Security Engineer

Do you want to join an organization that invests in you as a(an) Security Engineer? At HCA Healthcare, you come first. HCA Healthcare has committed up to $300 million in programs to support our incredible team members over the course of three years. Job Summary and Qualifications The IPS Field Security Engineer will support Division and Facility Network/System Engineers and Administrators by analyzing a wide range of applications, network configurations, and security architectures to ensure the security, integrity, and regulatory compliance of critical information transmitted or stored within the enterprise. Their role is to facilitate the discovery of information and IT-related risks, apply critical thinking to assumptions and develop the right security position/priorities that: first, attain compliance; second, address the material risks to the company while allowing the business to attain its objectives. This position blends cybersecurity engineering with system infrastructure expertise to support risk management, threat mitigation, infrastructure reliability, and compliance with IT and security standards. The IPS Field Security Engineer will work across multiple domains of information security (i.e. Security and Risk Management, Asset Security, Security Architecture and Engineering, Network Security, Identity and Access Management, Security Assessment and Testing, and Security Operations), providing consultation, assessments, and security/technical guidance to business units and IT teams. Major Responsibilities: Risk Management and Security Consulting u2022 Serves as an internal information security consultant to the enterprise while balancing the needs of the business. u2022 Research and recommend solutions that meet security standards while ensuring functionality for business continuity. u2022 Drive and manage execution of corrective actions to address deficiencies identified during risk assessments. u2022 Drive targeted security risk reduction within IT u2022 Augment IT resources by prioritizing, coordinating, and performing security Division and Facility hygiene activities. u2022 Support implementation & configuration of security controls. u2022 Translate security standards and regulatory requirements into actionable technical and business requirements. u2022 Lead and support the IPS program by assessing new applications and technologies and ensuring they are implemented in accordance with company standards u2022 Partner with appropriate stakeholders on vulnerability remediation u2022 Engage in Architecture Review Committee discussions to identify and address Third Party solution variance from company standards u2022 Support, coordinate, and manage incident response and investigation activities u2022 Evaluate and recommend security solutions that balance risk mitigation with business functionality u2022 Drive ongoing compliance with IPS policies, standards, and operational procedures u2022 Serve as an internal security consultant across business units to provide technical security consultation on appropriate controls that balance business and security requirements. u2022 Provide hands-on support for corporate-driven security efforts u2022 Manage operational processes that monitor and respond to potential security threats Security Engineering & Architecture u2022 Evaluate new and proposed security technologies and assist in their integration u2022 Identify appropriate security controls as part of the field intake process and ensure security controls are implemented and configured. u2022 Assist in the design and implementation of secure network, application, and system architectures u2022 Educate ITG colleagues on security policies and standards to help ensure compliance. u2022 Partner with IT colleagues to assure ongoing maturity of IT operational security controls. u2022 Participate in the development and testing of disaster recovery and contingency plans Security Operations and Threat Management u2022 Partner with corporate and local departments as required to facilitate rapid response to cybersecurity events and determine appropriate technical mitigations as necessary. u2022 Maintain awareness of emerging threats, vulnerabilities, and mitigation techniques. u2022 Coordinate Cyber Defense Center (CDC), MSSP, and Cyber Problem Effort and Resiliency (CPER) response efforts and report on progress u2022 Augment IT response capabilities by providing hands-on technical support and remediation u2022 Partner with IPS Facility Security Analyst and DISA to oversee processes for review and approval of security exception requests. Vendor Systems Security u2022 Partner with appropriate business and IT leadership to help ensure systems, services, and devices receive appropriate assessments and remediation as part of local on-boarding processes. u2022 Partner with business and IT leadership to ensure proper controls are in place for existing vendor-maintained solutions. u2022 Work with vendors to remediate security vulnerabilities in response to security events u2022 Performs other duties as assigned u2022 Practices and adheres to the u201cCode of Conductu201d philosophy and u201cMission and Value Statement.u201d Education & Experience: u2022 Bachelor's degree and 3+ years of experience in a relevant field -Required u2022 High School Graduate/Equivalent and 3+ yearsu2019 experience in related field -Required u2022 Master's degree -Preferred u2022 3+ years of experience in security risk management, information security domains, and/or hospital operations. Preferred Licenses, Certifications, & Training: u2022 CISSP, CISA, CISM, CCNA, or other relevant certifications in network administration, information security or cyber risk management -Preferred Knowledge, Skills, Abilities, Behaviors: u2022 Knowledge of supported operating systems (Windows server and VMware ESX), utilities, vendor products, applicable programming languages and scripting, diagnostic techniques, applicable communications protocols, applicable hardware configurations Required u2022 Must have 1+ years of experience in deploying technically complex infrastructure computing solutions across platforms and components. Required u2022 Knowledge of virtual technology, such as, Citrix, VMWare ESX, IBM LPARs, VIO servers, and micro partitions. Required u2022 Knowledge of OS environment running one or more databases including SQL, Oracle, DB2. Required u2022 Experience in one or more of the following: NetBackup, Data Domain, or CommVault Required u2022 Applicable communication protocols and hardware configurations Required u2022 Statistical and analytical tools for systems monitoring Required u2022 Working knowledge of information security concepts, including risk management, engineering, networking, and cloud. Required u2022 Understanding of cloud fundamentals and concepts, as well as experience with a popular cloud provider, like Microsoft, Google, or Amazon. Required u2022 Excellent written and oral skills Required u2022Demonstrates a high degree of initiative, dependability, and the ability to work with minimal supervision. Required u2022 Possesses a sense of responsibility and accountability u2013 one who takes ownership and initiative. Required u2022 Creative thinker, always looking for a u201cbetter wayu201d to deliver value; not stopped or discouraged by adversity. Required u2022 Maintains professional demeanor, appearance, and positive attitude. Required u2022 Adaptable and flexible, with the ability to handle ambiguity and sometimes changing priorities. Required The job may require up to 50% travel. (Mostly within the Division) Benefits HCA Healthcare, offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include: Comprehensive benefits for medical, prescription drug, dental, vision, behavioral health and telemedicine services Wellbeing support, including free counseling and referral services Time away from work programs for paid time off, paid family leave, long- and short-term disability coverage and leaves of absence Savings and retirement resources, including a 401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service), Employee Stock Purchase Plan, flexible spending accounts, preferred banking partnerships, retirement readiness tools, rollover support and financial wellbeing counseling Education support through tuition assistance, student loan assistance, certification support, dependent scholarships and a partnership with Galen College of Nursing Additional benefits for fertility and family building, adoption assistance, life insurance, supplemental health protection plans, auto and home insurance, legal counseling, identity theft protection and consumer discounts Learn more about Employee Benefits Note: Eligibility for benefits may vary by location. ITGtransforms healthcare and gives peoplehealthier tomorrows. We deliver information technology strategy, support, and solutions. ITG improve and enhance patient care and business operations. We deliver services at administrative locations, data centers, and hospitals. The facilities we support are located in 20+ states and the United Kingdom. Our team works tomove healthcare forward. We do this by seeking, embracing, developing, and delivering technology for patient care. HCA Healthcare has been recognized as one of the World's Most Ethical Companiesu00ae by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses.

Created: 2026-03-09