Information Security Analyst Senior/UKHC

Job description

Job Title:

Information Security Analyst Senior/UKHC

Requisition Number:


Working Title:

Information Security Analyst Senior

Department Name:

H3997:EVPHA Information Technology

Work Location:

Lexington, KY

Grade Level:


Salary Range:


Type of Position:


Position Time Status :


Required Education:


Click here for more information about equivalencies::

Required Related Experience:

5 yrs

Required License/Registration/Certification:


Physical Requirements:

The physical requirements for this position include communicating effectively; building positive working relationships with individuals from diverse backgrounds; abiding by University guidelines; maintaining confidentiality; prioritizing and managing work effectively; providing exceptional customer service; performing work in a sedentary position; walking, standing, and sitting for extended periods of time; reporting to meetings at different locations both on and off campus; and interacting with individuals from various levels throughout the University.


Primarily days; 8:00 AM – 5:00 PM. However, this is an exempt position and may require additional time during evenings, weekends, and holidays to accomplish work goals.

Job Summary:

The University of Kentucky HealthCare (UKHC) is seeking a Senior Information Security Risk Analyst. This individual will be a member of the information security team focused on governance, risk management, and compliance strategies identified by the Chief Information Security Officer. Job duties of the Senior Information Security Risk Analyst include:

• Performing information security risk assessments to proactively identify, mitigate, and reduce risk to the organization.

• Preparing reports that identify technical and procedural findings, and providing recommended remediation strategies and solutions.

• Communicating risk posture, security metrics, and security issues to leadership.

• Guiding the development and implementation of appropriate security controls for information technology applications and infrastructure.

• Monitoring and evaluating the organization’s compliance with information technology security requirements.

This position is currently remote but may require occasional on-site attendance (i.e., meetings.)

Skills / Knowledge / Abilities:

The ideal candidate will have the following:

• BS or equivalent experience
• Security certification (e.g. CISSP, CISA, CRISC)
• Expert knowledge of HIPAA, PCI, ISO 27001/27002, HITRUST, ISO COBIT, ITIL, and risk management frameworks including ISO 27005/31000/31010, NIST SP 800-30, NIST SP 800-39.
• Ability to produce clean, concise diagrams and documentation.

Does this position have supervisory responsibilities? :


Preferred Education/Experience:

Degree in Information Technology, Information Assurance/Security or equivalent highly preferred.

Deadline to Apply:


University Community of Inclusion:

The University of Kentucky is committed to a diverse and inclusive workforce by ensuring all our students, faculty, and staff work in an environment of openness and acceptance. We strive to foster a community where people of all backgrounds, identities, and perspectives can feel secure and welcome. We also value the well-being of each of our employees and are dedicated to creating a healthy place to work, learn and live. In the interest of maintaining a safe and healthy environment for our students, employees, patients and visitors the University of Kentucky is a Tobacco & Drug Free campus.

As an Equal Opportunity Employer, we strongly encourage veterans, individuals with disabilities, women, and all minorities to consider our employment opportunities.

Any candidate offered a position may be required to pass pre-employment screenings as mandated by University of Kentucky Human Resources. These screenings may include a national background check and/or drug screen.




Diversity Profile: University



View more

Learn more on Inside Higher Ed's College Page for University

Arrow pointing right
Job No:
Posted: 5/5/2021
Application Due: 5/26/2021
Work Type: Full Time