Enterprise Security Engineer 3
Corporate Main Campus - Nashville, TN

This job posting is no longer available on HCA Inc. Find similar jobs: Enterprise Security Engineer jobs - Corporate Main Campus jobs

The country's largest private sector healthcare provider, Hospital Corporation of America, is making substantial investments in their Information Privacy & Security program, creating numerous opportunities for information security professionals seeking challenging jobs in a great work environment.

  • HCA is a
Fortune 100 company

with approximately 163 hospitals, 110 freestanding surgery centers, 600 physician practices, and 200,000 employees.

  • Already recognized for excellence in Information Privacy & Security, HCA is raising the bar higher by investing in additional talent and leading technologies.
  • HCA CISO was named the
Top Information Security Executive

in North America in 2009.

  • HCA's IT organization has been named one of the
100 Best Places to Work in IT

by Computerworld four years in a row.

  • Recognized for the past two years as one of
America's Most Ethical Companies


  • Leadership development is highly valued within organization. As a result of this practice, HCA has successfully equipped individuals who have been selected for CISO level opportunities.
Join HCA: A team of exceptional professionals with passion for their work driven by the mission of taking care of people, starting with the patients in our hospitals and encompassing the employees who support them. Below position based at our corporate headquarters in one of

America's Best Places to Live

  • Nashville, TN.

The Enterprise Security Engineer - Level 3 is responsible for analyzing a broad range of applications, network, and security architectures for the enterprise in order to ensure the security, integrity, and regulatory compliance of critical information transmitted over the network or in storage. A person in this position will be required to understand cloud technologies, encryption technologies, B2B, VPN, firewalls, PHI, PII, PCI, HL-7, pen testing, application & web scanning, hacking methodology, etc… and be able to make control recommendations in order to ensure HIPAA compliance. The engineer will review and negotiate Information Security Agreements on behalf of HCA or its affiliates.

This person will work to integrate user authentication and authorization with the enterprise Active Directory where possible.

This person will be responsible for documentation of engagement SOWs, business requirements, project engagement status, technology requirements, designs, and recommendations made as a resource for Information Security.

Must be able to quickly gain an understanding of the operations performed by other groups within Information Security and identify the potential for long term operational involvement on any implementations resulting from a project.


Serves as an internal information security consultant to the enterprise while balancing the needs of the day-to-day business.

Research and recommend solutions that meet security standards while ensuring functionality for business continuity.

Leads enterprise-wide definition, establishment, and maintenance of data security-related infrastructure, applications, and processes.

Negotiate Information Security Agreements

Negotiate timing and gain approval for pen test of ASPs

Develop security test scenarios for unit, process, function, integration, and acceptance testing.

Design and develop integration schema and linkage for multi-platform business and technological solutions.

Evaluates the security of new technologies and assist with the plan to integrate them into the company environment.

Develop disaster recovery and contingency plans for Information Security projects and participate in DR planning for other projects.

Recommend best practices for security controls without hindering functionality.

Define the minimum security configuration for all IT systems.

Evaluates new and proposed security systems and technologies.

Reviews, develops, test, and implements security plans, products, and control techniques.

Translates security standards to project teams.

Assist with vulnerability and intrusion assessments.

Develops guidelines for the usage, control, maintenance, and audit ability of information and computer resources.


Qualified candidates will have 5-7 years of relevant work experience.

College graduate preferred.


Must be able to work independently or in a close team environment.

Working knowledge of LDAP Directories

Working knowledge of Microsoft Active Directory

Ability to analyze all layers of the OSI model from the security stance

Working knowledge of Linux, AIX, etc…

Prepare and present plans / designs to IT and business leaders

Advocate the integration of solutions into the enterprise directory structure

Familiarity with information security forensics

In depth knowledge of networking technologies and architecture

Excellent problem solving ability

High degree of self motivation

Excellent written and oral skills

Competent using the Microsoft Office suite of products


Normal work environment is an office with Windows PCs, various meetings, etc…

Position may require periodic after hours work and moderate travel at times with little notice.

HCA Inc - 19 months ago - save job - block
Recommended Jobs
Sr. Information Security Engineer
Ardent Corporate Office - Nashville, TN
Ardent Health Services - 17 hours ago

System Engineer I
WEX Inc. - Antioch, TN
WEX Inc. - 10 days ago

Unified Communications Engineer
Deloitte - Nashville, TN
Deloitte - 12 days ago