security data, and mentoring teammates to strengthen overall team capability.

Key Responsibilities

• Innovation: Identify capability gaps, propose solutions, and design modern defensive approaches.

• Automation: Build or enhance automated workflows to reduce manual effort, improve reliability, and accelerate detection/response.

• Tooling Management: Maintain, optimize, and troubleshoot security platforms, custom tools, and log pipelines across the enterprise.

• Enterprise Data Management: Oversee the lifecycle of security data—ingestion, transformation, normalization, and quality control across systems.

• Detection Management: Support detection engineering through maintenance, testing, and improvement of detection logic, rules, dashboards, and data sources.

• Mentoring: Guide junior engineers and analysts on tools, processes, automation practices, and new capabilities.

Here is What You Can Expect on a Typical Day

• Tune, fix, integrate, or enhance security tools.

• Build or update automation scripts/workflows for incident response, threat intelligence, and vulnerability management.

• Maintain data pipelines by validating log sources, troubleshooting gaps, updating parsers, and improving normalization.

• Review and build detection rules/alerts, collaborating with analysts to reduce noise and improve performance.

• Work with IT, cloud, networking, and security teams to deploy solutions or resolve tool issues.

• Write documentation, improve runbooks, and share lessons learned.

• Support teammates through technical guidance and demonstrations.

• Participate in discussions on innovation, process improvement, and future engineering projects.

• Perform additional tasks as assigned.

Qualifications:

• Bachelor of Computer Science, Engineering, Information Security, Information Technology, or 4+ years of equivalent experience.

• 4+ years of enterprise level cybersecurity detection, response, or engineering experience.

• Ability to collaborate across enterprise teams within a cybersecurity context

• Strong oral/written communication skills with experience in cybersecurity technical process documentation.

• Demonstrated passion for cyber defense and commitment to maintaining technical proficiency

• Proven innovation and non-traditional problem solving

• Advanced knowledge of SIEM, SOAR, malware sandboxing and related tools

• Experience building or maintaining automation scripts or workflows (e.g., Python, PowerShell, Bash, APIs).

• Ability to diagnose and solve complex technical issues across tools, data flows, and integrations.

• Experience mentoring or training others on tools, techniques, or processes.

• Strong problem-solving mindset with an interest in improving systems and workflows.

• Understanding of detection logic, threat behaviors, and MITRE ATT&CK.

Preferred qualifications:

• Advanced cybersecurity certifications (e.g., GCFA, GCIA, GNFA, GCTI, GREM, GCIH, GCFA, GPEN, OSCP, etc.).

• Experience with cloud environments (AWS, Azure, GCP) and associated security tooling.

• Advanced Proficiency in scripting and high-level programming languages (Python, PowerShell, bash, etc.)

Base Salary Range

At Zelis we are committed to providing fair and equitable compensation packages. The base salary range allows us to make an offer that considers multiple individualized factors, including experience, education, qualifications, as well as job-related and industry-related knowledge and skills, etc. Base pay is just one part of our Total Rewards package, which may also include discretionary bonus plans, commissions, or other incentives depending on the role.

Zelis’ full-time associates are eligible for a highly competitive benefits package as well, which demonstrates our commitment to our employees’ health, well-being, and financial protection. The US-based benefits include a 401k plan with employer match, flexible paid time off, holidays, parental leaves, life and disability insurance, and health benefits including medical, dental, vision, and prescription drug coverage.

Equal Employment Opportunity  
Zelis is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. 
 
We welcome applicants from all backgrounds and encourage you to apply even if you don’t meet 100% of the qualifications for the role. We believe in the value of diverse perspectives and experiences and are committed to building an inclusive workplace for all. 

Accessibility Support 
We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email [email protected]. 

Disclaimer 

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities, duties, and skills from time to time.