Job Summary

The Cybersecurity Engineer II will serve as a hands-on technical leader responsible for designing, implementing, and maintaining advanced cybersecurity solutions within the Wisconsin Health Data Hub (WHDH). WHDH is a federally funded initiative developing a secure, cloud-native data platform to enable biomedical research, real-world data analytics, and AI-driven discovery.

This role bridges security strategy and engineering execution by translating modern cybersecurity practices-including cloud security, identity and access management, threat detection, vulnerability management, and data protection-into scalable, production-ready controls. The Cybersecurity Engineer will work closely with data engineers, solutions architects, and domain experts to secure infrastructure, applications, and sensitive multi-modal healthcare datasets across the WHDH environment.

The position emphasizes proactive risk reduction, continuous monitoring, iterative improvement, and deployment of resilient security solutions that function reliably within a secure, governed data environment.

Key Responsibilities

Security Architecture & Engineering

Design and implement security controls across WHDH cloud infrastructure, applications, data platforms, and network environments.
Build secure-by-design architectures for data ingestion, storage, analytics, and AI workloads.
Configure identity and access management controls including role-based access, least privilege, and privileged account protections.
Implement encryption solutions for data at rest, in transit, and during controlled data exchange processes.
Conduct architecture reviews to identify and remediate security weaknesses before deployment.

Monitoring, Detection & Incident Response

Implement and maintain security monitoring tools, logging pipelines, and alerting capabilities across the WHDH environment.
Develop automated detection rules for suspicious activity, unauthorized access, and anomalous system behavior.
Investigate security alerts, triage incidents, and coordinate containment and remediation activities.
Lead technical response efforts for cybersecurity incidents affecting infrastructure, applications, or data assets.
Conduct post-incident reviews and implement preventive improvements.

Cloud & Platform Security Operations

Secure cloud-native environments including compute, storage, networking, and containerized workloads.
Implement vulnerability management processes including scanning, prioritization, patch coordination, and remediation tracking.
Harden operating systems, databases, containers, and endpoints supporting the WHDH platform.
Support secure CI/CD pipelines and DevSecOps practices for platform engineering teams.
Maintain backup integrity, disaster recovery readiness, and resilience controls.

Governance, Risk & Compliance

Ensure platform operations align with institutional security policies, research data governance requirements, and healthcare privacy standards.
Support compliance with HIPAA-aligned safeguards, NIST frameworks, and applicable contractual security obligations.
Perform risk assessments, security reviews, and control documentation for new technologies and vendor integrations.
Maintain technical evidence and documentation required for audits, grant reporting, and security assessments.
Provide security guidance to project teams handling sensitive or regulated data.

Collaboration & Security Enablement

Partner with data engineers, data scientists, and software engineers to implement secure solutions without impeding innovation.
Deliver practical cybersecurity guidance for secure data sharing, external collaboration, and research computing workflows.
Promote security awareness and best practices across WHDH technical teams.
Evaluate emerging cybersecurity technologies and recommend improvements to platform defenses.

It is anticipated that this position will be remote and requires work be performed at an offsite, non-campus work location. The selected candidate must reside within the State of Wisconsin or plan to reside in the State within a reasonable time from the position start date.