"IT Security Analyst 3 - IS - Data Security - FT - Day - Hybrid"

IT Security Analyst 3 - IS - Data Security - FT - Day - Hybrid

Req ID: 93119
Location: Orange, California
Division: Medical Center
Department: IS - Data Security
Position Type: Full Time
Salary Range Minimum: USD $88,000.00/Yr.
Salary Range Maximum: USD $161,600.00/Yr.

Who We Are

UCI Health is the clinical enterprise of the University of California, Irvine, and the only academic health system based in Orange County. UCI Health is comprised of its main campus, UCI Medical Center, a 459-bed, acute care hospital in Orange, Calif., four hospitals and affiliated physicians of the UCI Health Community Network in Orange and Los Angeles counties and ambulatory care centers across the region. Listed among America's Best Hospitals by U.S. News & World Report for 23 consecutive years, UCI Medical Center provides tertiary and quaternary care and is home to Orange County's only National Cancer Institute-designated comprehensive cancer center, high-risk perinatal/neonatal program and American College of Surgeons-verified Level I adult and Level II pediatric trauma center, gold level 1 geriatric emergency department and regional burn center. UCI Health serves a region of nearly 4 million people in Orange County, western Riverside County and southeast Los Angeles County.

To learn more about UCI Health, visit www.ucihealth.org.

Your Role on the Team

Position Summary:

The data security analyst will play a leading role in driving information security analysis, vulnerability remediation and performing risk assessments. This role is a key business enabler to provide information security risk analysis and strategic recommendations for the ongoing improvement of Information Security for UCI Health and the School of Medicine as needed. In this role, you will be engaging with program employees, researchers, stakeholders, and executives to ensure appropriate and up-to-date security management.
Remote Work:
Hybrid - Candidate may be required to come onsite to UCIH facilities within the Orange and LA county area.

What It Takes to be Successful

Required Qualifications:

• Well versed in assessments and be able to identify false-positives or vulnerabilities that have not been remediated
• Must possess the skill, knowledge and ability essential to the successful performance of assigned duties
• Must demonstrate customer service skills appropriate to the job
• Excellent written and verbal communication skills in English
• Demonstrated experience in determining deviation from acceptable configurations
• Demonstrated experience in conducting web application vulnerabilities, penetration testing
• Ability to review contractual language and Business Associate Agreements
• Ability to perform and conduct vulnerability assessments and management of threats & vulnerabilities
• Ability to maintain a work pace appropriate to the workload
• Ability to develop and /or recommend appropriate mitigation countermeasures in operational and non-operational situations
• Ability to deliver clean reports that are actionable and timely
• Ability to conduct security awareness training and compliance & management
• Ability to assess levels of risk
• Ability to analyze, support and maintain numerous proactive risk program
• 5+ years working in a heterogeneous IT environment
• 5+ years in academic and healthcare IT environments
• 2+ years of experience in data security assessment and audit

Preferred Qualifications:

• Thorough understanding of Microsoft Active Directory
• Knowledge of medical center and academic IT environments
• Knowledge of HIPAA/HITECH, NIH, FISMA, CMS, CPHS, dbGaP, PCI-DSS and other State and Federal data security requirements and regulations
• Experience with managing Linux and Windows systems.
• Experience with Cloud Platforms such as Microsoft Azure, AWS
• Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or other similar credentials or work experience
• Accreditation in Microsoft 365 Certified: Enterprise Administrator Expert