HCA Healthcare
Consulting Enterprise Security Engineer
HCA Healthcare, Nashville, Tennessee, United States, 37247
Join to apply for the
Consulting Enterprise Security Engineer
role at
HCA Healthcare Introduction HCA Healthcare colleagues invested over 156,000 hours volunteering in our communities. As a(an) Consulting Enterprise Security Engineer with HCA Healthcare you can be a part of an organization that is devoted to giving back! Benefits
HCA Healthcare offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include: Comprehensive medical coverage that covers many common services at no cost or for a low copay. Plans include prescription drug and behavioral health coverage as well as free telemedicine services and free AirMed medical transportation. Additional options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness, hospital indemnity), auto and home insurance, identity theft protection, legal counseling, long-term care coverage, moving assistance, pet insurance and more. Free counseling services and resources for emotional, physical and financial wellbeing 401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service) Employee Stock Purchase Plan with 10% off HCA Healthcare stock Family support through fertility and family building benefits with Progyny and adoption assistance. Referral services for child, elder and pet care, home and auto repair, event planning and more Consumer discounts through Abenity and Consumer Discounts Retirement readiness, rollover assistance services and preferred banking partnerships Education assistance (tuition, student loan, certification support, dependent scholarships) Colleague recognition program Time Away From Work Program (paid time off, paid family leave, long- and short-term disability coverage and leaves of absence) Employee Health Assistance Fund that offers free employee-only coverage to full-time and part-time colleagues based on income. Note: Eligibility for benefits may vary by location. Job Summary
The Consulting Enterprise Security Consultant will drive the assessment/analysis of a broad range of applications, network, and security architectures for the enterprise to ensure the security, integrity, and regulatory compliance of critical information transmitted over the network or in storage. General Responsibilities
Security Assessment/Posture Review: Conduct thorough security assessment/posture reviews of applications, networks, and environments, identifying vulnerabilities and providing detailed, actionable guidance and recommendations for mitigation. Compliance: Ensure all security measures and solutions comply with HCA and NIST standards and other relevant regulatory requirements, maintaining up-to-date knowledge of these standards. Documentation: Produce clear, comprehensive documentation for all security assessments, projects, and recommendations, ensuring they are easily understood by both technical and non-technical stakeholders. Collaboration: Work collaboratively with other Information Security teams, fostering strong working relationships and ensuring seamless integration of security measures. Training and Development: Continuously improve personal knowledge and skills in information security and actively share this knowledge with team members through training sessions and mentorship. Operational Management: Successfully manage and complete security projects on time and within budget, demonstrating strong organizational and operational organization skills. Innovation: Proactively research and recommend innovative security solutions that enhance the HCA’s security posture while supporting business objectives. Communication: Expertly communicate security risks, standards, and practices to non-security personnel, ensuring they understand the importance and impact of security measures. Performance Metrics: Regularly review and report on key performance indicators (KPIs) related to security design reviews, architecture review boards, and compliance, using these metrics to drive continuous improvement. Clearly and accurately translate complex security standards and protocols into understandable terms for non-security personnel. Effectively lead, teach, and mentor other security teammates on newly acquired skills and tools. Relevant Work Experience
7+ years EDUCATION
Bachelor’s Degree Preferred Other/Special Qualifications
Skilled knowledge and expertise with various Information Security domains such as: Identity, Endpoint, Network, Data, Mobile, Cloud, Application Security etc. Experienced assessing and implementing solutions to comply with industry and regulatory requirements (i.e., NIST, ISO, HIPAA, PCI, SOX, GDPR) Skilled knowledge and use of information security principles, standards, practices, and technologies Able to discuss and demonstrate deep understanding of information security threat and vulnerability detection, risk assessment, risk management, and risk reduction procedures 7+ years of experience operating in large organizations and measurable success in security disciplines within large organizations 7+ years of experience developing and implementing risk assessment, risk management, and risk reduction procedures Strong business acumen, deep critical thinking, and decision-making skills Proven record of delivering critical projects with challenging deadlines, interacting with multiple stakeholders’ groups, and competing priorities Possesses strong conflict management skills Comfortable working independently or in a diverse team environment Experience working in a healthcare environment securing clinical applications and information is a plus One of the following certifications: SABSA, CISSP, CISM, CCSP, CISA, GSEC, OWASP is a plus PHYSICAL DEMANDS/WORKING CONDITIONS
Position may require periodic after-hours work and moderate travel at times with little notice. Candidates are expected to work most days at a corporate office location in Nashville during normal business hours. HCA Healthcare has been recognized as one of the World's Most Ethical Companies by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses. We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
