1+ months

Information Security Analyst I (Risk Management) - (84263)

Universal Health Services
King of Prussia, PA 19406
  • Job Code

One of the nations largest and most respected hospital management companies, Universal Health Services, Inc. (NYSE: UHS) has built an impressive record of achievement and performance. Steadily growing since its inception to an esteemed Fortune 500 corporation, UHS today has annual revenues of $10 billion and 83,000 employees. In 2019, UHS was recognized for the ninth consecutive year as one of the Worlds Most Admired Companies by Fortune; in 2018, ranked #268 on the Fortune 500; and in 2017, ranked #275 in Forbes inaugural ranking of Americas Top 500 Public Companies.

Our operating philosophy is as effective today as it was 40 years ago: Build or acquire high quality hospitals in rapidly growing markets, invest in the people and equipment needed to allow each facility to thrive, and become the leading healthcare provider in each community we serve.

Headquartered in King of Prussia, PA, UHS has more than 83,000 employees and through its subsidiaries operates more than 320 acute care hospitals, behavioral health facilities and ambulatory centers in the United States, Puerto Rico and the United Kingdom.

The Corporate IS Department is seeking a dynamic and talented Information Security Analyst I.

The Information Security Analyst I (Risk Management) participates in the identification, implementation, maintenance, and support of technologies designed to protect the confidentiality, integrity and/or availability of UHS vendor information systems. Works with technical and non-technical staff to ensure that all UHS vendors and contractors are effectively and efficiently providing the intended security controls consistent with established UHS policies and procedures. Where appropriate, assists technical staff in UHS affiliated locations to deploy, manage and support selected technologies. Oversees the technical aspects of tasks assigned to less experienced staff or contractors on projects, systems or applications.

Key Responsibilities include:

  • Maintains selected information security technologies within guidelines of policies and in keeping with good project management principles. Monitors the resolution of maintenance or enhancement issues assigned by the UHS Customer Support Center.
  • Periodically reviews deployed security technologies to insure that the solutions continue to provide the intended protections efficiently and effectively.
  • Identifies gaps in protection, and recommends solutions to remediate or mitigate the risks associated with the protection gaps.
  • Performs evaluation of Third Party engagements to identify and manage vendor risk, which includes: supporting the development and maintenance of a master vendor list, and ensuring that proper security controls are in place including, security audits, vulnerability assessments, appropriate user account practices, and security documentation (e.g., BAA, User Access forms, etc.).
  • Works will other Technical Security personnel to review and interpret vendor due diligence materials, including audit reports and security risk assessment questionnaires. Involve appropriate subject matter expertise as required to resolve vulnerabilities identified.
  • Works with the Corporate Vulnerability Management team to conduct vulnerability assessments on remote hosted applications, as needed.
  • Work with staff at all levels in the organization, vendors and contractors to insure protections are effective, efficient and non-disruptive to the appropriate duties, rights and mission of the individuals and the organization(s).
Job Requirements

Position Requirements:

  • 1-3 years of experience working with vendors and third party service providers required.
  • Bachelors degree in Information Security or a related field.
  • Excellent communication, interpersonal and project management skills
  • Proficient PC skills, specifically with business-oriented applications such as Word, Excel and PowerPoint.
  • Knowledge of security control practices, procedures and principles
  • Familiarity with risk assessment and risk management concepts or processes.
  • Working knowledge of various regulatory security requirements particularly Sarbanes-Oxley (SOX), HIPAA, and HITECH.
  • Ability to prioritize multiple tasks and be details oriented.
  • An information security certification is a plus -- to demonstrate proficiency and knowledge of information security best practices and concepts.
  • Relevant industry certifications, such as Security+, GSEC, ISC2, ISACA, etc.
  • Experience or training in any of the following: cloud services, regulatory compliance, and use of GRC platforms,

Travel Requirements: Travel connected with projects for field locations will be necessary, <5%

This opportunity provides the following:

  • Challenging and rewarding work environment
  • Growth and development opportunities within UHS and its subsidiaries
  • Competitive Compensation
  • Excellent Medical, Dental, Vision and Prescription Drug Plan
  • 401k plan with company match
  • Generous Paid Time Off

*UHS is a registered trademark of UHS of Delaware, Inc., the management company for Universal Health Services, Inc. and a wholly-owned subsidiary of Universal Health Services, Inc. Universal Health Services, Inc. is a holding company and operates through its subsidiaries including its management company, UHS of Delaware, Inc. All healthcare and management operations are conducted by subsidiaries of Universal Health Services, Inc. To the extent any reference to "UHS or UHS facilities" on this website including any statements, articles or other publications contained herein relates to our healthcare or management operations it is referring to Universal Health Services' subsidiaries including UHS of Delaware. Further, the terms "we," "us," "our" or "the company" in such context similarly refer to the operations of Universal Health Services' subsidiaries including UHS of Delaware. Any employment referenced in this website is not with Universal Health Services, Inc. but solely with one of its subsidiaries including but not limited to UHS of Delaware, Inc.

UHS is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at UHS via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of UHS. No fee will be paid in the event the candidate is hired by UHS as a result of the referral or through other means.


Posted: 2019-11-07 Expires: 2020-03-22

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Information Security Analyst I (Risk Management) - (84263)

Universal Health Services
King of Prussia, PA 19406

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast