HCA, Hospital Corporation of America Manager of of Cyber Threat Science in Nashville, Tennessee


At its founding in 1968, Nashville-based HCA was one of the nation's first hospital companies. Today, we are the nation's leading provider of healthcare services; a company comprised of locally-managed facilities that includes about 162 hospitals and 113 freestanding surgery centers in 20 states and England and employing approximately 199,000 people. Approximately four to five percent of all inpatient care delivered in the country today is provided by HCA facilities. HCA is committed to the care and improvement of human life and strives to deliver high quality, cost effective healthcare in the communities we serve. Building on the foundation provided by our Mission & Values, HCA puts patients first and works to constantly improve the care we give them by implementing measures that support our caregivers, help ensure patient safety and provide the highest possible quality.

Additional Facts: • Fortune 100 company:http://hcahealthcare.com/news/press-kit.dot

• Competitive Fortune 100, industry matched salaries and yearly merit increase

• ComputerWorld Top 50 Best Places to Work in IT (8 years consecutive)

• Ethisphere World’s Most Ethical Company (6 years consecutive)

• Forbes “Nashville is Nowville...and has been for a while”: http://www.forbes.com/sites/pauljankowski/2013/01/23/nashville-is-nowville-and-has-been-for-a-while/#7cb50b482462

• Forbes “Nashville Top 3 Boom Town”

• Kiplinger #4 Most Affordable Big Cities in the US


The CyberSecurity team is part of the overall Information Protection and Security department and is responsible for protecting HCA’s network from cyber intrusions that may impeded HCA’s mission toward providing care and improvement of human life and delivering high quality, cost-effective healthcare. The team has two areas. The Cyber Defense Center Responders (“SOC”) who perform monitoring and Incident Response. The other team within CyberSecurity is the Cyber Threat Science team that support the capabilities for the CDC.

This role will be a technical manager for the Cyber Threat Science Team within CyberSecurity. This team has the responsibility of applying complex science methodologies to an evolving cyber threat for supporting the Cyber Defense Center(“SOC”) in accomplishing its mission toward monitoring and prudent eradication of cyber threats on the HCA network.

/Additional Facts:/

• Department with industry leading security technologies and high tech “SOC” center • Partial work from home options • Information Security department on average has a tenure of 8 years to complement its positive employee satisfaction results • Working for a “noble cause” in the demanding world of healthcare cybersecurity, your work protects lives • Career development – 13 members from Information Protection and Security have been hired as CISOs at other companies in the past seven years.


The Manager of Cyber Threat Science leads HCA’s enterprise-wide cybersecurity monitoring, threat intelligence, and incident response programs. This role oversees a team of security engineers conducting ongoing threat modeling and analytics, threat analysis, escalation, and remediation to protect critical infrastructure. This role drives the enforcement of information security best practices, policies, standards, and guidance to ensure the safeguard of HCA’s proprietary data, assets, and resources from internal and external threats. The Manager of Cyber Threat Science is required to maintain a comprehensive understanding of services provided by the company and develop relationships throughout the organization to assist in the accomplishing of Information Protection and Security goals for the company.


• Advanced experience in a Splunk SDLC development environment or large data SIEM • Comprehensive experience in project execution or management • Character and leadership experience for managing diverse, high performance teams • Advanced experience in forensics and e-discovery processes • Advanced experience with Critical Incident Response and War Game exercises • Comprehensive knowledge of malicious code (ransomware, worms, viruses, spyware, etc.) • Advanced experience with Threat Modeling and Kill-Chain exercises • Advanced experience coordinating red/blue (i.e. purple, adversary sim) team exercises • Advanced experience in Threat Intelligence Platforms and STIX/TAXII • Comprehensive understanding of Splunk capabilities or event and log correlation • Comprehensive knowledge in automation and scripting of applications and systems • Comprehensive understanding of Security Methodologies • Advanced experience with TCPIP/UDP/ICMP • Comprehensive knowledge of the OSI Reference Model • Windows / Linux / Unix operating systems • Advanced experience with Networking components (routers, switches, load balancers, wireless access points, etc.) • Comprehensive knowledge of firewalls, proxies, mail servers and web servers • Advanced experience with operational support for operating systems, applications and networks • Comprehensive knowledge of client/server relationships • Comprehensive knowledge of relational databases and structured query language • Advanced experience with intrusion management and its components • Comprehensive experience with Virtual Private Networking • Comprehensive knowledge of multi-tier environments • Comprehensive understanding of packet inspection / sniffers • Comprehensive understanding in anomaly detection (signature / behavioral) • Comprehensive understanding in automated malware analysis(sandboxing) • Comprehensive understanding of security endpoint technologies (EDR, EPP) • Occasional travel maybe be required. Mainly from training and conferences.


College graduate preferred.


7 years of experience is needed for a successful candidate.

Title: Manager of of Cyber Threat Science

Location: Tennessee-Nashville-Corporate Main Campus

Requisition ID: 10207-19462