#J-18808-Ljbffr
Consulting Enterprise Security Engineer
role at
HCA Healthcare Introduction HCA Healthcare colleagues invested over 156,000 hours volunteering in our communities. As a(an) Consulting Enterprise Security Engineer with HCA Healthcare you can be a part of an organization that is devoted to giving back! Benefits
HCA Healthcare offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include: Comprehensive medical coverage that covers many common services at no cost or for a low copay. Plans include prescription drug and behavioral health coverage as well as free telemedicine services and free AirMed medical transportation. Additional options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness, hospital indemnity), auto and home insurance, identity theft protection, legal counseling, long-term care coverage, moving assistance, pet insurance and more. Free counseling services and resources for emotional, physical and financial wellbeing 401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service) Employee Stock Purchase Plan with 10% off HCA Healthcare stock Family support through fertility and family building benefits with Progyny and adoption assistance. Referral services for child, elder and pet care, home and auto repair, event planning and more Consumer discounts through Abenity and Consumer Discounts Retirement readiness, rollover assistance services and preferred banking partnerships Education assistance (tuition, student loan, certification support, dependent scholarships) Colleague recognition program Time Away From Work Program (paid time off, paid family leave, long- and short-term disability coverage and leaves of absence) Employee Health Assistance Fund that offers free employee-only coverage to full-time and part-time colleagues based on income. Note: Eligibility for benefits may vary by location. Job Summary
The Consulting Enterprise Security Consultant will drive the assessment/analysis of a broad range of applications, network, and security architectures for the enterprise to ensure the security, integrity, and regulatory compliance of critical information transmitted over the network or in storage. General Responsibilities
Security Assessment/Posture Review: Conduct thorough security assessment/posture reviews of applications, networks, and environments, identifying vulnerabilities and providing detailed, actionable guidance and recommendations for mitigation. Compliance: Ensure all security measures and solutions comply with HCA and NIST standards and other relevant regulatory requirements, maintaining up-to-date knowledge of these standards. Documentation: Produce clear, comprehensive documentation for all security assessments, projects, and recommendations, ensuring they are easily understood by both technical and non-technical stakeholders. Collaboration: Work collaboratively with other Information Security teams, fostering strong working relationships and ensuring seamless integration of security measures. Training and Development: Continuously improve personal knowledge and skills in information security and actively share this knowledge with team members through training sessions and mentorship. Operational Management: Successfully manage and complete security projects on time and within budget, demonstrating strong organizational and operational organization skills. Innovation: Proactively research and recommend innovative security solutions that enhance the HCA’s security posture while supporting business objectives. Communication: Expertly communicate security risks, standards, and practices to non-security personnel, ensuring they understand the importance and impact of security measures. Performance Metrics: Regularly review and report on key performance indicators (KPIs) related to security design reviews, architecture review boards, and compliance, using these metrics to drive continuous improvement. Clearly and accurately translate complex security standards and protocols into understandable terms for non-security personnel. Effectively lead, teach, and mentor other security teammates on newly acquired skills and tools. Relevant Work Experience
7+ years EDUCATION
Bachelor’s Degree Preferred Other/Special Qualifications
Skilled knowledge and expertise with various Information Security domains such as: Identity, Endpoint, Network, Data, Mobile, Cloud, Application Security etc. Experienced assessing and implementing solutions to comply with industry and regulatory requirements (i.e., NIST, ISO, HIPAA, PCI, SOX, GDPR) Skilled knowledge and use of information security principles, standards, practices, and technologies Able to discuss and demonstrate deep understanding of information security threat and vulnerability detection, risk assessment, risk management, and risk reduction procedures 7+ years of experience operating in large organizations and measurable success in security disciplines within large organizations 7+ years of experience developing and implementing risk assessment, risk management, and risk reduction procedures Strong business acumen, deep critical thinking, and decision-making skills Proven record of delivering critical projects with challenging deadlines, interacting with multiple stakeholders’ groups, and competing priorities Possesses strong conflict management skills Comfortable working independently or in a diverse team environment Experience working in a healthcare environment securing clinical applications and information is a plus One of the following certifications: SABSA, CISSP, CISM, CCSP, CISA, GSEC, OWASP is a plus PHYSICAL DEMANDS/WORKING CONDITIONS
Position may require periodic after-hours work and moderate travel at times with little notice. Candidates are expected to work most days at a corporate office location in Nashville during normal business hours. HCA Healthcare has been recognized as one of the World's Most Ethical Companies by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses. We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
#J-18808-Ljbffr