Senior Information Security Analyst - Cloud and AI Security
Role details
Job location
Tech stack
Job description
The Corporate Information Services Department is seeking a dynamic and talented Sr. Information Security Analyst - Cloud & AI Security. As a key member of our collaborative Cybersecurity team, the Senior Information Security Analyst will play a critical role in safeguarding UHS and affiliates information systems. In this role, you will be responsible for identifying, assessing, and mitigating security vulnerabilities in our applications, guiding secure development practices, and collaborating with development teams to embed security throughout the software development lifecycle (SDLC). Oversees the technical aspects of tasks assigned to less experienced staff or contractors on projects, systems or applications assigned. Adheres to UHS standards of service excellence, professionalism, and integrity while performing duties. Key responsibilities include:
- Assists with the design and architecture of Cloud and Artificial Intelligence information security technologies within guidelines of policies, accepted best practices, and in keeping with good project management principles.
- Periodically reviews deployed security technologies to ensure that the solutions continue to provide the intended protection efficiently and effectively.
- Provides input to UHS Security Standards and Policies.
- Provides input into the Third-Party Security Architecture Reviews.
- Identifies gaps in protection and recommends solutions to remediate or mitigate the risks associated with the protection gaps.
- Document findings and assist in creating reports and metrics for technical and non-technical audiences.
- Stay current on the latest cloud and AI security trends.
- Works with staff at all levels in the organization, vendors and contractors to ensure protections are effective, efficient and non-disruptive to the appropriate duties, rights and mission of the individuals and the organization(s).
- Willing to grow into a subject matter expert (SME) for at least one technology or process and guides the efforts of 1-3 less experienced staff who assist with the assigned technology or process.
- Monitors the resolution of maintenance or enhancement issues assigned by the UHS Customer Support Center.
Requirements
Do you have experience in Threat Modeling (Architecture security)?, Do you have a Bachelor's degree?, * Bachelor's degree in Information Systems, Security and Risk Management, Computer Science, Cybersecurity, or *10+ years of increasing technical IT experience along with professional certifications (CISSP, CompTIA Security+, AZ-500) may be substituted in lieu of bachelor's degree.
- Minimum 5-8 experience within the cybersecurity field.
- Knowledge of at least one major cloud platform core components and basic architecture (AWS, Azure, or Google Cloud) and their shared security model.
- Understanding of Identity and Access Management (IAM), Role-Based Access Control (RBAC), multi-factor authentication and least-privilege principles in the cloud.
- Exposure to OWASP Top 10 and MITRE frameworks.
- Foundational understanding of the AI/ML lifecycle and security basics.
- Exposure to the DREAD or STRIDE threat modeling frameworks.
- Desire to grow security knowledge in cloud and AI systems.
- Strong analytical and problem-solving abilities with a security-first mindset.
- Eagerness to learn rapidly in a fast-evolving field (Cloud and AI change quickly).
- Familiarity with risk assessment and risk management concepts or processes.
- Working knowledge of various regulatory security requirements - particularly Sarbanes-Oxley (SOX), HIPAA, and HITECH.
- Working knowledge of common cyber security frameworks such as HITRUST, NIST, CSC20, or others.
- Able to plan, organize, manage and execute projects, working with other technical staff, to implement cyber and information security technologies or processes.
- Able to prioritize multiple tasks and be detail oriented.An information security certification is a plus
-
- to demonstrate proficiency and knowledge of information security best practices and concepts.
- Excellent communication, interpersonal and project management skills
Travel Requirements: at least 10 % US travel to field locations may be necessary to complete assigned projects.
Benefits & conditions
Pulled from the full job description
-
Health insurance
-
401(k) matching
-
Paid time off
-
Vision insurance
-
Dental insurance, * Challenging and rewarding work environment
-
Growth and development opportunities within UHS and its subsidiaries
-
Competitive Compensation
-
Excellent Medical, Dental, Vision and Prescription Drug Plan
-
401k plan with company match
-
Generous Paid Time Off
-
UHS is a registered trademark of UHS of Delaware, Inc., the management company for Universal Health Services, Inc. and a wholly-owned subsidiary of Universal Health Services, Inc. Universal Health Services, Inc. is a holding company and operates through its subsidiaries including its management company, UHS of Delaware, Inc. All healthcare and management operations are conducted by subsidiaries of Universal Health Services, Inc. To the extent any reference to "UHS or UHS facilities" on this website including any statements, articles or other publications contained herein relates to our healthcare or management operations it is referring to Universal Health Services' subsidiaries including UHS of Delaware. Further, the terms "we," "us," "our" or "the company" in such context similarly refer to the operations of Universal Health Services' subsidiaries including UHS of Delaware. Any employment referenced in this website is not with Universal Health Services, Inc. but solely with one of its subsidiaries including but not limited to UHS of Delaware, Inc.