COVID-19 Vaccination Information

Across UPMC, our guiding principle is to always prioritize the safety of our employees, patients, and members. UPMC believes that vaccination is important, helps protect all, and advocates that everyone who can be vaccinated should be vaccinated.

UPMC complies with all governmental requirements related to local, state, and federal COVID-19 vaccination for employment. The Jan. 13 Supreme Court of the United States decision that the Centers for Medicare & Medicaid Services federal COVID-19 vaccine mandate will move forward requires UPMC to ensure employees either get vaccinated or receive a requested medical or religious exemption.

If you are not yet vaccinated, we urge you to get a vaccine now. You can schedule your COVID-19 vaccination through UPMC or visit a non-UPMC provider or UPMC Urgent Care location.

Proof of vaccination is not required upon hire; however, employees will be responsible for ensuring post-hire compliance by getting vaccinated or requesting a medical or religious exemption.

For more information about UPMC’s response to COVID-19, please visit UPMC.com/coronavirus.

Search Our Jobs

   Current UPMC employees must apply in HR Direct

Apply

IT Risk Analyst - Intermediate

  • Job ID: 375177714
  • Status: Full-Time
  • Regular/Temporary: Regular
  • Hours:
  • Shift: Day Job
  • Facility: Corporate Information Services
  • Department: HPLAN Arch,Sec,TechMgmt
  • Location: Work From Home
  • Union Position: No
  • Salary Range: $34.72 to $52.84 / hour

Description

Purpose:
The Information Technology (IT) Risk Analyst 100% Work From Home will support the UPMC IT Risk Management Program within Information Assurance Services and will assist in the development and execution of a FAIR-Based Risk Quantification Program. The role will require a combination of facilitation, analysis, technical, information security, and business skills and candidates will be expected to contribute risk quantification and risk management thought leadership to the IT Risk Management Team.

Responsibilities:

 

  • Obtain thorough understanding of the FAIR methodology for Quantifying Information Risk.
  • Assist in the development, implementation and maintenance of IT Risk Management Program.
  • Assist in building strong, collaborative partnerships with internal key risk partners and, as required, external risk quantification industry partners.
  • Assist in the formulation, execution and management of standardized and custom FAIR risk quantification analyses.
  • Assist in the identification of internal and external primary/ secondary loss, threat event and susceptibility data/ information.
  • Assist in the development, application and maintenance of FAIR-based models, standard analysis scenarios and risk quantification tools/ techniques.
  • Facilitation of risk quantification meetings and working group sessions.
  • Assist in the formal and informal risk quantification/ FAIR training and socialization efforts development and delivery.
  • Establish and maintain excellent relationships with business owners and IT contacts to elicit their input and feedback on risk initiatives.
  • Assist in performing IT Risk Assessments and reporting efforts to ISD and Operational Executive Management Leadership.
  • Provide service to IT client community, patients, families and visitors, while protecting the integrity and confidentiality of all data and information through physical and electronic measures.
  • Ensure that all applicable UPMC Policies and Standards are strictly adhered to in the execution of their duties.
  • In the course of professional activities, conducts themselves in accordance with the highest standards of moral, ethical and legal behavior.
  • Maintain current knowledge of security techniques and technologies.
  • Fulfill departmental requirements in terms of providing work coverage and administrative notification during periods of personal illness, vacation, or education.
  • Security Administration, Management, and Governance - Understand the various components of an effective IT security program and relate them to the organization's business process requirements. Compare plans for implementing IT security program elements to ensure that they effectively address program objectives. Participate in or perform with supervision tests of security safeguards in accordance with the established test plan and procedures, and document results.

 

Qualifications

  • 4-year academic degree includes courses in computer science, management information systems, cyber security, data analysis, statistics OR has acquired Core IT skills and knowledge via practical experience.
  • Typically has 2+ years work experience in IT Risk and Compliance, Information Security, Information Technology Project Management or Information Technology Audit.
  • Working knowledge of IT security strategy, techniques and control implementations across all existing computer platforms.
  • Working knowledge of key technology concepts such as access control, asset lifecycle management, encryption, business continuity, vulnerability management, and third-party vendor risk.
  • Strong and demonstrated facilitation, collaboration and relationship-building experienceOrganized self-starter; versatile and capable of performing work with minimal management oversight.
  • Strong oral and written communication skills to work effectively with employees at all levels of the organization.
  • Ability to multi-task, strong attention to detail, self-motivated willingness to take initiative and ownership.
  • Excellent critical thinking, problem-solving skills and the ability to be highly productive, both working alone and as part of a team.

MUST HAVES:

  • Understand FAIR
  • Self Risk Assesment experience 

NICE TO HAVE:

  • LOGIC GATE

100% WORK FROM HOME


Licensure, Certifications, and Clearances:
The candidate must become certified in the Factor Analysis of Information Risk (FAIR) within 2 years of being hired, or reclassified due to transfer, promotion, or reorganization.
 

  • Act 34

  • UPMC is an Equal Opportunity Employer/Disability/Veteran

Total Rewards

More than just competitive pay and benefits, UPMC’s Total Rewards package cares for you in all areas of life — because we believe that you’re at your best when receiving the support you need: professional, personal, financial, and more.

Our Values

At UPMC, we’re driven by shared values that guide our work and keep us accountable to one another. Our Values of Quality & Safety, Dignity & Respect, Caring & Listening, Responsibility & Integrity, Excellence & Innovation play a vital role in creating a cohesive, positive experience for our employees, patients, health plan members, and community. Ready to join us? Apply today.

   Current UPMC employees must apply in HR Direct

Apply

Security Alert

We are aware of scams targeting UPMC and other large companies that involve individuals posing as employees to illegitimately conduct interviews and extend false employment offers and payments to gain access to candidates' personal information. Please note that UPMC will not communicate with candidates through third-party email services like Gmail or Yahoo. While some interviews may take place via a video conferencing service, UPMC Talent Acquisition will not conduct interviews via Skype or Google Hangouts. UPMC will never ask for or disburse funds during the recruitment process. If you are hired into a role with a sign-on bonus or similar incentive, funds will be paid to you by UPMC after your start date.

If you suspect you have been a victim of a fraudulent UPMC job offer, please report the attempt using this form.