UTHealth Houston

Senior Information Security Analyst in Information Technology

UTHealth Houston$90K — $120K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in IT or equivalent experience required.
  • 2+ years in IT support/auditing, with 1-2 years on enterprise security platforms.
  • Preferred certifications: CISSP, CISA, CISM.
  • Strong problem-solving skills and ability to work in teams or independently.
  • Experience with server configuration and maintaining security software.

Responsibilities

  • Design, implement, and monitor the IT security program.
  • Lead projects and supervise Information Security staff as directed by CISO.
  • Evaluate current security practices and recommend improvements.
  • Conduct risk assessments and support business continuity planning.
  • Develop and maintain IT security training programs for employees.

Benefits

  • Opportunity for professional development within a security-sensitive environment.
  • Involvement in diverse security projects impacting critical systems.
  • Work in a collaborative environment with clinical and administrative teams.
  • Access to advanced information security training and resources.
Full Job Description
Responsible for designing, implementing, and monitoring the IT security program with a focus on identifying server/web vulnerabilities, security awareness, Identity and Access Management (IAM), and implementation of information security solutions in support of the Information Security program and other supervisory responsibilities as assigned.

Position Key Accountabilities:
  • Provides technical leadership and support in the selection, configuration, and maintenance of security and IAM software, utilities, and hardware.
  • Manages projects and supervises Information Security Staff and/or resources as relating to departmental projects and key initiatives as required by the Chief Information Security Officer.
  • Maintains current understanding of IT audit techniques, information security, and IAM best practices, policies, and procedures, including Federal, State, and other applicable regulatory requirements and guidelines (HIPAA, FERPA, NIST, PCI DSS, TAC 202).
  • Evaluates cost-effective alternatives to current information security program components.
  • Participates in annual review of all information security policies, standards, procedures, and guidelines; recommends amendments; assures alignment with current regulatory requirements.
  • Monitors and enforces compliance with information security policies, standards, procedures, and guidelines.
  • Responsible for developing, implementing, and maintaining an ongoing IT security awareness and employee training program for the entire UTHSC-H.
  • Conducts risk and security assessments, facilitates disaster recovery planning, and supports business continuity efforts for business-critical systems. Evaluates results with system owners and custodians.
  • Provides information security consulting on a variety of technologies and processes.
  • Performs periodic penetration tests and vulnerability scans. Reviews results for evidence of vulnerability or compromise; assists in or facilitates the implementation of the resolution. Track resolution of findings and prepare reports.
  • Manages enterprise configuration/vulnerability management program, web application firewalls, and security scans to identify and correct security gaps. Prepares remediation reports and provides technical mentorship and guidance for various levels of operations staff.
  • Participates, develops, and facilitates activities in support of Computer Security Incident Response Team (CSIRT) efforts. Coordinates initial assessments, including severity, potential impact, and resolution efforts with fellow CSIRT members.
  • Provides guidance on integrating IAM tools and automation into new and existing applications.
  • Works with clinical, academic, and administrative application groups to design, develop, and deploy IAM integration and automation solutions with minimum supervision.
  • Provides support for enterprise account life-cycle management, including, but not limited to, account provisioning, account de-provisioning, authentication, and authorization.
  • Provides support, configuration, and maintenance for the IAM infrastructure, including, but not limited to, IDM, AM, SSO, Federated Authentication, LDAP, IAM application development, and support tools.
  • Provide support for the Public Key Infrastructure system and process.
  • System administration for a variety of Linux and Windows-based servers to support security and IAM tools.
  • Monitors system log information for evidence of compromise; responds to and reports security incidents.
  • Provides forensic analysis and support for compliance and other security-related investigations; provides summary analysis as necessary.
  • Initiates and participates in periodic security audits; tests controls; prepares reports and makes recommendations as necessary.
  • Performs other duties as assigned.


Certification/Skills:
  • Complex problem-solving skills; ability to think independently as well as work in a dynamic team.
  • Ability to work within tight deadlines; strong organizational skills.
  • Excellent verbal and written communication skills.
  • Ability to configure and administer Windows and VMware servers and desktops.
  • Working knowledge of UNIX-based systems.
  • Web application security; programming, Linux system administration, database administration.
  • Network architecture design; incorporating security into SDLC.
  • Training in information technology required.
  • Certified Information Systems Security Professional (CISSP) by the International Information System Security Certification Consortium, Inc. (ISC2) preferred
  • Certified Information Systems Auditor (CISA) by ISACA preferred
  • Certified Information Security Manager (CISM) by ISACA preferred


Minimum Education:

Bachelor's Degree required, or you may substitute required education with equivalent years of experience beyond the minimum experience requirement.

