JOIN UHA’S TEAM
We focus on your health and pay 100% for your family's medical insurance and provide 20 days of paid personal time off during your first year
Data Security Analyst
Department: Information Services
FLSA Status: Full time, Exempt
Position Summary
Under general guidance from the Chief Information Officer (CIO), the incumbent is responsible to work with the Sr. Data Security Analyst to complete projects to improve and evolve UHA's cyber security program and ensure security tasks are completed. Assist to ensure that key security functions in all phases of the NIST Cybersecurity Framework are in place and operating effectively. The incumbent will have the opportunity to learn UHA's business functions, then work in cross functional teams to implement security solutions and programs to accomplish UHA's business operational goals.
Essential Duties & Responsibilities
- Understand UHA’s business functions to implement and maintain security solutions that utilize people, processes, and technical controls that support UHA’s business operations.
- Work with a diverse group of business professionals to complete periodic risk assessments. Work with the CIO and the Sr. Security Data Analyst to develop projects/activities to address gaps as needed.
- Provide project management over one or more security projects/activities at any given time.
- Assist in the implementation and maintenance of security solutions and programs for various on premise systems and cloud services used by UHA.
- Update and document manuals and procedures for security activities.
- Assist in preparing presentations to given to UHA’s Executive team and Board of Directors that describe security concepts in business-friendly language.
- Provide information security guidance to a diverse teams of business professionals.
- Ensure operational activities of UHA’s security programs, e.g. system patching, access reviews, phishing exercises are executed and documented.
Required Education And Experience
The individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Knowledge, Skills And Abilities
- Knowledge of information security governance practices such as risk assessments, incident response process, disaster recovery and business continuity plans.
- Knowledge of information security concepts such as the CIA triad, symmetrical and asymmetrical encryption, hashing, multi-factor authentication etc.
- Knowledge of information security technologies such as firewalls, DLP systems, IPS/IDS systems, file and execution based malware detection and prevention tools, Security Information and Event Management (SIEM) tools and services.
- Familiarity with industry security requirements such as HIPAA, and PCI DSS.
- Familiarity with security frameworks such as NIST CSF, ISO 2700, NIST 800-53, and MITRE ATT&CK
Education And Experience
- Bachelor’s degree in rigorous field of study that emphasizes critical thinking and analysis, such as computer science, accounting, management information systems, etc.
- 2 years of work experience that require interaction or understanding of common information security technologies such as firewalls, DLP systems, IPS systems, SIEMs, etc.
- 2 years of work experience with information security governance such as performing risk assessments, audits, or working to remediate findings of such activities.
Preferred And Advanced Qualifications
- Certifications that demonstrates knowledge of information security or governance such as Security +, SSCP, or CISA
- Familiarity with HIPAA requirements and purpose
- This position may qualify to work from home
Competitive Compensation & Excellent Benefits Offered
Visit our website at
https://uhahealth.com/page/career-opportunities to apply and for details about vacant positions.
An Equal Opportunity Employer