Information Security Analyst - (Onsite & Remote (hybrid) working schedule requir

If you are a current University Health or University Health Physicians employee and wish to be considered, you must apply via the internal career site., At University Health KC, cybersecurity is more than technology - it's about protecting patients, safeguarding critical healthcare systems, and ensuring trust across every interaction.We are seeking a driven and highly analytical Information Security Analyst to help strengthen and advance our enterprise security program. In this role, you'll work at the intersection of healthcare, technology, compliance, and risk management to defend systems that directly support patient care and organizational operations.This is an opportunity for an IT security professional who thrives in a mission-critical environment, enjoys solving complex security challenges, and wants to make a measurable impact in a rapidly evolving healthcare ecosystem.Why This Role MattersHealthcare is one of the most targeted industries for cyber threats. As part of our Information Security team, you'll play a key role in protecting sensitive patient information, securing enterprise infrastructure, supporting regulatory compliance, and helping shape the future of cybersecurity across our organization.You won't just respond to threats - you'll help prevent them.What You'll DoEnterprise Security Operations

• Support and maintain enterprise security technologies and infrastructure in collaboration with strategic technology partners
• Assist in maintaining high availability, resiliency, and operational security performance
• Participate in system maintenance activities and ongoing security optimization initiatives

Risk Assessment & Security Compliance

• Evaluate new applications, systems, and technologies for alignment with security standards and best practices
• Support security risk assessments, audits, and remediation activities
• Help ensure compliance with HIPAA Security and Privacy standards, NIST frameworks, and organizational policies

Threat Monitoring & Incident Response

• Analyze security reports, system logs, alerts, and audit findings to identify potential security threats or violations
• Coordinate and support information security incident investigations and reporting efforts
• Assist with vulnerability identification and mitigation across enterprise environments

Security Awareness & Collaboration

• Promote a culture of cybersecurity awareness through education, training, and communication
• Partner with technical and operational teams to improve security posture organization-wide
• Collaborate with internal stakeholders and external technology providers to strengthen security operations

• Bachelor's degree in Information Technology, Cybersecurity, or related field - or equivalent combination of education, training, and experience
• Minimum of 2 years of information security experience plus 5 years of professional-level IT experience
• Strong understanding of information security principles, technologies, and operational practices
• Knowledge of HIPAA Security & Privacy requirements and NIST frameworks
• Experience identifying and mitigating network and infrastructure vulnerabilities
• Familiarity with:

• Cisco firewalls
• Splunk
• Antivirus platforms
• Intrusion Detection/Prevention Systems (IDS/IPS)
• Linux and Windows environments

• Strong communication, analytical thinking, and independent decision-making skills

Preferred Qualifications:

• Industry certifications such as:

• CISSP
• CISM
• CISA
• CHPC

• Healthcare industry experience
• Experience working in regulated or mission-critical environments