All across UW Medicine, our employees collaborate to perform the highest quality work with integrity and compassion and to create a respectful, welcoming environment where every patient, family, student and colleague is valued and honored.
UW Medicine’s IT Services department has an outstanding opportunity for an Senior Cyber Security Analyst!
UW Medicine’s Information Technology Services (ITS) department is a shared services organization that supports all of UW Medicine. UW Medicine is comprised of Harborview Medical Center (HMC), UW Medical Center-Montlake (UWMC-Montlake), UW Medical Center-Northwest (UWMC-NW), Valley Medical Center (VMC), UW Primary Care (UWPC), UW Physicians (UWP), UW School of Medicine (SOM) and Airlift Northwest (ALNW). In addition, UW Medicine shares in the ownership and governance of Children’s University Medical Group and Seattle Cancer Care Alliance (a partnership between UW Medicine, Fred Hutchinson Cancer Research and Seattle Children’s). ITS is responsible for the ongoing support and maintenance of the infrastructure and applications which support all of these institutions, along with the implementation of new services and applications that are used to support and further the UW Medicine mission.
In collaboration with UW Medicine IT Services (‘ITS’) and under the general guidance of the Information Security Manager, the primary focuses of the Senior Cyber Security Analyst (‘Sr. Analyst’) position are:
providing technical leadership and expertise for:
special assessments, unprecedented/non-routine engagements, and the highly complex analysis work;
operational teams implementing and maintaining UW Medicine information security/technology infrastructure;
the enterprise on the secure design of technical solutions, applications, and network architecture;
research or review security controls, information systems, and business practices for violations of information security policies, standards, or regulatory requirements;
delivering expert or specialized security consulting and technical services to technical, hospital, business, operations and vendor staff and teams;
collaborating with cyber security analysts and engineers to conduct vulnerability and risk assessment activities, with significant impact to business operations for all UW Medicine and vendors;
designing, developing and implementing security tools, platforms and methodologies drawing from industry requirements and frameworks such as HIPAA, HITRUST, and NIST to identify and support the mitigation of risks to patient care and critical operations;
deploying prescribed tools to discover system and/or software vulnerabilities and inform and/or validate risk assessments throughout the enterprise;
guiding team efforts to integrate threat information into institutional vulnerability assessments, risk assessments and mitigation activities;
guiding team efforts to integrate computer and software vulnerability findings into the risk management program at UW Medicine;
executing or supporting internal phishing simulations; and
developing and delivering user training, security awareness programs and UW Medicine-wide security documentation such as policies, standards, and operating procedures.
Areas of responsibility include, but are not limited to:
improving business and executive leadership decisions and prioritization through risk assessment, compliance, and reporting;
tracking and mitigating known and emergent threats to UW Medicine information assets to support institutional threat awareness, risk assessments, threat detection and analysis, incident response, and cyber security operations;
guiding team support for projects, applications, and other ITS technology efforts with information security expertise to ensure that design and implementation of technical solutions align with organizational risk management goals;
consulting with technical and non-technical stakeholders, including internal and external entities, on security best practices to reduce the risk of compromise across people, processes and technology;
monitoring and developing monitoring processes to proactively identify and respond to threats, vulnerabilities, or risks within UW Medicine;
supporting cyber security engineers in information security incident triage, containment, and investigative activities, as needed; and
mentoring student assistants and other team members.
Security Consulting and Technical Security Services (40%)
Provide technical leadership for special assessments, unprecedented/non-routine engagements, and the highly complex analysis work.
Deliver expert or specialized security consulting and technical services to technical, hospital, business, operations and vendor staff and teams concerning implementation of UW Medicine security standards, processes, and NIST 800-53 “best practices” on secure system design and risk mitigation strategies.
Provide technical expertise in specified efforts to design and implement recommendations to operational teams implementing and maintaining UW Medicine information security/technology infrastructure.
Provide technical expertise to the enterprise on the secure design of technical solutions, applications, and network architecture.
Deploy approved security tools in accordance with formal policies and procedures to assess the vulnerability of the UW Medicine workforce and/or assets to general and specific threats.
Develop, review, and implementation of information security policies, standards, and procedures that promote or ensure the safeguarding of confidentiality, integrity, and availability of enterprise information systems and data.
Enterprise Risk Management, Threat Assessment, and Security Analysis (30%)
Guide expert or specialized information security services related to risk management, threat assessments, and security analysis.
Navigate unprecedented situations, and draw on extensive experience to deliver standard and non-standard solutions.
Contribute to the overall direction of the team by taking technical lead on high complex situations.
Conduct risk and vulnerability assessments, analyze findings, and determine levels of risk throughout the enterprise.
Document and report information security risks to UW Medicine.
Develop, propose, or monitor organizational risk acceptance, mitigation, or remediation activities in accordance with established procedures and ensure risks are updated with relevant information and escalated to leadership when required.
Monitor corrective action plans and performance improvement of information security related issues communicated in internal and external assessments.
Ensure security risk assessments align with best practices, standards, and frameworks such as NIST, PCI, and OWASP.
