Description
Purpose:
UPMC is actively hiring for a Senior Information Security Analyst role within the Vulnerability Management team. The Vulnerability Management team is responsible for identifying and communicating security vulnerabilities on-premise and in the cloud for UPMC digital assets and applications across UPMC’s domestic and international locations.
The Information Security Analyst - Senior supports the Information Security Group's efforts to develop secure systems and networks through the identification, implementation, and operation of security tools and the development and execution of security processes and standards.
- Participate as key member of the organization's incident responses team
- Work with junior members of the team to assist in the development of their skill sets
- Participate in education and awareness activities within the organization
If you are someone who has a passion for information security and is excited to work within a close-knit team of highly knowledgeable individuals, then we encourage you to apply today!
Responsibilities:
- Perform comprehensive vulnerability assessments and continuous monitoring across the organization.
- Manage the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.
- Work with various different business units to perform vulnerability assessments on systems or applications.
- Examine systems and applications to assess the current security posture.
- Work with 3rd parties to conduct required security assessments, tests etc.
- Assists in the planning and execution of Red-Team exercises
- Participate as key member of the organization's incident responses team
- Work with junior members of the team to assist in the development of their skill sets
- Participate in education and awareness activities within the organization
- Manage vulnerability related tickets to ensure issues are remediated within proper timelines.
- Participates in an On-Call Team rotation.
Qualifications
-
Typically has a 4-year academic degree and 5+ years of information security or equivalent practical work experience.
-
Demonstrates and applies thorough understanding of information technology tools, best practices, and concepts.
-
Completes on-going training on-the-job, through courses, self-study, certifications and/or advanced degrees to maintain and enhance technical and business capabilities.
-
Maintains current knowledge of security techniques and technologies and applies that knowledge to mitigate risk. Participates in an On-Call Team rotation.
Licensure, Certifications, and Clearances:
CompTIA Network+, Security+ and CISSP certifications are preferred
UPMC is an Equal Opportunity Employer/Disability/Veteran
Total Rewards
More than just competitive pay and benefits, UPMC’s Total Rewards package cares for you in all areas of life — because we believe that you’re at your best when receiving the support you need: professional, personal, financial, and more.
Our Values
At UPMC, we’re driven by shared values that guide our work and keep us accountable to one another. Our Values of Quality & Safety, Dignity & Respect, Caring & Listening, Responsibility & Integrity, Excellence & Innovation play a vital role in creating a cohesive, positive experience for our employees, patients, health plan members, and community. Ready to join us? Apply today.