Information Technology JOB SUMMARY:
The Threat Engineer implements and monitoring in depth threat and vulnerability management solutions for HCA. A Threat Engineer strives to enforce security best practices, policies, standards and guidance to ensure the safeguard of HCA’s proprietary data, physical infrastructure and resources from internal and external threats. The Threat Engineer is required to maintain an extensive understanding of services provided by HCA, IT&S and to develop relationships throughout the organization to assist Information Security in accomplishing its goals for the company. GENERAL RESPONSIBILITIES
• Coordinate vulnerability assessments of operating systems, applications, databases and network infrastructure components to detect, enumerate and classify major vulnerabilities for performing trend analysis and reporting to Enterprise customers through the use of vulnerability assessment tools and methodologies.
• Investigate intrusion detection events by monitoring, analyzing and reporting on all network and application communication specific protocols for unwanted manipulation to systems, malicious network traffic, network attacks against vulnerable services, data driven attacks on applications, host based attacks or unauthorized access to sensitive data.
• Implement security operations management of operating systems, security applications and network infrastructure components to provide security configurations, controls for user account access, monitoring of services, centralized logging, network connectivity, job scheduling execution and routine maintenance through the use of administrative tools and methodologies.
• Lead enterprise incident handling with the Security Incident Response Team (SIRT) by detecting, analyzing and performing remediation on attacks that deny the use of authorized applications, networks or systems, malicious entities that infect single or multiple hosts, unauthorized access without permission to application, data, networks, systems or other resources, inappropriate usage that violates acceptable use policies or multiple components that encompasses two or more incidents by assisting constituents that consist of enterprise legal staff, litigation or Ethics and Compliance.
• Demonstrate malicious code as it pertains to the SIRT by identifying worms, viruses or attackers that attempt to breach systems by operating through proxies, anonymous dial-up accounts, wireless connections or illegal network access, monitoring preventive measures such as firewalls that provide real-time filtering and blocking from the network stack to the application layer or third party anti-virus applications and performing remediation through security event log analysis to detect anomalies and violations.
• Review the results from auditing of applications, operating systems and networks to provide a measurable technical assessment that includes interviewing staff personnel, performing security vulnerability scans, reviewing access controls or analyzing physical access to ensure availability, confidentiality and integrity to help the organization meet internal and external regulatory compliance.
• Execute social engineering to obtain confidential information by manipulation of legitimate users through the use of telephone conversations, face to face manipulation, or phishing attacks in order to educate users on security policies and procedures.
• Perform testing and organize the results from the attack and penetration testing performed on the HCA enterprise as information gathering, vulnerability detection, analysis and exploitation planning, and results reporting to remediate exploits and ensure confidentiality, integrity and availability of mission critical information assets.
• Demonstrate advanced security knowledge and experience on technologies and methodologies as it relates to operating systems, firewalls, proxies, access controls, encryption, networking, programming/scripting, auditing, vulnerability assessments, intrusion management and operations management to assist the Threat and Vulnerability Management team with effective research, data gathering, analysis, metrics reporting and communications.
• Provide guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios, e.g. large-scale production service outages, outside of the routine change management process. EXPERIENCE:
3-5 years of relevant prior experience is needed
for this position. EDUCATION:
College Graduate preferred.