INTRODUCTION

Experience the HCA Healthcare difference where colleagues are trusted, valued members of our healthcare team. Grow your career with an organization committed to delivering respectful, compassionate care, and where the unique and intrinsic worth of each individual is recognized. Submit your application for the opportunity below:Consulting Security Vulnerability EngineerHCA Healthcare

NOTE: ELIGIBILITY FOR BENEFITS MAY VARY BY LOCATION.

We are seeking a Consulting Security Vulnerability Engineer for our team to ensure that we continue to provide all patients with high quality, efficient care. Did you get into our industry for these reasons? We are an amazing team that works hard to support each other and are seeking a phenomenal addition like you who feels patient care is as meaningful as we do. We want you to apply!

JOB SUMMARY AND QUALIFICATIONS

The Vulnerability Engineer implements and monitors enterprise-wide vulnerability management solutions for HCA. A Vulnerability Engineer strives to enforce security best practices, policies, standards, and guidance to ensure the safeguard of HCA’s proprietary data, physical infrastructure, and resources from internal and external threats. The Vulnerability Engineer is required to maintain an extensive understanding of services provided by HCA, ITG and to develop relationships throughout the organization to assist Information Security in accomplishing its goals for the company.

SKILLS

• Effective self-management skills
• Effective time management skills
• Effective organizational skills
• Effective written and oral communication skill
• Effective analytical skills
• Effective decision making in crisis scenarios
• Effective project management skills
• Detailed knowledge in cloud computing and threats related to cloud environments, including but not limited to IaaS/PaaS/SaaS
• Understanding of 3rd party Cloud Security Tools, including but not limited to CASB/CSPM/CWPP
• Understanding of Native Cloud Security Tools
• Creative problem solving
• Competent using the Microsoft Office suite of products

RELEVANT WORK EXPERIENCE

• 7+ years

EDUCATION

• Bachelor’s Degree Preferred

OTHER/SPECIAL QUALIFICATIONS

• CISSP (Certified Information Systems Security Professional) preferred
• Preferred areas of experience:
• Comprehensive understanding of Security Methodologies
• Advanced experience with TCPIP/UDP/ICMP
• Comprehensive knowledge of the OSI Reference Model
• Windows / Linux / Unix operating systems
• Advanced experience with Networking components (routers, switches, load balancers, wireless access points, etc)
• Comprehensive knowledge of firewalls, proxies, mail servers and web servers
• Advanced experience with operational support for operating systems, applications and networks
• Comprehensive knowledge of relational databases and structured query language
• Advanced experience with vulnerability assessments
• Comprehensive knowledge of malicious code (worms, viruses, spyware, etc.)
• Comprehensive knowledge of enterprise-scale security assessment infrastructure
• Advanced experience in automation and scripting of applications and systems

• Organize resources to perform vulnerability assessments of operating systems, applications, databases and network infrastructure components to detect, enumerate and classify major vulnerabilities for performing trend analysis and reporting to Enterprise customers through the use of vulnerability assessment tools and methodologies.
• Schedule and maintain security operations management of operating systems, security applications and network infrastructure components to provide security configurations, controls for user account access, monitoring of services, centralized logging, network connectivity, job scheduling execution and routine maintenance through the use of administrative tools and methodologies.
• Organize and perform vulnerability classification based on industry publications, attack vector analysis, and external intelligence.
• Coordinate resources for auditing of applications, operating systems and networks to provide a measurable technical assessment that includes interviewing staff personnel, performing security vulnerability scans, reviewing access controls or analyzing physical access to ensure availability, confidentiality and integrity to help the organization meet internal and external regulatory compliance.
• Participate in (red/blue) and interpret the results of the attack and penetration testing of the HCA enterprise for information gathering, vulnerability detection, analysis and exploitation planning, and results reporting to remediate exploits and ensure confidentiality, integrity and availability of mission critical information assets.
• Mentor junior engineers in security knowledge and experience in technologies and methodologies as it relates to operating systems, firewalls, proxies, access controls, encryption, networking, programming/scripting, auditing, vulnerability assessments, and operations management to assist the team with effective research, data gathering, analysis, metrics reporting and communications.
• Provide guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios, e.g. large-scale production service outages, outside of the routine change management process.