Security Engineer

Do you want to join an organization that invests in you as a(an) Security Engineer? At HCA Healthcare, you come first. HCA Healthcare has committed up to $300 million in programs to support our incredible team members over the course of three years.

The IPS Field Security Engineer will support Division and Facility Network/System Engineers and Administrators by analyzing a wide range of applications, network configurations, and security architectures to ensure the security, integrity, and regulatory compliance of critical information transmitted or stored within the enterprise. Their role is to facilitate the discovery of information and IT-related risks, apply critical thinking to assumptions and develop the right security position/priorities that: first, attain compliance;

second, address the material risks to the company while allowing the business to attain its objectives. This position blends cybersecurity engineering with system infrastructure expertise to support risk management, threat mitigation, infrastructure reliability, and compliance with IT and security standards.

The IPS Field Security Engineer will work across multiple domains of information security (i.e. Security and Risk Management, Asset Security, Security Architecture and Engineering, Network Security, Identity and Access Management, Security Assessment and Testing, and Security Operations), providing consultation, assessments, and security/technical guidance to business units and IT teams.

• Serves as an internal information security consultant to the enterprise while balancing the needs of the business.
• Research and recommend solutions that meet security standards while ensuring functionality for business continuity.
• Drive and manage execution of corrective actions to address deficiencies identified during risk assessments.
• Drive targeted security risk reduction within IT.
• Augment IT resources by prioritizing, coordinating, and performing security Division and Facility hygiene activities.
• Support implementation & configuration of security controls.
• Translate security standards and regulatory requirements into actionable technical and business requirements.
• Lead and support the IPS program by assessing new applications and technologies and ensuring they are implemented in accordance with company standards.
• Partner with appropriate stakeholders on vulnerability remediation.
• Engage in Architecture Review Committee discussions to identify and address Third Party solution variance from company standards.
• Support, coordinate, and manage incident response and investigation activities.
• Evaluate and recommend security solutions that balance risk mitigation with business functionality.
• Drive ongoing compliance with IPS policies, standards, and operational procedures.
• Serve as an internal security consultant across business units to provide technical security consultation on appropriate controls that balance business and security requirements.
• Provide hands‑on support for corporate‑driven security efforts.
• Manage operational processes that monitor and respond to potential security threats.

• Evaluate new and proposed security technologies and assist in their integration.
• Identify appropriate security controls as part of the field intake process and ensure security controls are implemented and configured.
• Assist in the design and implementation of secure network, application, and system architectures.
• Educate ITG colleagues on security policies and standards to help ensure compliance.
• Partner with IT colleagues to assure ongoing maturity of IT operational security controls.
• Participate in the development and testing of disaster recovery and contingency plans.

• Partner with corporate and local departments as required to facilitate rapid response to cybersecurity events and determine appropriate technical mitigations as necessary.
• Maintain awareness of emerging threats, vulnerabilities, and mitigation techniques.
• Coordinate Cyber Defense Center (CDC), MSSP, and Cyber Problem Effort and…