Information Security Analyst - IntermediateLocation: MacDonagh OfficeJob type: PermanentOverview of role: Overview of the Post
Under the general direction of the management team and senior staff, the Information Security Analyst - Intermediate supports the Information Security Group's efforts to develop secure systems and networks through the identification and implementation of automated tools, development and execution of security processes, procedures, advanced security
techniques, and reporting.
Primary Duties and Responsibilities: Have you considered applying your
technical expertise to improve healthcare? The industry is on the verge of
major technological disruption and UPMC is leading the way by leveraging its
vast global patient reach, and acclaimed health IT innovations. UPMC’s Global
Technology Operations Centre (GTOC) in Europe extends our innovation reach to
global markets and is enabling the next generation of healthcare delivery
solutions for our patients around the world.UPMC, a not-for-profit US-based
academic and multinational healthcare system, is expanding and localizing its
industry leading IT services and innovation, to support its growing global
presence. Located in the sunny southeast of Ireland and in the heart of
Kilkenny’s growing tech cluster, UPMC’s Global Technology Operations Centre
(GTOC) is building leading edge infrastructure and services that will enable
the next generation of healthcare delivery solutions for our patients globally. As an extension of UPMC’s US-based
operations, the GTOC team supports healthcare facilities in Ireland, Italy, and
Asia. We want you to be part of our expanding team, where you can engage with
clinical and business leaders, innovate new solutions, and realise first-hand how
technology improves patient experience, paving the path for the future of
healthcare. Come join our team of accomplished technologists who collaborate
seamlessly across borders, develop global healthcare IT skills, and support
optimal work / life balance through flexible work arrangements. Duties and ResponsibilitiesDuties and
Responsibilities Provide service to IT client while protecting the integrity and confidentiality of all data and information through physical and electronic measures.During professional activities, conducts themselves in accordance with the highest standards of moral, ethical and legal behaviour.Develop and deliver Security Awareness Training Programs to all affiliated entities.Assist Application, Infrastructure and IT Support representatives in the development and accreditation of Security Plans to ensure policy and best practice compliance of controls in place.Resolve security issues in complex multi-disciplined environments.Develop and maintain security incident handling processes.Develop and implement security policy enforcement technologies.Review and revise security policies as identified through technology and risk analysis reviews.Perform high risk and sensitive security strength testing and analysis.Use external tools (Rapid 7, Nexpose, Crowdstrike) to analyse existing and potential risks to the network.Compile reports on vulnerabilities for passing onto relevant teams for remediation. Manage user accounts on common cloud platforms (Azure, AWS)Continuously monitor security events from various platforms, including SIEM, EDR, IDS/IPS, and cloud-based security tools.Identify potential security incidents by analyzing alerts and logs for suspicious activities.Escalate incidents based on their severity and impact, following established protocols.Perform log analysis to identify unusual patterns or behaviors that may indicate security risks.Provide support to threat hunting activities to detect and mitigate threats that may bypass traditional security controls.Collaborate with senior analysts to refine detection rules and improve threat identification techniques.Develop automated routines for account administration and security measure deployment efficiencies.Fulfil departmental requirements in terms of providing work coverage and administrative notification during periods of personal illness, vacation, or education.On-call support may be required at designated times.Develop and maintain service levels with the various user departments and Heath System business units and creates reports on the attainment of those levels.Ability to establish priorities and delegate tasks to the appropriate personnel or work independently as necessary.IT Modality
ResponsibilitiesProblem Resolution:Resolves most common and many moderately complex to complex problems/issues/ opportunities.Responds to unfamiliar, undefined, unexpected, or unstable situations with the professionally prescribed standard response.Business Partnership: Interfaces with business partners to help identify issues and resolve problems.Analyses business requests for feasibility review, including initial cost/benefit analysis; prioritizes requests and conducts capacity planning.Project Management:Works with project manager to define tasks and create teamwork plans with moderate supervision.Delegates work to others and monitor’s progress.Identifies issues affecting work progress and recommends solutions.Communicates schedule variances and potential scope changes in status reports.Security Technology Design,
Development:Develop security requirements for hardware, software, and services acquisitions specific to the IT security program (e.g., purchase of virus-scanning software or security reviews) and for inclusion in general IT acquisition guidance.Install and operate the IT systems in a test configuration in a manner that does not alter the program code or compromise security safeguards.Business Continuance:Reviews and evaluates IT system development documents to ensure that system safeguards result in an acceptable level of risk.Evaluates configuration controls, reviews security test plans and procedures, ensures that documented security requirements are tested and comply with formal design specifications.Identifies areas where specific IT security countermeasures are required and independently contributes to design and development of those countermeasures.Identifies security requirements to be included in statements of work and other procurement documents (e.g., procurement requests, purchase orders, task orders, and proposal evaluation summaries).Identifies alternative functional IT security strategies to address specific system security issues or situations.The above Job Description
is not intended to be a comprehensive list of all duties involved and
consequently, the post holder may be required to perform other duties as
appropriate to the post which may be assigned to him/her from time to time
and to contribute to the development of the post
while in office. Qualifications & Experience:Qualifications / Education/Experience: Typically has a 4-year academic degree and 2+ years of information security or equivalent practical work experience.Demonstrates and applies thorough understanding of information technology tools, best practices, and concepts.Completes on-going training on-the-job, through courses, self-study, certifications and/or advanced degrees to maintain and enhance technical and business capabilities.Maintains current knowledge of security techniques and Licensure/Certification:CompTIA Network+ and Security+ certifications are preferredEqual
Opportunity Statement and Benefits UPMC is an equal opportunity employer.
We celebrate diversity and are committed to creating an inclusive environment
for all employees.At UPMC we provide a total rewards program
that is not only market competitive, but fair and provides growth opportunities
for all our colleagues.Compensation – Competitive pay for the work employees do – base pay, performance related pay
and premium pay where applicable.Benefits –
Fully paid maternity and paternity leave for new parents. Competitive Pension
Plan, company funded Death in Service Benefit x 3 times. Critical Illness cover
for all employees up to the age of 66.Performance and Recognition – Rewards for performance that supports the goals and mission of
UPMC through our annual ACES programme.Work-Life Balance – Enhanced annual leave up to a maximum of 27 days. Flexible
working opportunities to support you to work around external family
commitments.Development
and Career Opportunities – Opportunities for each employee to reach
their career goals through continued learning and/or advancement.About
UPMC A $26 billion healthcare provider and insurer, Pittsburgh, Pennsylvania-based UPMC is inventing new models of patient-centred, cost-effective, accountable care. Working in close collaboration with the University of Pittsburgh Schools of the Health Sciences, UPMC shares its clinical, managerial and technological skills worldwide through its innovation and commercialisation arm, UPMC Enterprises, and through UPMC International.Providing high-quality healthcare in the South East since 2006, UPMC’s operations in Ireland now include UPMC Whitfield Hospital in Waterford, UPMC Sports Surgery Clinic in Dublin, UPMC Kildare Hospital in Clane and UPMC Aut Even Hospital in Kilkenny. Outpatient care is available at the UPMC Carlow Outreach Centre, UPMC Hillman Cancer Centre radiotherapy locations at UPMC Whitfield and in Cork, the UPMC Sports Medicine Clinic at SETU Arena, Waterford, TUS Moylish Campus, Limerick, TUS Thurles Campus, Tipperary, and the UPMC Concussion Network. The UPMC Institute for Health is located in Mayo and the Global Technology Operation Centre is based in Kilkenny. UPMC is the Official Healthcare Partner of the GAA and GPA.