CYBER SECURITY ANALYST 1

All across UW Medicine, our employees collaborate to perform the highest quality work with integrity and compassion and to create a respectful, welcoming environment where every patient, family, student and colleague is valued and honored.

UW Medicine’s IT Services department has an outstanding opportunity for an Cyber Security Analyst 1!

UW Medicine’s Information Technology Services (ITS) department is a shared services organization that supports all of UW Medicine.  UW Medicine is comprised of Harborview Medical Center (HMC), UW Medical Center-Montlake (UWMC-Montlake), UW Medical Center-Northwest (UWMC-NW), Valley Medical Center (VMC), UW Neighborhood Clinics (UWNC), UW Physicians (UWP), UW School of Medicine (SOM) and Airlift Northwest (ALNW).  In addition, UW Medicine shares in the ownership and governance of Children’s University Medical Group and Seattle Cancer Care Alliance (a partnership between UW Medicine, Fred Hutchinson Cancer Research and Seattle Children’s).  ITS is responsible for the ongoing support and maintenance of the infrastructure and applications which support all of these institutions, along with the implementation of new services and applications that are used to support and further the UW Medicine mission.

In collaboration with UW Medicine IT Services (‘ITS’) and under the general guidance of the Enterprise Information Security Manager, the primary focuses of the Cyber Security Analyst 1 (‘Analyst’) position are:
• supporting cyber security analysts and engineers to conduct vulnerability and risk assessment activities, with significant impact to business operations for all UW Medicine entities and vendors;
• operating security tools, platforms and methodologies which draw from industry requirements and frameworks such as HIPAA, HITRUST, and NIST to identify and support the mitigation of risks to patient care and critical operations;
• deploying prescribed tools to discover system and/or software vulnerabilities and inform and/or validate risk assessments throughout the enterprise;
• integrating threat information into institutional vulnerability assessments, risk assessments and mitigation activities;
• supporting internal phishing simulations; and
• participating in the development and delivering of user training, security awareness programs and UW Medicine-wide security documentation.

RESPONSIBILITIES

Enterprise Risk Management, Threat Assessment, and Security Analysis (50%)
• Conduct risk and vulnerability assessments, analyze findings, and determine levels of risk throughout the enterprise.
• Review security controls, information systems, and business practices for violations of information security policies, standards, or regulatory requirements.
• Document and report information security risks to UW Medicine.
• Develop, propose, or monitor organizational risk acceptance, mitigation, or remediation activities in accordance with established procedures and ensure risks are updated with relevant information and escalated to leadership when required.
• Ensure security risk assessments align with best practices, standards, and frameworks such as NIST, PCI, and OWASP.

Security Consulting and Technical Security Services. (20%)
• Deliver security consulting and technical services to technical, hospital, business, operations and vendor staff and teams concerning implementation of UW Medicine security standards, processes, and NIST 800-53 “best practices” on secure system design and risk mitigation strategies.
• Advise the enterprise on the secure design of technical solutions, applications, and network architecture.
• Deploy approved security tools in accordance with formal policies and procedures to assess the vulnerability of the UW Medicine workforce and/or assets to general and specific threats.
• Support the development, review, and implementation of information security policies, standards, and procedures that promote or ensure the safeguarding of confidentiality, integrity, and availability of enterprise information systems and data.

Security Education and Outreach (15%)
• Deliver information security training, education, awareness, and conduct outreach activities, as required.
• Collaborate with campus security teams and other stakeholders (including government and private sector organizations) engaged in the sharing and dissemination of threat information.
• Support and improve internal phishing campaigns and the analysis and reporting of enterprise trends related to user behavior and organizational risks.

Threat Prevention, Detection, Management, and Incident Response (10%)
• Support team efforts to respond to cyber-security intrusions, investigations, and investigative reporting, as needed.
• Support team efforts to define and develop reporting and post-event follow-up activities related to information security incidents.
• Support team efforts to monitor, analyze, update and/or maintain UW Medicine's information security tools.

Other (5%)
• Participate in all aspects of improving the team, including education/training and contributing to process/communication improvement initiatives.
• Work with manager to set professional goals for career development.
• Act as back-up for other team members and functions, as needed.

REQUIREMENTS

Bachelor’s Degree in Computer Science, Information Technology, HIM, or related field or equivalent combination of education/experience.

2+ years’ experience must include:
• 2+ years’ information security experience in one or more of the following areas: Security Engineering, Security Analysis, Security Project Management, Security Architecture, implementing best practices, tools and technology and/or demonstrated Information Security aptitude.
• Demonstrated independent work experience with security tool implementation, or maintenance of security tools including threat management, vulnerability management, or risk management platforms.
• Demonstrated independent work experience conducting security assessments, security control analysis, risk assessments, vulnerability assessments, awareness & training activities, or penetration tests.
• Demonstrated independent work experience with security-related technologies, systems, and tools.
• Demonstrated understanding of information security threats and vulnerabilities and how they translate to risks.
• Able to reference one or more common information security regulations and/or standards such as NIST 800-53/CSF, ISO 27001/2, HIPAA, PCI DSS, and SOC when analyzing risks.
• Experience with major operating systems including Windows, Mac OS, Linux and Mobile Platforms.

DESIRED

• Advanced degree (e.g., Master’s, PhD, etc.)
• Previous experience in and knowledge of academic healthcare systems and/or operational environments.
• One or more of the following certificates: GIAC, CISA, SSCP, CEH, Security+.
• Knowledge of common health care workflows.
• Experience designing, implementing, and maintaining tools related to security information and event management, intrusion protection, security architecture, or cloud security.
• Familiarity with major technology products commonly used in large healthcare systems, such as Epic.

CONDITIONS OF EMPLOYMENT