Security Vulnerability Engineer II

Company: HCA Healthcare
Location: Nashville
Posted on: January 27, 2023

Job Description:

Description IntroductionDo you have the career opportunities as a Security Vulnerability Engineer II you want with your current employer? We have an exciting opportunity for you to join HCA Healthcare which is part of the nation's leading provider of healthcare services, HCA Healthcare.BenefitsHCA Healthcare, offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include:

• Comprehensive medical coverage that covers many common services at no cost or for a low copay. Plans include prescription drug and behavioral health coverage as well as telemedicine services and free AirMed medical transportation.
• Additional options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness, hospital indemnity), auto and home insurance, identity theft protection, legal counseling, long-term care coverage, moving assistance, pet insurance and more.
  
• Fertility and family building benefits through Progyny
  
• Free counseling services and resources for emotional, physical and financial wellbeing
  
• Family support, including adoption assistance, child and elder care resources and consumer discounts
  
• 401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service)
  
• Employee Stock Purchase Plan
  
• Retirement readiness and rollover services and preferred banking partnerships
  
• Education assistance (tuition, student loan, certification support, dependent scholarships)
  
• Colleague recognition program
  
• Time Away From Work Program (paid time off, paid family leave, long- and short-term disability coverage and leaves of absence)
  Learn more about Employee BenefitsNote: Eligibility for benefits may vary by location.
  Our teams are a committed, caring group of colleagues. Do you want to work as a Security Vulnerability Engineer II where your passion for creating positive patient interactions are valued? If you are dedicated to caring for the well-being of others, this could be your next opportunity. We want your knowledge and expertise!Job Summary and QualificationsHCA Healthcare ITGJob Summary:The Vulnerability Engineer implements and monitors enterprise-wide vulnerability management solutions for HCA. A Vulnerability Engineer strives to enforce security best practices, policies, standards, and guidance to ensure the safeguard of HCA's proprietary data, physical infrastructure, and resources from internal and external threats. The Vulnerability Engineer is required to maintain an extensive understanding of services provided by HCA, ITG and to develop relationships throughout the organization to assist Information Security in accomplishing its goals for the company.General Responsibilities:
  • Coordinate vulnerability assessments of operating systems, applications, databases and network infrastructure components to detect, enumerate and classify major vulnerabilities for performing trend analysis and reporting to Enterprise customers through the use of vulnerability assessment tools and methodologies.
  • Implement security operations management of operating systems, security applications and network infrastructure components to provide security configurations, controls for user account access, monitoring of services, centralized logging, network connectivity, job scheduling execution and routine maintenance through the use of administrative tools and methodologies.
  • Perform vulnerability classification based on industry publications, attack vector analysis, and external intelligence.
  • Review the results from auditing of applications, operating systems and networks to provide a measurable technical assessment that includes interviewing staff personnel, performing security vulnerability scans, reviewing access controls or analyzing physical access to ensure availability, confidentiality and integrity to help the organization meet internal and external regulatory compliance.
  • Participate in (red/blue) and organize the results from the attack and penetration testing performed on the HCA enterprise as information gathering, vulnerability detection, analysis and exploitation planning, and results reporting to remediate exploits and ensure confidentiality, integrity and availability of mission critical information assets.
  • Demonstrate advanced security knowledge and experience on technologies and methodologies as it relates to operating systems, firewalls, proxies, access controls, encryption, networking, programming/scripting, auditing, vulnerability assessments, intrusion management and operations management to assist the team with effective research, data gathering, analysis, metrics reporting and communications.
  • Provide guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios, e.g. large-scale production service outages, outside of the routine change management process.Skills
    • Effective self-management skills
    • Effective time management skills
    • Effective organizational skills
    • Effective written and oral communication skill
    • Effective analytical skills
    • Effective decision making in crisis scenarios
    • Effective project management skills
    • Basic knowledge in cloud computing and threats related to cloud environments
    • Creative problem solving
    • Competent using the Microsoft Office suite of productsEducation, Experience and Certifications:
      • Bachelor's Degree - Preferred
      • 5+ years of experience in relevant work - Required
      • CISSP (Certified Information Systems Security Professional)Other Required Qualifications:
        • Understanding of Security Methodologies
        • Experience of TCPIP/UDP/ICMP
        • Advanced knowledge of the OSI Reference Model
        • Windows / Linux / Unix operating systems
        • Advanced experience of Networking components (routers, switches, load balancers, wireless access points, etc)
        • Common knowledge of firewalls, proxies, mail servers and web servers
        • Experience with operational support for operating systems, applications and networks
        • Common knowledge of relational databases and structured query language
        • Experience with vulnerability assessments
        • Common knowledge of malicious code (worms, viruses, spyware, etc.)
        • Common knowledge of enterprise-scale security assessment infrastructure
        • Experience with automation and scripting of applications and systemsHCA Healthcare's Information Technology Group (ITG) delivers healthcare IT products and services to HCA Healthcare's portfolio of business and partners, including Parallon, HealthTrust and Sarah Cannon.
          
          For decades, ITG has been a pioneer in the industry, leading the transformation of healthcare into a new era of quality and connectivity. ITG relies on the breadth of the organization and depth of technical expertise to advance and enhance today's healthcare and to enable our physicians and clinicians to provide world-class, innovative care for patients.
          
          ITG employees rally around the noble cause of transforming healthcare through technology and find inspiration in the meaningful work they do-creating a culture that follows our mission statement which begins by saying "above all else we are committed to the care and improvement of human life."
          
          If you want a career in technology and have a heart for healthcare, apply your expertise to a mission that matters.
          What qualifications you will need:Occasional/ Intermittent Travel Required3 years experience Required Years of Experience ITG transforms healthcare and gives people healthier tomorrows. We deliver information technology strategy, support, and solutions. ITG improve and enhance patient care and business operations. We deliver services at administrative locations, data centers, and hospitals. The facilities we support are located in 20+ states and the United Kingdom. Our team works to move healthcare forward. We do this by seeking, embracing, developing, and delivering technology for patient care. HCA Healthcare has been recognized as one of the World's Most Ethical Companies by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses.
          "Bricks and mortar do not make a hospital. People do."- Dr. Thomas Frist, Sr.
          HCA Healthcare Co-Founder If you are looking for an opportunity that provides satisfaction and personal growth, we encourage you to apply for our Security Vulnerability Engineer II opening. We promptly review all applications. Highly qualified candidates will be contacted for interviews. Unlock the possibilities and apply today!We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Keywords: HCA Healthcare, Nashville , Security Vulnerability Engineer II, Engineering , Nashville, Tennessee