Information Security Analyst Senior/UKHC
Information Security Analyst Senior/UKHCRequisition Number:
Information Security Analyst SeniorDepartment Name:
H3997:EVPHA Information TechnologyWork Location:
Lexington, KYGrade Level:
$61,630-100,485/yearType of Position:
StaffPosition Time Status :
BSClick here for more information about equivalencies::
5 yrsRequired License/Registration/Certification:
The physical requirements for this position include communicating effectively; building positive working relationships with individuals from diverse backgrounds; abiding by University guidelines; maintaining confidentiality; prioritizing and managing work effectively; providing exceptional customer service; performing work in a sedentary position; walking, standing, and sitting for extended periods of time; reporting to meetings at different locations both on and off campus; and interacting with individuals from various levels throughout the University.Shift:
Primarily days; 8:00 AM – 5:00 PM. However, this is an exempt position and may require additional time during evenings, weekends, and holidays to accomplish work goals.Job Summary:
The University of Kentucky HealthCare (UKHC) is seeking a Senior Information Security Risk Analyst. This individual will be a member of the information security team focused on governance, risk management, and compliance strategies identified by the Chief Information Security Officer. Job duties of the Senior Information Security Risk Analyst include:
• Performing information security risk assessments to proactively identify, mitigate, and reduce risk to the organization.
• Preparing reports that identify technical and procedural findings, and providing recommended remediation strategies and solutions.
• Communicating risk posture, security metrics, and security issues to leadership.
• Guiding the development and implementation of appropriate security controls for information technology applications and infrastructure.
• Monitoring and evaluating the organization’s compliance with information technology security requirements.
This position is currently remote but may require occasional on-site attendance (i.e., meetings.)
The ideal candidate will have the following:
• BS or equivalent experience
• Security certification (e.g. CISSP, CISA, CRISC)
• Expert knowledge of HIPAA, PCI, ISO 27001/27002, HITRUST, ISO COBIT, ITIL, and risk management frameworks including ISO 27005/31000/31010, NIST SP 800-30, NIST SP 800-39.
• Ability to produce clean, concise diagrams and documentation.
Degree in Information Technology, Information Assurance/Security or equivalent highly preferred.Deadline to Apply:
05/24/2021University Community of Inclusion:
The University of Kentucky is committed to a diverse and inclusive workforce by ensuring all our students, faculty, and staff work in an environment of openness and acceptance. We strive to foster a community where people of all backgrounds, identities, and perspectives can feel secure and welcome. We also value the well-being of each of our employees and are dedicated to creating a healthy place to work, learn and live. In the interest of maintaining a safe and healthy environment for our students, employees, patients and visitors the University of Kentucky is a Tobacco & Drug Free campus.
As an Equal Opportunity Employer, we strongly encourage veterans, individuals with disabilities, women, and all minorities to consider our employment opportunities.
Any candidate offered a position may be required to pass pre-employment screenings as mandated by University of Kentucky Human Resources. These screenings may include a national background check and/or drug screen.