Job Description

Job Title: Info Security Analyst - Assoc (Phishing Detection & Remediation)
Job ID: 07307572
Status: Full-Time
Regular/Temporary: Regular
Shift: Day Job
Facility: Corporate Information Services
Department: ISD System Security
Location: 2000 Mary St, Pittsburgh PA 15203



Under the general direction of management and lead security analysts, the Information Security Analyst – Associate (Phishing Detection & Remediation) will support and be essential for the development and advancement of the strategies, goals, and objectives of the IAS Security Services (Human Factors) Team. The incumbent will possess a solid understanding of information security best practices and tools, experience with managing multiple projects, and advanced verbal and written communication and presentation skills. Strong interpersonal skills required and a persistent nature. Proven ability to provide security and technical consulting, management-level report writing, and staff mentoring are expected.


  • Able to establish priorities and delegate tasks to the appropriate personnel or work independently as necessary.
  • Respond to Security Incident Handling Processes.
  • Develop automated routines for account administration efficiencies.
  • Provide Security Training and Awareness Program Delivery.
  • In the course of professional activities, conducts themselves in accordance with the highest standards of moral, ethical and legal behavior.
  • Develop and maintain service levels with the various user departments and Heath System business units, and creates reports on the attainment of those levels.
  • Ensure that all applicable Policies and Standards are strictly adhered to in the execution of their duties.
  • Perform low risk testing of network and system security.
  • Maintain current knowledge of security techniques and technologies.
  • Fulfill departmental requirements in terms of providing work coverage and administrative notification during periods of personal illness, vacation, or education.
  • Execute, monitor and maintain Intrusion Detection processes and procedures.
  • Test Security Plans presented by Application and System Support Representatives.
  • Report and investigate discrepancies to policy enforcement mechanisms; works with client to resolve issues.
  • Candidate must be highly motivated to apply process improvement (CMMI) to increase product and service quality to achieve business objectives.
  • Resolve access and security issues with Data Stewards.
  • Provide support as required by ISD's Disaster Recovery Plan.
  • Ensure Security Policies are implemented on systems and networks reviewed.
  • Monitor and maintain Security Police enforcement mechanisms and processes.
  • Provide on-call support at designated times in accordance with the policies and procedures of the Health System.
  • Provide service to ISD client community, patients, families and visitors, while protecting the integrity and confidentiality of all data and information through physical and electronic measures.
  • Security Administration, Management, and Governance Understand the various components of an effective IT security program and relate them to the organization's business process requirements. Compare plans for implementing IT security program elements to ensure that they effectively address program objectives. Participate in or perform with supervision tests of security safeguards in accordance with the established test plan and procedures, and document results.



  • Typically has a 2-year academic degree and familiarity with Information Security through education or practical work experience.
  • Experience in phishing/malicious email threat detection.
  • Demonstrates and applies thorough understanding of information technology tools, best practices, and concepts.
  • Completes on-going training on-the-job, through courses, self-study, certifications and/or advanced degrees to maintain and enhance technical and business capabilities.
  • Participates in an On-Call Team rotation.

Preferred Experience:

  • Experience with data loss prevention
  • Experience with insider threat detection
  • Experience with Cloud Access Security Broker (CASB)
  • Experience with vulnerability assessment tools
  • Computer forensics

Licensure, Certifications, and Clearances:
CompTIA Network+ and Security+ certifications are preferred

UPMC is an Equal Opportunity Employer/Disability/Veteran

Salary Range: $27.73 to $42.09 / hour

Union Position: No

Apply Current Employee?


At UPMC, our shared goal is to create a cohesive, positive, experience for our employees, patients, health plan members, and community. If you too are driven by these values, you may be a great fit at UPMC!


UPMC provides a total rewards package that can help you achieve the goals you have for your career and your personal life. Whether you want to learn a new skill through a training course, reach personal health and wellness targets, become more involved in your community, or follow a career path that provides you with the right experience to be successful, UPMC can help you get to where you want to be.


Now more than ever, YOU can help us shape our communities and UPMC into a better place for everyone to work, study, play, and thrive.

Learn more about working here and check out our policies and recent updates.

UPMC Health Plan Named Best Places to Work for LGBTQ Equality in 2019

UPMC Ranked #1 Best Places for Women and Diverse Managers in 2019

Talent Network