Manager Enterprise Vulnerability Assurance

Description

Introduction

Are you passionate about the patient experience? At HCA Healthcare, we are committed to caring for patients with purpose and integrity. We care like family! Jump-start your career as a(an) Enterprise Vulnerability Assurance Manager today with HCA Healthcare.

Benefits

HCA Healthcare, offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include:

• Comprehensive medical coverage that covers many common services at no cost or for a low copay. Plans include prescription drug and behavioral health coverage as well as free telemedicine services and free AirMed medical transportation.
• Additional options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness, hospital indemnity), auto and home insurance, identity theft protection, legal counseling, long-term care coverage, moving assistance, pet insurance and more.
• Free counseling services and resources for emotional, physical and financial wellbeing
  
• 401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service)
  
• Employee Stock Purchase Plan with 10% off HCA Healthcare stock
  
• Family support through fertility and family building benefits with Progyny and adoption assistance.
  
• Referral services for child, elder and pet care, home and auto repair, event planning and more
  
• Consumer discounts through Abenity and Consumer Discounts
  
• Retirement readiness, rollover assistance services and preferred banking partnerships
  
• Education assistance (tuition, student loan, certification support, dependent scholarships)
  
• Colleague recognition program
  
• Time Away From Work Program (paid time off, paid family leave, long- and short-term disability coverage and leaves of absence)
  
• Employee Health Assistance Fund that offers free employee-only coverage to full-time and part-time colleagues based on income.
  

Learn more about Employee Benefits

Note: Eligibility for benefits may vary by location.

Come join our team as a(an) Enterprise Vulnerability Assurance Manager. We care for our community! Just last year, HCA Healthcare and our colleagues donated $13.8 million dollars to charitable organizations. Apply Today!

Job Summary 

This position is a management-level security position responsible for Enterprise Vulnerability Assurance. The Enterprise Vulnerability Assurance manager oversees a team of personnel focused on assessing, classifying, and prioritizing security vulnerabilities in vendor systems, applications, databases, devices, and IT infrastructure supporting the organization. Leverages industry security requirements as well as internal policies and standards to assess operations of security controls across the company. This position is also responsible for supporting ongoing evaluation, monitoring, and reporting of security vulnerabilities across the organization and supports tracking and validation of remediation. Applies information security concepts, knowledge, and skills to technology products to support a comprehensive information protection program. 

General Responsibilities 

• Leverage asset inventories of vendor systems, applications, databases, and infrastructure to systematically assess IT security risks in support of regulatory compliance requirements. 
• Organize resources to perform vulnerability assessments of operating systems, devices, applications, databases and network infrastructure components to detect, enumerate and classify major vulnerabilities for performing trend analysis and reporting to Enterprise stakeholders through the use of vulnerability assessment tools and methodologies. 
• Oversee solutions to track and measure security issues and ensure compliance with security standards as well as regulatory and audit issues. Develop reports and dashboards for executives, process owners, and/or stakeholders. 
• Oversee the development and regular reporting to applicable constituencies (e.g., executive management, corporate and facility leadership, and governance committees). 
• Responsible for vulnerability classification program using industry publications, attack vector analysis, and external intelligence. 
• Provide direction on activities related to the analysis of data collected during security reviews and assessment of vendor systems, applications, databases, and IT infrastructure in order to determine current state of security risk across the company. 
• Coordinate resources for auditing of applications, operating systems, and networks to provide a measurable technical assessment that includes performing security vulnerability scans or assessing controls to ensure availability, confidentiality and integrity to help the organization meet internal and external regulatory compliance. 
• Responsible for tracking and validation of remediated vulnerabilities using vulnerability assessment tools and methodologies. 
• Provide guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios, e.g. large-scale production service outages, outside of the routine change management process. 
• Manage staff and conduct regular performance reviews. 

Education and Experience: 

• High School Graduate/ Equivalent Required 
• Bachelors Degree in related field Preferred 
• 7+ years of related work experience 
• 3+ years of management experience 

Other Qualifications: 

Certifications: 

• CISSP preferred 
• Related certifications also preferred
• • GSEC GIAC Security Essentials Certification 
  • CISA Certified Information Systems Auditor 
  • HCISPP Healthcare Information Security and Privacy Practitioner 

Required areas of experience: 

• Security Technologies / Methodologies 
• IT Risk Management 
• Information Security Metrics and Reporting 

Knowledge and Experience in the following: 

• Knowledge of the COSO and COBIT methodologies 
• Knowledge of ISO17799, HIPAA, and Sarbanes-Oxley 
• Knowledge of HITECH Act regulations 
• Knowledge of PCI-DSS requirements 
• Knowledge of SAS 70 and\or SSAE standards 
• Experience with IT risk, regulatory, or compliance responsibilities 
• Possession of excellent analytical and interpersonal skills 
• Possession of excellent oral and written communication skills 

Additional Information: 

• Occasional travel may be required 
• Candidate must be living in or willing to relocate to the Greater Nashville, TN Area 

HCA Healthcare has been recognized as one of the World's Most Ethical Companies® by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses.

"The great hospitals will always put the patient and the patient's family first, and the really great institutions will provide care with warmth, compassion, and dignity for the individual."- Dr. Thomas Frist, Sr.
HCA Healthcare Co-Founder

If you are looking for an opportunity that provides satisfaction and personal growth, we encourage you to apply for our Enterprise Vulnerability Assurance Manager opening. We promptly review all applications. Highly qualified candidates will be contacted for interviews. Unlock the possibilities and apply today!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Apply