At UPMC, we are committed to keeping our community safe and healthy as the COVID-19 pandemic unfolds. As our team continues to provide Life Changing Medicine to our patients, our recruiters will continue to fill positions throughout this time. Interviews and other processes may be modified to protect the safety of our candidates and employees. Thank you for your patience.

For more information about UPMC's response to COVID-19, please visit

UPMC Life Changing Medicine
Search Our Jobs

   Current UPMC employees must apply in HR Direct

Info Security Analyst - Assoc (Phishing Detection & Remediation)

  • Job ID: 07307572
  • Status: Full-Time
  • Regular/Temporary: Regular
  • Hours:
  • Shift: Day Job
  • Facility: Corporate Information Services
  • Department: ISD System Security
  • Location: 2000 Mary St, Pittsburgh PA 15203
  • Union Position: No
  • Salary Range: $27.73 to $42.09 / hour



Under the general direction of management and lead security analysts, the Information Security Analyst – Associate (Phishing Detection & Remediation) will support and be essential for the development and advancement of the strategies, goals, and objectives of the IAS Security Services (Human Factors) Team. The incumbent will possess a solid understanding of information security best practices and tools, experience with managing multiple projects, and advanced verbal and written communication and presentation skills. Strong interpersonal skills required and a persistent nature. Proven ability to provide security and technical consulting, management-level report writing, and staff mentoring are expected.


  • Able to establish priorities and delegate tasks to the appropriate personnel or work independently as necessary.
  • Respond to Security Incident Handling Processes.
  • Develop automated routines for account administration efficiencies.
  • Provide Security Training and Awareness Program Delivery.
  • In the course of professional activities, conducts themselves in accordance with the highest standards of moral, ethical and legal behavior.
  • Develop and maintain service levels with the various user departments and Heath System business units, and creates reports on the attainment of those levels.
  • Ensure that all applicable Policies and Standards are strictly adhered to in the execution of their duties.
  • Perform low risk testing of network and system security.
  • Maintain current knowledge of security techniques and technologies.
  • Fulfill departmental requirements in terms of providing work coverage and administrative notification during periods of personal illness, vacation, or education.
  • Execute, monitor and maintain Intrusion Detection processes and procedures.
  • Test Security Plans presented by Application and System Support Representatives.
  • Report and investigate discrepancies to policy enforcement mechanisms; works with client to resolve issues.
  • Candidate must be highly motivated to apply process improvement (CMMI) to increase product and service quality to achieve business objectives.
  • Resolve access and security issues with Data Stewards.
  • Provide support as required by ISD's Disaster Recovery Plan.
  • Ensure Security Policies are implemented on systems and networks reviewed.
  • Monitor and maintain Security Police enforcement mechanisms and processes.
  • Provide on-call support at designated times in accordance with the policies and procedures of the Health System.
  • Provide service to ISD client community, patients, families and visitors, while protecting the integrity and confidentiality of all data and information through physical and electronic measures.
  • Security Administration, Management, and Governance Understand the various components of an effective IT security program and relate them to the organization's business process requirements. Compare plans for implementing IT security program elements to ensure that they effectively address program objectives. Participate in or perform with supervision tests of security safeguards in accordance with the established test plan and procedures, and document results.



  • Typically has a 2-year academic degree and familiarity with Information Security through education or practical work experience.
  • Experience in phishing/malicious email threat detection.
  • Demonstrates and applies thorough understanding of information technology tools, best practices, and concepts.
  • Completes on-going training on-the-job, through courses, self-study, certifications and/or advanced degrees to maintain and enhance technical and business capabilities.
  • Participates in an On-Call Team rotation.

Preferred Experience:

  • Experience with data loss prevention
  • Experience with insider threat detection
  • Experience with Cloud Access Security Broker (CASB)
  • Experience with vulnerability assessment tools
  • Computer forensics

Licensure, Certifications, and Clearances:
CompTIA Network+ and Security+ certifications are preferred

UPMC is an Equal Opportunity Employer/Disability/Veteran

Total Rewards

More than just competitive pay and benefits, UPMC’s Total Rewards package cares for you in all areas of life &emdash; because we believe that you’re at your best when receiving the support you need: professional, personal, financial, and more.

Our Values

At UPMC, we’re driven by shared values that guide our work and keep us accountable to one another. Our Values of Quality & Safety, Dignity & Respect, Caring & Listening, Responsibility & Integrity, Excellence & Innovation play a vital role in creating a cohesive, positive experience for our employees, patients, health plan members, and community. Ready to join us? Apply today.

   Current UPMC employees must apply in HR Direct

Talent Network