Job Id : 908
Jobtitle : Information Security Analyst I (Risk Management)
Location : King of Prussia, PA
Company Name : UHS Corporate Office
Industry : Information Technology
Salary : $50,000 - $70,000 PER YEAR
Job type : Fulltime
Posted on: 2019-07-01
Required Skills : Management
Benefits : No benefits are available
Our operating philosophy is as effective today as it was 40 years ago: Build or acquire high quality hospitals in rapidly growing markets, invest in the people and equipment needed to allow each facility to thrive, and become the leading healthcare provider in each community we serve.
Headquartered in King of Prussia, PA, UHS has more than 83,000 employees and through its subsidiaries operates more than 320 acute care hospitals, behavioral health facilities and ambulatory centers in the United States, Puerto Rico and the United Kingdom.
The Corporate IS Department is seeking a dynamic and talented Information Security Analyst I.
The Information Security Analyst I (Risk Management) participates in the identification, implementation, maintenance, and support of technologies designed to protect the confidentiality, integrity and/or availability of UHS vendor information systems. Works with technical and non-technical staff to ensure that all UHS vendors and contractors are effectively and efficiently providing the intended security controls consistent with established UHS policies and procedures. Where appropriate, assists technical staff in UHS affiliated locations to deploy, manage and support selected technologies. Oversees the technical aspects of tasks assigned to less experienced staff or contractors on projects, systems or applications.
Key Responsibilities include:
Maintains selected information security technologies within guidelines of policies and in keeping with good project management principles. Monitors the resolution of maintenance or enhancement issues assigned by the UHS Customer Support Center.
Periodically reviews deployed security technologies to insure that the solutions continue to provide the intended protections efficiently and effectively.
Identifies gaps in protection, and recommends solutions to remediate or mitigate the risks associated with the protection gaps.
Performs evaluation of Third Party engagements to identify and manage vendor risk, which includes: supporting the development and maintenance of a master vendor list, and ensuring that proper security controls are in place including, security audits, vulnerability assessments, appropriate user account practices, and security documentation (e.g., BAA, User Access forms, etc.).
Works will other Technical Security personnel to review and interpret vendor due diligence materials, including audit reports and security risk assessment questionnaires. Involve appropriate subject matter expertise as required to resolve vulnerabilities identified.
Works with the Corporate Vulnerability Management team to conduct vulnerability assessments on remote hosted applications, as needed.
Work with staff at all levels in the organization, vendors and contractors to insure protections are effective, efficient and non-disruptive to the appropriate duties, rights and mission of the individuals and the organization(s).
1-3 years of experience working with vendors and third party service providers required.
Bachelor’s degree in Information Security or a related field.
Excellent communication, interpersonal and project management skills
Proficient PC skills, specifically with business-oriented applications such as Word, Excel and PowerPoint.
Knowledge of security control practices, procedures and principles
Familiarity with risk assessment and risk management concepts or processes.
Working knowledge of various regulatory security requirements – particularly Sarbanes-Oxley (SOX), HIPAA, and HITECH.
Ability to prioritize multiple tasks and be details oriented.
An information security certification is a plus -- to demonstrate proficiency and knowledge of information security best practices and concepts.
Relevant industry certifications, such as Security+, GSEC, ISC2, ISACA, etc.
Experience or training in any of the following: cloud services, regulatory compliance, and use of GRC platforms,
Travel Requirements: Travel connected with projects for field locations will be necessary, <5%
This opportunity provides the following:
Challenging and rewarding work environment
Growth and development opportunities within UHS and its subsidiaries
Excellent Medical, Dental, Vision and Prescription Drug Plan
401k plan with company match
Generous Paid Time Off
Pddn inc San Francisco, CA
Job Description : Responsible for providing Cybersecurity Architecture and ...
The Accuro Group Raleigh, NC
Job Description: Seeking a hands-on senior Network Engineer who is not only capable of ...
Archon Resources Oklahoma City, OK
Job Description : Review and analyze product design documentation and ...
Cyma Systems Inc Washington, DC
Job Description: The Software Developer will work as part of an agile development ...
Synaptein Solutions Inc Richmond, VA
Job Description : Senior Oracle PL/SQL Developer, who will be working with the ...
We’re an equal opportunity provider.
All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
OPTnation.com is not a Consulting Company/Training Company/H1B Sponsor.