Information Security Analyst - Intermediate

Location: MacDonagh Office

Job type: Permanent

Overview Of Role

Overview of the Post Under the general direction of the management team and senior staff, the Information Security Analyst - Intermediate supports the Information Security Group's efforts to develop secure systems and networks through the identification and implementation of automated tools, development and execution of security processes, procedures, advanced security techniques, and reporting.

Primary Duties And Responsibilities

Have you considered applying your technical expertise to improve healthcare? The industry is on the verge of major technological disruption and UPMC is leading the way by leveraging its vast global patient reach, and acclaimed health IT innovations. UPMC’s Global Technology Operations Centre (GTOC) in Europe extends our innovation reach to global markets and is enabling the next generation of healthcare delivery solutions for our patients around the world.

UPMC, a not-for-profit US-based academic and multinational healthcare system, is expanding and localizing its industry leading IT services and innovation, to support its growing global presence. Located in the sunny southeast of Ireland and in the heart of Kilkenny’s growing tech cluster, UPMC’s Global Technology Operations Centre (GTOC) is building leading edge infrastructure and services that will enable the next generation of healthcare delivery solutions for our patients globally.

As an extension of UPMC’s US-based operations, the GTOC team supports healthcare facilities in Ireland, Italy, and Asia. We want you to be part of our expanding team, where you can engage with clinical and business leaders, innovate new solutions, and realise first-hand how technology improves patient experience, paving the path for the future of healthcare. Come join our team of accomplished technologists who collaborate seamlessly across borders, develop global healthcare IT skills, and support optimal work / life balance through flexible work arrangements.

Duties and Responsibilities

Duties and Responsibilities Provide service to IT client while protecting the integrity and confidentiality of all data and information through physical and electronic measures.

During professional activities, conducts themselves in accordance with the highest standards of moral, ethical and legal behaviour.

Develop and deliver Security Awareness Training Programs to all affiliated entities.

Assist Application, Infrastructure and IT Support representatives in the development and accreditation of Security Plans to ensure policy and best practice compliance of controls in place.

Resolve security issues in complex multi-disciplined environments.

Develop and maintain security incident handling processes.

Develop and implement security policy enforcement technologies.

Review and revise security policies as identified through technology and risk analysis reviews.

Perform high risk and sensitive security strength testing and analysis.

Use external tools (Rapid 7, Nexpose, Crowdstrike) to analyse existing and potential risks to the network.

Compile reports on vulnerabilities for passing onto relevant teams for remediation.

Manage user accounts on common cloud platforms (Azure, AWS)

Continuously monitor security events from various platforms, including SIEM, EDR, IDS/IPS, and cloud-based security tools.

Identify potential security incidents by analyzing alerts and logs for suspicious activities.

Escalate incidents based on their severity and impact, following established protocols.

Perform log analysis to identify unusual patterns or behaviors that may indicate security risks.

Provide support to threat hunting activities to detect and mitigate threats that may bypass traditional security controls.

Collaborate with senior analysts to refine detection rules and improve threat identification techniques.

Develop automated routines for account administration and security measure deployment efficiencies.

Fulfil departmental requirements in terms of providing work coverage and administrative notification during periods of personal illness, vacation, or education.

On-call support may be required at designated times.

Develop and maintain service levels with the various user departments and Heath System business units and creates reports on the attainment of those levels.

Ability to establish priorities and delegate tasks to the appropriate personnel or work independently as necessary.

IT Modality Responsibilities

Problem Resolution

Resolves most common and many moderately complex to complex problems/issues/ opportunities.

Responds to unfamiliar, undefined, unexpected, or unstable situations with the professionally prescribed standard response.

Business Partnership

Interfaces with business partners to help identify issues and resolve problems.

Analyses business requests for feasibility review, including initial cost/benefit analysis; prioritizes requests and conducts capacity planning.

Project Management

Works with project manager to define tasks and create teamwork plans with moderate supervision.

Delegates work to others and monitor’s progress.

Identifies issues affecting work progress and recommends solutions.

Communicates schedule variances and potential scope changes in status reports.

Security Technology Design, Development

Develop security requirements for hardware, software, and services acquisitions specific to the IT security program (e.g., purchase of virus-scanning software or security reviews) and for inclusion in general IT acquisition guidance.

Install and operate the IT systems in a test configuration in a manner that does not alter the program code or compromise security safeguards.

Business Continuance

Reviews and evaluates IT system development documents to ensure that system safeguards result in an acceptable level of risk.

Evaluates configuration controls, reviews security test plans and procedures, ensures that documented security requirements are tested and comply with formal design specifications.

Identifies areas where specific IT security countermeasures are required and independently contributes to design and development of those countermeasures.

Identifies security requirements to be included in statements of work and other procurement documents (e.g., procurement requests, purchase orders, task orders, and proposal evaluation summaries).

Identifies alternative functional IT security strategies to address specific system security issues or situations.

The above Job Description is not intended to be a comprehensive list of all duties involved and consequently, the post holder may be required to perform other duties as appropriate to the post which may be assigned to him/her from time to time and to contribute to the development of the post while in office.

Qualifications & Experience

Qualifications / Education/Experience: Typically has a 4-year academic degree and 2+ years of information security or equivalent practical work experience.

Demonstrates and applies thorough understanding of information technology tools, best practices, and concepts.

Completes on-going training on-the-job, through courses, self-study, certifications and/or advanced degrees to maintain and enhance technical and business capabilities.

Maintains current knowledge of security techniques and

Licensure/Certification

CompTIA Network+ and Security+ certifications are preferred

Equal Opportunity Statement And Benefits

UPMC is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

At UPMC we provide a total rewards program that is not only market competitive, but fair and provides growth opportunities for all our colleagues.

Compensation – Competitive pay for the work employees do – base pay, performance related pay and premium pay where applicable.

Benefits – Fully paid maternity and paternity leave for new parents. Competitive Pension Plan, company funded Death in Service Benefit x 3 times. Critical Illness cover for all employees up to the age of 66.

Performance and Recognition – Rewards for performance that supports the goals and mission of UPMC through our annual ACES programme.

Work-Life Balance – Enhanced annual leave up to a maximum of 27 days. Flexible working opportunities to support you to work around external family commitments.

Development and Career Opportunities – Opportunities for each employee to reach their career goals through continued learning and/or advancement.

About UPMC

A $26 billion healthcare provider and insurer, Pittsburgh, Pennsylvania-based UPMC is inventing new models of patient-centred, cost-effective, accountable care. Working in close collaboration with the University of Pittsburgh Schools of the Health Sciences, UPMC shares its clinical, managerial and technological skills worldwide through its innovation and commercialisation arm, UPMC Enterprises, and through UPMC International.

Providing high-quality healthcare in the South East since 2006, UPMC’s operations in Ireland now include UPMC Whitfield Hospital in Waterford, UPMC Sports Surgery Clinic in Dublin, UPMC Kildare Hospital in Clane and UPMC Aut Even Hospital in Kilkenny. Outpatient care is available at the UPMC Carlow Outreach Centre, UPMC Hillman Cancer Centre radiotherapy locations at UPMC Whitfield and in Cork, the UPMC Sports Medicine Clinic at SETU Arena, Waterford, TUS Moylish Campus, Limerick, TUS Thurles Campus, Tipperary, and the UPMC Concussion Network. The UPMC Institute for Health is located in Mayo and the Global Technology Operation Centre is based in Kilkenny. UPMC is the Official Healthcare Partner of the GAA and GPA.