All across UW Medicine, our employees collaborate to perform the highest quality work with integrity and compassion and to create a respectful, welcoming environment where every patient, family, student and colleague is valued and honored.
UW Medicine’s IT Services department has an outstanding opportunity for an Cyber Security Analyst 2!
UW Medicine’s Information Technology Services (ITS) department is a shared services organization that supports all of UW Medicine. UW Medicine is comprised of Harborview Medical Center (HMC), UW Medical Center-Montlake (UWMC-Montlake), UW Medical Center-Northwest (UWMC-NW), Valley Medical Center (VMC), UW Neighborhood Clinics (UWNC), UW Physicians (UWP), UW School of Medicine (SOM) and Airlift Northwest (ALNW). In addition, UW Medicine shares in the ownership and governance of Children’s University Medical Group and Seattle Cancer Care Alliance (a partnership between UW Medicine, Fred Hutchinson Cancer Research and Seattle Children’s). ITS is responsible for the ongoing support and maintenance of the infrastructure and applications which support all of these institutions, along with the implementation of new services and applications that are used to support and further the UW Medicine mission.
In collaboration with UW Medicine IT Services (‘ITS’) and under the general guidance of the Information Security Manager, the primary focuses of the Cyber Security Analyst 2 (‘Analyst’) position are:
collaborating with cyber security analysts and engineers to conduct vulnerability and risk management activities, with significant impact to business operations for all UW Medicine entities and vendors;
implementing security tools, platforms and methodologies drawing from industry requirements and frameworks such as HIPAA, HITRUST, and NIST to identify and support the mitigation of risks to patient care and critical operations;
deploying prescribed tools to discover system and/or software vulnerabilities and inform and/or validate risk assessments throughout the enterprise;
integrating threat information into institutional vulnerability assessments, risk assessments and mitigation activities;
identifying and documenting vulnerability and risk findings as part of the risk management program at UW Medicine;
executing or supporting internal phishing simulations; and
developing and delivering user training, security awareness programs and UW Medicine-wide security documentation such as policies, standards, and operating procedures.
Areas of responsibility include, but are not limited to:
supporting business and executive leadership decisions and prioritization through risk assessment, compliance, and reporting;
tracking and mitigating known and emergent threats to UW Medicine information assets to support institutional threat awareness, risk assessments, threat detection and analysis, incident response, and cyber security operations;
supporting projects, applications, and other ITS technology efforts with information security expertise to ensure that design and implementation of technical solutions align with organizational risk management goals;
consulting with technical and non-technical stakeholders, including internal and external entities, on security best practices to reduce the risk of compromise across people, processes and technology;
monitoring and developing monitoring processes to proactively identify and respond to threats, vulnerabilities, or risks within UW Medicine; and
supporting cyber security engineers in information security incident triage, containment, and investigative activities, as needed.
Enterprise Risk Management, Threat Assessment, and Security Analysis (50%)
Provide information security services related to risk management, threat assessments, and security analysis.
Review security controls, information systems, and business practices for violations of information security policies, standards, or regulatory requirements.
Conduct risk and vulnerability assessments, analyze findings, and determine levels of risk throughout the enterprise.
Document and report information security risks to UW Medicine.
Develop, propose, or monitor organizational risk acceptance, mitigation, or remediation activities in accordance with established procedures and ensure risks are updated with relevant information and escalated to leadership when required.
Monitor corrective action plans and performance improvement of information security related issues communicated in internal and external assessments.
Ensure security risk assessments align with best practices, standards, and frameworks such as NIST, PCI, and OWASP.
Maintain understanding of threat actors, their tools, techniques and practices, and the assets they target.
Evaluate significance of threats to UW Medicine's risk posture.
Convert analyses and insights into actionable use cases and measurable improvements.
Integrate computer and software vulnerability findings into enterprise risk management program.
Security Consulting and Technical Security Services (20%)
Deliver expert or specialized security consulting and technical services to technical, hospital, business, operations and vendor staff and teams concerning implementation of UW Medicine security standards, processes, and NIST 800-53 “best practices” on secure system design and risk mitigation strategies.
Deploy approved security tools in accordance with formal policies and procedures to assess the vulnerability of the UW Medicine workforce and/or assets to general and specific threats.
Develop, review, and implementation of information security policies, standards, and procedures that promote or ensure the safeguarding of confidentiality, integrity, and availability of enterprise information systems and data.
Security Education and Outreach (15%)
Develop and deliver information security training, education, awareness and conduct outreach activities, as required.
