"Alerted.org

The Senior IT Security Analyst –Risk Management is a highly skilled and technically proficient member of the Cybersecurity Operations team within the University of Virginia Health System Health IT (HIT) organization. This role is critical in deploying, configuring, operating, troubleshooting, and evaluating the effectiveness of a wide array of cybersecurity controls and services. The ideal candidate will have deep technical expertise and a passion for defending complex environments against evolving cyber threats.

Key Responsibilities:

• Assess the effectiveness of security controls

• Perform security reviews

• Work with Leadership to develop a cybersecurity risk management plan

• Recommend risk mitigation strategies

• Conduct risk analysis of applications and systems undergoing major changes

• Advise on Risk Management Framework process activities and documentation

• Determine if authorization and assurance documents identify an acceptable level of risk for software applications, systems, and networks

• Update security documentation to reflect current application and system security design features

• Document software, network, and system deviations from implemented security postures

• Recommend required actions to correct software, network, and system deviations from implemented security postures

• Work with Leadership to develop cybersecurity compliance processes for external services

• Work with Leadership to develop cybersecurity audit processes for external services

• Work with Leadership to provide cybersecurity guidance to organizational risk governance processes

• Determine if vulnerability remediation plans are in place

• Develop vulnerability remediation plans

• Determine if cybersecurity requirements have been successfully implemented

+ Maintenance of data security tables and files used to manage for access controls and identity management systems.

+ Assists with investigative process during computer security incident responses.

+ Implements and maintains information security infrastructure.

+ Collaborates with other HSCS teams to ensure Information Security Plan and Standards are implemented.

+ Collaborates with other HSCS teams to ensure facility and physical security is implemented. Coordinates Information Security Awareness program and educational activities.

+ In addition to the above job responsibilities, other duties may be assigned.

This position **will not** consider candidates who require immigration sponsorship at this time or in the future.

MINIMUM REQUIREMENTS

Education: Bachelor’s degree

Experience: 5-7 years relevant experience. Relevant experience may be considered in lieu of a degree.

Licensure: CISSP or HCISPP or similar preferred.

PHYSICAL DEMANDS

This is primarily a sedentary job involving extensive use of desktop computers. The job does occasionally require traveling some distance to attend meetings, and programs.​

Position Compensation Range: $74,922.00 - $149,843.00 Annual

Benefits

+ Comprehensive Benefits Package: Medical, Dental, and Vision Insurance

+ Paid Time Off, Long-term and Short-term Disability, Retirement Savings

+ Health Saving Plans, and Flexible Spending Accounts

+ Certification and education support

+ Generous Paid Time Off

UVA Health (https://jobs.virginia.edu/why-uva-health) is a world-class Magnet Recognized academic medical center and health system with a level 1 trauma center. 2023-2024 U.S. News & World Report “Best Hospitals” guide (https://health.usnews.com/best-hospitals/area/va/university-of-virginia-medical-center-6344000) rates UVA Health University Medical Center as “High Performing” in 5 adult specialties and 14 conditions/procedures. We are one of 70 National Cancer Institute designated cancer centers. UVA Health Children’s (https://jobs.virginia.edu/uva-childrens) is named by 2023-2024 U.S. News & World Report (https://health.usnews.com/best-hospitals/area/va/university-of-virginia-childrens-hospital-PA6344000) as the best children's hospital in Virginia with 9 specialties ranked among the best in the nation. Our footprint also encompasses 3 community hospitals and an integrated network of primary and specialty care clinics throughout Charlottesville, Culpeper, Northern Virginia, and beyond.