Maintain understanding of threat actors, their tools, techniques and practices, and the assets they target.
Evaluate significance of threats to UW Medicine's risk posture.
Convert analyses and insights into actionable use cases and measurable improvements.
Integrate computer and software vulnerability findings into enterprise risk management program.
Security Education and Outreach (15%)
Guide specified efforts to research or review security controls, information systems, and business practices for violations of information security policies, standards, or regulatory requirements.
Provide expert or specialized information security services related to information security policies, standards, and procedures.
Represent the Information Security team at technical advisory groups, project meetings, and other committees, as assigned, and provide transparent reporting on relevant issues and statuses.
Maintain collaborative relationships with Office of CISO staff and other stakeholders (including government and private sector organizations) engaged in the sharing and dissemination of threat information.
Develop, revise, and deliver information security training, education, awareness and conduct outreach activities, as required.
Coordinate revisions to information security policies and standards with program leadership and lead collaborative discussions with senior departmental liaisons and stakeholders throughout UW Medicine in collaboration with the information Security Manager.
Threat Prevention, Detection, Management, and Incident Response (10%)
Support team efforts to respond to cyber-security intrusions, investigations, and investigative reporting, as needed.
Support team efforts to define and develop reporting and post-event follow-up activities related to information security incidents.
Support team efforts to monitor, analyze, update and/or maintain UW Medicine's information security tools and provide management with routine reporting.
Participate in all aspects of improving the team, including education/training of other team members and contributing to process/communication improvement initiatives.
Train, mentor and guide other analysts and team members.
Work with manager to set professional goals for career development.
Act as back-up for other team members and functions, as needed.
Bachelor's degree in Computer Science, Information Technology, HIM, or related field or equivalent combination of education/experience.
Current security certification (e.g. CISSP, GIAC, CISM, CISA, SSCP, CEH, Security+) or equivalent combination of education/experience.
4+ years of experience must include:
4+ years’ information security experience to include experience in several of the following areas: Security Audit, Compliance, Security Engineering, Security Analysis, Security Project Management, Security Architecture, implementing best practices, tools and technology and/or demonstrated Information Security aptitude.
Extensive work experience designing, implementing, or maintaining security tools (including threat assessment tools, risk management tools, or vulnerability management scanning systems).
Extensive work experience conducting security assessments, security control analysis, risk assessments, vulnerability assessments, awareness & training activities or penetration tests.
Advanced understanding of, and extensive work experience with, security-related technologies, systems, and tools.
Demonstrated experience using threat modeling and vulnerability review to impact the design of highly interconnected enterprise systems.
Advanced understanding of information security threats and vulnerabilities and how they translate to risks.
Advanced knowledge of common information security regulations and/or standards such as NIST 800-53/CSF, ISO 27001/2, HIPAA, PCI DSS, and SOC and how to apply them.
Recognized mentor and educator in risk management concepts, methodologies, metrics, and reporting.
Previous experience in and knowledge of academic healthcare systems and/or operational environments.
Advanced degree (e.g., Master’s, PhD, etc.)
Knowledge of common health care workflows.
Experience with hybrid cloud and on-premise environments.
Scripting knowledge across one or more languages.
Experience designing, implementing and maintaining tools related to security information and event management, intrusion protection.
Experience designing and maintaining reports in Tableau.
Familiarity with major technology products commonly used in large healthcare systems such as Epic.
CONDITIONS OF EMPLOYMENT
This is an Information Technology deadline-driven work environment.
The individual in this position is expected to work normal daytime hours. The work may be performed in either an office environment or by telecommuting with manager approval, during normal business hours; however, significant off-hours and weekends may be needed to resolve problems and respond to emergencies. This individual is expected to be available for emergencies (business continuity/disaster recovery efforts) on a 24x7 basis as needed.
Must have the ability to meet in person as directed by manager.
Because of the physically separated sites for UW Medicine, this position requires the ability to travel to alternative work locations as needed.
Must coordinate projects without direct supervisory authority.
Must work within the constraints of multiple technical environments.
ITS provides services to all UW Medicine organizations – HMC, UWMC-Montlake, UWMC-NW, VMC, UWNC, UWP, SOM, and ALNW. The individual in this position must learn many organizational structures and cultures and continually foster collaboration.
Ability to communicate effectively in English, both verbally and in writing.
Founded in 1861, the University of Washington is one of the oldest public institutions in the west coast and one of the preeminent research universities in the world. The University of Washington is a multi-campus university comprised of three different campuses: Seattle, Tacoma, and Bothell. The Seattle campus is made up of sixteen schools and colleges that serve students ranging from an undergraduate level to a doctoral level. The university is home to world-class libraries, arts, music, drama, and sports, as well as the highest quality medical care in Washington State and a world-class academic medical center. The teaching and research of the University’s many professional schools provide undergraduate and graduate students the education necessary toward achieving an excellence that will serve the state, the region, and the nation. As part of a large and diverse community, the University of Washington serves more students than any other institution in the Northwest.