Senior Cloud Security Engineer

Shift: Day
Schedule: Full - Time Regular

Ardent Health Services invests in people, technology, facilities  and  communities, producing high-quality care and extraordinary results. Based in Nashville, Tennessee, Ardent’s subsidiaries own and operate 30 hospitals in seven states with more than 25,000 employees including 1,150 employed providers. Ardent facilities exceed national averages in Overall Hospital Quality Star Rating as ranked by the Centers for Medicare & Medicaid Services; 89 percent of its hospitals received a three-star rating or above in comparison with 73 percent of all hospitals ranked. Seven of the company's hospitals were recognized by Modern Healthcare as "Best Places to Work" in 2017 – more than any other system in the country. Ardent's corporate office was named "Top Work Places" for Nashville based companies in 2017 and 2018.

We have an exciting opportunity to join our team as a Senior Cloud Security Engineer.

The Senior Cloud Security Engineer will work under minimum supervision, requires in-depth knowledge of current security practices, regulations, standards, configurations and key technology. This position is responsible for the design, implementation, documentation and operation of the cloud security tools and provides support to the security operations team; the candidate will work closely with other members of the Ardent technology team and key corporate/partner/business units to support the overall mission of the company and its’ strategic business initiatives. This position is responsible and accountable for the technical aspects of the enterprise information security architecture, stability, and resiliency related to network security solutions. The successful candidate strives to enforce security best practices, policies, standards and guidance to ensure the safeguard of proprietary data, physical infrastructure and resources from internal and external threats.

Position Responsibilities:

  • Designs, builds and delivers cloud threat analytics by leveraging cloud log correlation, AI & machine learning engines
  • Must be resourceful, creative, innovative, results driven, and adaptable
  • Solid problem solving and analytical skills
  • Competent designer of mixed-technology solutions
  • Serving as technical advisor and assessing security systems for personal computers, mid-range systems and enterprise networks.
  • Monitor normal activity, transactions and user access levels to ensure compliance and access justification.
  • Monitoring unusual activity and reviewing server security software and related logs for system intrusions.
  • Routinely and proactively test information systems to perform risk or threat assessment and analysis.
  • Assisting with interface interactions with departments, vendors, and extranet partners.
  • Works with other business units, partners and customers to maintain secure methods of data management.
  • Assist in designing secure internal trust domains, web access zones, B2B, B2C, third-party connections and remote access technology.
  • Designing and/or implementing threat detection solutions to include intrusion detection systems, malicious code and program monitoring, unauthorized technology identification, and log activity monitoring.
  • Designing vulnerability detection solutions to include compliance testing, vulnerability scanning (including attack and penetration studies), and business and disaster recovery solutions.
  • Oversee physical security to ensure systems are adequately protected from unauthorized access.
  • Responding to internal security incidents, and interfacing with law enforcement when necessary.
  • Design and lead forensic solutions and processes.

Education:

  • Required - BS/BA degree or equivalent technical training.
  • Security certifications a plus. (Azure Solutions Architect, CISSP, CCSP, CEH, HCISPP, GIAC, CISA)

Job Requirements:

  • Minimum of 5 years hands-on experience designing and implementing security processes and procedures in an enterprise network environment.
  • Minimum of  3+ years of cloud security and IT experience (Azure or AWS preferred)
  • Cloud systems engineering and operational experience in Information Technology
  • Broad-based working knowledge of cloud platforms, identity federation, networking, application, database, infrastructure and/or server administration
  • Understanding of the technical components of a network infrastructure/architecture and their interactions.
    • Knowledge of related third-party software products (firewalls, intrusion detection systems, filtering routers, VPNs, security scanners).
    • Serving as technical security advisor on secure remote access technology design.
    • Serving as technical security advisor on Internet trust domains as well as secures third party connections.
    • Certifying infrastructure, server, and desktop host computing environments.
    • Performing physical security reviews and providing observation/recommendation report

Additional Requirements:

  • Enterprise IT design concepts and strategies
  • Experience designing, configuring, implementing and managing cloud services models such as SaaS, PaaS, and IaaS for system security
  • Familiarity with Information Security frameworks and standards (i.e. CIS, NIST, MITRE, ITIL)
  • Knowledgeable of securing B2B/ B2C data transfer.
  • Experienced in evaluating, architecting, implementing, assessing and/or administering intrusion detection/prevention.
  • Experienced in managing security incidents.
  • Experience in leading forensic investigations.
  • Knowledge of network authentication services and routing protocols.
  • Knowledge of DNS, DHCP, WINS, HSRP and secure virtual private networking
  • Knowledge of common networking protocols and services and their relevant security issues (TCP/IP, IPX/SPX, DNS, SNMP, etc.).

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.