Senior Security Threat Engineer

Do you have the career opportunities as a(an) Senior Security Threat Engineer you want with your current employer? We have an exciting opportunity for you to join HCA Healthcare which is part of the nation's leading provider of healthcare services, HCA Healthcare.

Job Summary

You will be a Cyber Defender - serving as the last line of defense between HCA and the threat actors that wish to bring harm to HCA and the patients we serve. You will use state of the art technologies to respond to threats on our network and eradicate them as a member of our Critical Threat Services (CTS) team. As a member of CTS, you will operate along with a small team of like-minded individuals with a passion for cyber security operations.


The Senior Threat Engineer will provide Tier 2, and Tier 3 analysis to cyber security threats and potential incidents. In addition to serving as a Subject Matter Expert on all routine cyber threats, the Senior Threat Response Engineer will be capable of independently leading Major Incident Response teams composed of resources from across the enterprise throughout the cyber incident response process.


Successful candidates will have a passion for cybersecurity and be naturally curious and self-motivated to investigate and discover root cause of events while working in a fast-paced and sometimes stressful environment. Good teamwork and communication skills are also vital. Our team operates as a close-knit group serving a noble purpose - to win the fight against evil every day.


Note: This position requires rotating on-call coverage/availability for after-hours and holidays as needed.


Major Responsibilities

• Major Incident Response - serve as the lead cyber resource in Major Incident response to execute the IR process and advise the business.
• Provide guidance to field resources on how to properly remediate a threat.
• Work closely with other Cyber Defense Center (CDC) team members to improve tools, techniques, and procedures for CDC operation.
• Continuously improve documentation of work products and processes.
• Participate in red/blue team exercises.
• Routinely collaborate with individuals and teams from across the enterprise. Serve as a Subject Matter Expert in all domains related to the CDC

Education & Experience:

• Bachelor's degree Preferred
• 5+ years of experience in a relevant field Required •Experience as a member of a Cyber Incident Response Team (CIRT) or comparable
• Experience executing an Incident Response plan, preferably based on recognized industry standards (e.g. - NIST, SANS, etc)
• Experience in Windows Artifact Analysis and Forensic Analysis (e.g. - Program Execution, File/Folder opening, Account Usage, pulling memory, following proper evidence handling procedures, etc) using industry standard tools and available logs (e.g. - Endpoint Detection and Response (EDR) tools such as Microsoft Defender Endpoint).
• Experience in Memory Analysis using tools such as Volatility
• Experience in network forensic analysis to determine validity of detected events using available network logs collected via SEIM.
• Experience with an event/information analysis framework such as Analysis of Competing Hypotheses (ACH).
• Experience in performing security analysis or reporting utilizing Security Incident and Event Management (SIEM) Technologies.
• Experience with document management and sustaining Security Operations Center (SOC) policies and run book procedures for incident response.
• Experience with documenting root cause analysis and lessons learned.
• Experience consuming and generating cybersecurity threat intelligence.
• Experience across the technology stack. Familiarity with all OSI layers and expertise in some.
• Experiencing using the following types of security tools:
• SIEM oFirewalls
• Web Proxy
• Anti-Virus (AV)
• Next Gen Anti-Virus (NGAV)
• Endpoint Detection and Response (EDR)
• Sandboxing oVirtual Machines
• Netflow analysis
• Malware Repositories
• Threat Intelligence
• Deception Stack
• Intrusion Detection/Prevention System (IDS/IPS)
• Security Orchestration Automation Response (SOAR)
• Phishing Triage oUser Behavior Analytics (UBA)
• Email Hygiene and Filtering
• Experience interfacing with peer support teams (Security Engineering, Vulnerability and Patching Teams, Networking, Access Management, Legal, Risk/Governance, etc.)
• Experience working in a high-tempo, dynamic environment with a high performance team.
• Experience with work ticketing systems (e.g. - ServiceNow, JIRA)
• Experience with Threat Modeling and Kill Chain analysis

Other Qualifications

• The successful candidate will possess the following aptitudes and skillsets:
• Leadership ability to independently lead and direct Major Incident Response efforts as well as projects.
• Excellent critical thinking skills to understand available data and use it to support or refute potential hypothesis that explain the data. Use available data to develop and communicate conclusions and recommendations.
• An ability to work and thrive in stressful situations. A demeanor that conveys calm professionalism in stressful situations.
• An ability to maintain confidentiality of sensitive data and to follow proper ethical practices for using tools and accessing data.
• A strong desire to determine root cause of events. A willingness to fully investigate all alternatives exhaustively until a conclusion can be supported.
• Ability to self-prioritize tasks based on criticality and threat level.

The following certifications and courses are helpful, but, not required:

• GIAC: GSEC, GCIH, GCFA, GCIA, GCED, GMON, GCDA, GDAT or comparable

Additional Information

• Must live in or near the Greater Area of Nashville, TN

Benefits

HCA Healthcare, offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include:

• Comprehensive benefits for medical, prescription drug, dental, vision, behavioral health and telemedicine services
• Wellbeing support, including free counseling and referral services
• Time away from work programs for paid time off, paid family leave, long- and short-term disability coverage and leaves of absence
• Savings and retirement resources , including a 401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service), Employee Stock Purchase Plan, flexible spending accounts, preferred banking partnerships, retirement readiness tools, rollover support and financial wellbeing counseling
• Education support through tuition assistance, student loan assistance, certification support, dependent scholarships and a partnership with Galen College of Nursing
• Additional benefits for fertility and family building, adoption assistance, life insurance, supplemental health protection plans, auto and home insurance, legal counseling, identity theft protection and consumer discounts

Learn more about Employee Benefits

Note: Eligibility for benefits may vary by location.

HCA Healthcare has been recognized as one of the World's Most Ethical Companies® by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses.

"Bricks and mortar do not make a hospital. People do."- Dr. Thomas Frist, Sr.
HCA Healthcare Co-Founder
If you are looking for an opportunity that provides satisfaction and personal growth, we encourage you to apply for our Senior Security Threat Engineer opening. We promptly review all applications. Highly qualified candidates will be contacted for interviews. Unlock the possibilities and apply today!

We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.