HCA, Hospital Corporation of America Senior Security Analytics Splunk Engineer in Nashville, Tennessee
At its founding in 1968, Nashville-based HCA was one of the nation's first hospital companies. Today, one of the nation's leading providers of healthcare services, HCA is comprised of locally-managed facilities that include more than 250 hospitals and freestanding surgery centers in 20 states and the United Kingdom, employing approximately 230,000 people. Approximately four to five percent of all inpatient care delivered in the country today is provided by HCA facilities resulting in more than 26M patient encounters each year. HCA is committed to the care and improvement of human life and strives to deliver high quality, cost effective healthcare in the communities we serve. Building on the foundation provided by our Mission & Values, HCA puts patients first and works to constantly improve the care we provide by implementing measures that support our caregivers, help ensure patient safety and provide the highest possible quality.
• Ranked 63 in Fortune 500 • Competitive Fortune 100, industry matched salaries and yearly merit increase • Computerworld Top 50 Best Places to Work in IT since 2009 • Named one of the “World’s Most Ethical Companies” since 2010 • 106 HCA hospitals are on The Joint Commission’s list of top performers on key quality measures.
The CyberSecurity team is part of the overall Information Protection and Security department and is responsible for protecting HCA’s network from cyber intrusions that may impeded HCA’s mission toward providing care and improvement of human life and delivering high quality, cost-effective healthcare. The team has two areas. The Cyber Defense Center Responders (“SOC”) who perform monitoring and Incident Response. The other team within CyberSecurity is the Cyber Threat Science team that support the capabilities for the CDC.
This role will support the Cyber Threat Science Team within CyberSecurity. The Cyber Threat Science team has the responsibility of applying complex science methodologies to an evolving cyber threat for supporting the Cyber Defense Center(“SOC”) in accomplishing its mission toward monitoring and prudent eradication of cyber threats on the HCA network.
Additional Facts: • Department with industry leading security technologies and high tech “SOC” center • Partial work from home options • Information Security department on average has a tenure of 8 years to complement its positive employee satisfaction results • Working for a “noble cause” in the demanding world of healthcare cybersecurity, your work protects lives • Career development – 13 members from Information Protection and Security have been hired as CISOs at other companies in the past seven years.
The Senior Security Analytics Engineer is a part of the Cyber Analytics team within the Cyber Threat Science Team which is part of CyberSecurity. This technically focused position with the Cyber Analytics team is responsible for performing analytics on the expansive amount of security data that is centrally stored in Cybersecurity’s SIEM(i.e. Splunk) and exposing cyber events of mal-intent that will need investigation by the Cyber Defense Center(CDC).
The Senior Security Analytics Engineer will collaborate with the Cyber Defense Center Incident Responders, Threat Hunter and Intelligence Engineers, Threat Tools Engineers and department leadership.
The Senior Security Analytics Engineer will be programmatically sifting through multiple terabytes that are processed each a day and finding interesting events in the triple digits that need high fidelity for identifying a cyber threat incident on the network which the CDC will provide response. They will be using analytical methodologies of thresholding, statistical heuristics, behavior analytics and machine learning to identify the cyber threat incidents within large amounts of data.
The Senior Security Analytics Engineer can also participate in threat team hunting exercises toward making a hypothesis from collaborative threat modeling and querying large data sets that will proactively expose compromised systems on the network from live cyber-attacks. The query profiles will be used to further threat data model new detections that will go to the CDC for response.
5 years of experience is needed for a successful applicant.
• 5 years of professional experience • Bachelor Degree; In lieu of Degree, five years of experience in school, internships, and/or additional experience.
/• Nice to have Academics or Education:/
o Galvanize, Udacity Data Analyst, or DataCamp Courses o Machine Learning o Neural Networking o Artificial Intelligence o Data Mining o Data Modeling or Structures o Algorithm Analysis o Big Data o Statistics or Advanced Mathematics o Programming/Scripting o CyberSecurity or Information Assurance and Security
/• Nice to have Certifications:/
// o Splunk Certified Power User o Splunk Certified Admin o Splunk Certified Architect • Nice to have Extracurricular activities or Hobbies: o Art or Music o Robotics o Home setup for research (to answer a question, expand thought or self-development) o Community, family, or wellness activities
Job: *Information Technology
Title: Senior Security Analytics Splunk Engineer
Location: Tennessee-Nashville-Corporate Main Campus
Requisition ID: 10207-24465