One of the nation's largest and most respected hospital management companies, Universal Health Services, Inc. (NYSE: UHS) has built an impressive record of achievement and performance. Steadily growing since its inception to an esteemed Fortune 500 corporation, UHS today has annual revenues of $10 billion and 83,000 employees. In 2019, UHS was recognized for the ninth consecutive year as one of the World's Most Admired Companies by Fortune; in 2018, ranked #268 on the Fortune 500; and in 2017, ranked #275 in Forbes inaugural ranking of America's Top 500 Public Companies.
Our operating philosophy is as effective today as it was 40 years ago: Build or acquire high quality hospitals in rapidly growing markets, invest in the people and equipment needed to allow each facility to thrive, and become the leading healthcare provider in each community we serve.
Headquartered in King of Prussia, PA, UHS has more than 83,000 employees and through its subsidiaries operates more than 320 acute care hospitals, behavioral health facilities and ambulatory centers in the United States, Puerto Rico and the United Kingdom.
The Corporate IS Department is seeking a dynamic and talented Information Security Analyst I.
The Information Security Analyst I (Risk Management)participates in the identification, implementation, maintenance, and support of technologies designed to protect the confidentiality, integrity and/or availability of UHS vendor information systems. Works with technical and non-technical staff to ensure that all UHS vendors and contractors are effectively and efficiently providing the intended security controls consistent with established UHS policies and procedures. Where appropriate, assists technical staff in UHS affiliated locations to deploy, manage and support selected technologies. Oversees the technical aspects of tasks assigned to less experienced staff or contractors on projects, systems or applications.
Key Responsibilities include:
Performs evaluation of Third Party engagements to identify and manage vendor risk, which includes: supporting the development and maintenance of a master vendor list, and ensuring that proper security controls are in place including, security audits, vulnerability assessments, appropriate user account practices, and security documentation (e.g., BAA, User Access forms, etc.).
Works will other Technical Security personnel to review and interpret vendor due diligence materials, including audit reports and security risk assessment questionnaires.Involve appropriate subject matter expertise as required to resolve vulnerabilities identified.
Works with the Corporate Vulnerability Management team to conduct vulnerability assessments on remote hosted applications as needed.
Identify gaps in protection and recommend solutions to remediate or mitigate the risks associated with the protection gaps.
Work with staff at all levels in the organization, vendors and contractors to insure protections are effective, efficient and non-disruptive to the appropriate duties, rights and mission of the individuals and the organization(s).
Adhere to UHS standards of service excellence, professionalism, and integrity while performing duties.