Represent the Information Security team at technical advisory groups, project meetings, and other committees, as assigned, and provide transparent reporting on relevant issues and statuses.
Maintain collaborative relationships with Office of CISO staff and other stakeholders (including government and private sector organizations) engaged in the sharing and dissemination of threat information.
Develop, improve, or support internal phishing campaigns and the analysis and reporting of enterprise trends related to user behavior and organizational risks.
Threat Prevention, Detection, Management, and Incident Response (10%)
Support team efforts to respond to cyber-security intrusions, investigations, and investigative reporting, as needed.
Support team efforts to define and develop reporting and post-event follow-up activities related to information security incidents.
Support team efforts to monitor, analyze, update and/or maintain UW Medicine's information security tools and provide management with routine reporting.
Participate in all aspects of improving the team, including education/training of other team members and contributing to process/communication improvement initiatives.
Mentor and guide student assistants and team members in their work.
Work with manager to set professional goals for career development.
Act as back-up for other team members and functions, as needed.
Bachelor's degree in Computer Science, Information Technology, HIM or related field or equivalent combination of education/experience.
3+ years’ experience must include the following:
3+ years’ information security experience to include experience in one or more of the following areas: Security Audit, Compliance, Security Engineering, Security Analysis, Security Project Management, Security Architecture, implementing best practices, tools and technology and/or demonstrated Information Security aptitude.
Strong work experience independently designing, implementing, or maintaining security tools (including threat assessment tools, risk management tools, or vulnerability management scanning systems).
Strong work experience independently conducting security assessments, security control analyses, risk assessments, vulnerability assessments, awareness and training activities, or penetration tests.
Strong understanding of, and demonstrated experience with, security-related technologies, systems, and tools.
Strong understanding of information security threats and vulnerabilities and how they translate to risks.
Demonstrated knowledge of common information security regulations and/or standards such as NIST 800-53/CSF, ISO 27001/2, HIPAA, PCI DSS, and SOC and how to apply them.
Applied understanding and ability to educate more junior analysts in risk management concepts, methodologies, metrics, and reporting.
Proficiency using standard business productivity software and tools, including Microsoft Office, Word, Excel and PowerPoint, preferably in a Microsoft Windows environment.
Strong applied understanding of major operating systems including Windows, Mac OS, Linux and Mobile Platforms.
Current security certification (e.g., GIAC, CISA, SSCP, CEH).
Previous experience in and knowledge of academic healthcare systems and/or operational environments.
Advanced degree (e.g., Master’s, PhD, etc.)
Knowledge of common healthcare workflows.
Experience designing, implementing and maintaining tools related to security information and event management, intrusion protection, or governance.
Experience designing and maintaining reports in Tableau.
Familiarity with major technology products commonly used in large healthcare systems, such as Epic.
CONDITIONS OF EMPLOYMENT
This is an Information Technology deadline-driven work environment.
The individual in this position is expected to work normal daytime hours. The work may be performed in either an office environment or by telecommuting with manager approval, during normal business hours; however, significant off-hours and weekends may be needed to resolve problems and respond to emergencies. This individual is expected to be available for emergencies (business continuity/disaster recovery efforts) on a 24x7 basis as needed.
Must have the ability to meet in person as directed by manager.
Because of the physically separated sites for UW Medicine, this position requires the ability to travel to alternative work locations as needed.
Must coordinate projects without direct supervisory authority.
Must work within the constraints of multiple technical environments.
ITS provides services to all UW Medicine organizations – HMC, UWMC-Montlake, UWMC-NW, VMC, UWNC, UWP, SOM, and ALNW. The individual in this position must learn many organizational structures and cultures and continually foster collaboration.
Ability to communicate effectively in English, both verbally and in writing
Founded in 1861, the University of Washington is one of the oldest public institutions in the west coast and one of the preeminent research universities in the world. The University of Washington is a multi-campus university comprised of three different campuses: Seattle, Tacoma, and Bothell. The Seattle campus is made up of sixteen schools and colleges that serve students ranging from an undergraduate level to a doctoral level. The university is home to world-class libraries, arts, music, drama, and sports, as well as the highest quality medical care in Washington State and a world-class academic medical center. The teaching and research of the University’s many professional schools provide undergraduate and graduate students the education necessary toward achieving an excellence that will serve the state, the region, and the nation. As part of a large and diverse community, the University of Washington serves more students than any other institution in the Northwest.