Minimum Experience:

2 years of experience in information technology support or information technology auditing required 1 year to two years of direct involvement with security platforms deployed as part of an enterprise-level information security program required

Physical Requirements:

Exerts up to 50 pounds of force occasionally and/or up to 20 pounds frequently and/or up to 10 pounds constantly to move objects.

Security Sensitive:

This position is a security-sensitive position pursuant to Texas Education Code §51.215 and Texas Government Code §411.094. To the extent that a position requires the holder to research, work on, or have access to critical infrastructure as defined in Texas Business and Commerce Code §117.001(2), the ability to maintain the security or integrity of the infrastructure is a minimum qualification to be hired for and to continue to be employed in that position. Personnel in such positions, and similarly situated state contractors, will be routinely reviewed to determine whether things such as criminal history or continuous connections to the government or political apparatus of a foreign adversary might prevent the applicant, employee, or contractor from being able to maintain the security or integrity of the infrastructure. A foreign adversary is a nation listed in 15 C.F.R. §791.4.

Residency Requirement:

Employees must permanently reside and work in the State of Texas.

About UTHealth Houston

UTHealth Houston includes the schools of dentistry, biomedical informatics, medicine, nursing, public health, and the graduate school of biomedical sciences. UTHealth Houston is accredited by the Commission on Colleges of the Southern Association of Colleges and Schools to award certificates, bachelor's, master's, doctoral, and professional degrees.

UTHealth Houston Careers

Joining UTHealth Houston offers an unparalleled opportunity to become part of a dynamic team of professionals dedicated to furthering the future of healthcare. UTHealth Houston stands out as a leader in medical education, research, and clinical service, both locally and globally.

Explore Job Opportunities

UTHealth Houston is constantly seeking talented individuals who are eager to contribute to cutting-edge medical research and superior patient care. With a variety of job opportunities available, candidates can find positions that match their skills and passions. Explore the current openings and find where professional expertise meets innovation in healthcare.

Experience Professional Growth and Development

UTHealth Houston is committed to fostering leadership and professional growth. The institution supports career advancement through robust training programs, including leadership development and diversity training. Employees are encouraged to further their professional education and skills, ensuring continuous personal and professional development.

Engage in Meaningful Work

Every team member at UTHealth Houston contributes to a culture of innovation and excellence. The work done here leads to significant advancements in healthcare, impacting patient lives worldwide. Employees at UTHealth Houston are not just part of a team but are part of a movement towards better health solutions.

Internship Programs

For those starting their career, UTHealth Houston offers internship programs that provide invaluable industry experience and networking opportunities. Internships are designed to develop skills and provide insights into various aspects of healthcare operations, from clinical practice to healthcare management.

Benefits and Culture

UTHealth Houston values its employees and offers a competitive package of benefits designed to support the health, well-being, and financial security of employees and their families. The culture at UTHealth Houston is one of collaboration, diversity, and inclusion, where every team member’s contribution is valued and celebrated.

Join the Team

UTHealth Houston is hiring! Search for positions that align with your career goals and apply today. Tailor your resume to highlight relevant experience and prepare for an interview process that values insight, collaboration, and dedication to healthcare excellence.

Stay Connected with UTHealth Houston Careers

Keep up to date with the latest job alerts, employment news, and career tips directly from UTHealth Houston. Personalize your subscription to receive updates that align with your career interests and professional goals.

Networking and Career Insights

UTHealth Houston encourages continuous networking and professional engagement, offering employees a platform to connect with industry leaders and innovators within the healthcare sector. These connections provide profound insights and further career opportunities within the field.

Empower Your Career with UTHealth Houston

Whether looking for a first job, seeking a leadership position, or aiming to specialize further, UTHealth Houston provides the resources and support to achieve career aspirations. Join UTHealth Houston and be part of a team that is dedicated to making a difference in healthcare through service, innovation, and leadership.
Learn more about UTHealth Houston
Size
11 employees
Industry

Similar Jobs

More Jobs at UTHealth Houston

More Information Technology Jobs

Find similar Senior Information Security Analyst in Information Technology jobs: