The country's largest private sector healthcare provider, Hospital Corporation of America, is making substantial investments in their Information Privacy & Security program, creating numerous opportunities for information security professionals seeking challenging jobs in a great work environment.
Fortune 100 company
with approximately 163 hospitals, 110 freestanding surgery centers, 600 physician practices, and 200,000 employees.
Top Information Security Executive
- Already recognized for excellence in Information Privacy & Security, HCA is raising the bar higher by investing in additional talent and leading technologies.
- HCA CISO was named the
in North America in 2009.
100 Best Places to Work in IT
- HCA's IT organization has been named one of the
by Computerworld four years in a row.
America's Most Ethical Companies
- Recognized for the past two years as one of
Join HCA: A team of exceptional professionals with passion for their work driven by the mission of taking care of people, starting with the patients in our hospitals and encompassing the employees who support them. Below position based at our corporate headquarters in one of
- Leadership development is highly valued within organization. As a result of this practice, HCA has successfully equipped individuals who have been selected for CISO level opportunities.
America's Best Places to Live
The Enterprise Security Engineer - Level 3 is responsible for analyzing a broad range of applications, network, and security architectures for the enterprise in order to ensure the security, integrity, and regulatory compliance of critical information transmitted over the network or in storage. A person in this position will be required to understand cloud technologies, encryption technologies, B2B, VPN, firewalls, PHI, PII, PCI, HL-7, pen testing, application & web scanning, hacking methodology, etc… and be able to make control recommendations in order to ensure HIPAA compliance. The engineer will review and negotiate Information Security Agreements on behalf of HCA or its affiliates.
This person will work to integrate user authentication and authorization with the enterprise Active Directory where possible.
This person will be responsible for documentation of engagement SOWs, business requirements, project engagement status, technology requirements, designs, and recommendations made as a resource for Information Security.
Must be able to quickly gain an understanding of the operations performed by other groups within Information Security and identify the potential for long term operational involvement on any implementations resulting from a project.
Serves as an internal information security consultant to the enterprise while balancing the needs of the day-to-day business.
Research and recommend solutions that meet security standards while ensuring functionality for business continuity.
Leads enterprise-wide definition, establishment, and maintenance of data security-related infrastructure, applications, and processes.
Negotiate Information Security Agreements
Negotiate timing and gain approval for pen test of ASPs
Develop security test scenarios for unit, process, function, integration, and acceptance testing.
Design and develop integration schema and linkage for multi-platform business and technological solutions.
Evaluates the security of new technologies and assist with the plan to integrate them into the company environment.
Develop disaster recovery and contingency plans for Information Security projects and participate in DR planning for other projects.
Recommend best practices for security controls without hindering functionality.
Define the minimum security configuration for all IT systems.
Evaluates new and proposed security systems and technologies.
Reviews, develops, test, and implements security plans, products, and control techniques.
Translates security standards to project teams.
Assist with vulnerability and intrusion assessments.
Develops guidelines for the usage, control, maintenance, and audit ability of information and computer resources.
Qualified candidates will have 5-7 years of relevant work experience.
College graduate preferred.
Must be able to work independently or in a close team environment.
Working knowledge of LDAP Directories
Working knowledge of Microsoft Active Directory
Ability to analyze all layers of the OSI model from the security stance
Working knowledge of Linux, AIX, etc…
Prepare and present plans / designs to IT and business leaders
Advocate the integration of solutions into the enterprise directory structure
Familiarity with information security forensics
In depth knowledge of networking technologies and architecture
Excellent problem solving ability
High degree of self motivation
Excellent written and oral skills
Competent using the Microsoft Office suite of products
PHYSICAL DEMANDS/WORKING CONDITIONS
Normal work environment is an office with Windows PCs, various meetings, etc…
Position may require periodic after hours work and moderate travel at times with little notice.
HCA Inc - 19 months ago