ResponsibilitiesYou can help protect our network of healing. As a Security Analyst, you'll be working on all things information security- from risk assessments, auditing, monitoring, response and prevention, providing consulting on cutting edge projects, performing training and growing our Compliance program.
You'll work with IT professionals, administrators, faculty and staff across the Enterprise while leading internal incident investigations, coordinating responses for external investigations, and serving as a resource to staff and students. We're looking for someone with a high degree of knowledge in the field of Information Security and a drive to keep important information safe.
DUTIES Plan, perform and implement information security compliance assessments including the independent analysis of results. Perform monitoring, audits and consulting, and information security training. Serve as part of the Computer Incident response team, lead internal investigations and coordinate responses to external investigations and audits. Coordinate responses to external investigations and audits including production of requested documentation and other materials. Appropriately identify information security risks across the UCLA Health System and David Geffen School of Medicine. Document findings, assess and advise on the appropriateness of corrective action plans, and track remediation progress. Analyze proposed systems, projects and software for potential information security and privacy issues. Serve as an information security resource for IT staff, faculty and physicians on a wide range of applications, platforms and protocols. Make recommendations for information security strategies and assessments, audit and monitoring plan implementation i Research and evaluate new and emerging information security technology.
Qualifications5+ years of Information Security experience. CISSP or equivalent Information Security certification preferred. Expert knowledge of information security issues and best practices Expert analytical skills to evaluate current security practices, identify compliance gaps, and propose remediation Experience in information security auditing or general compliance experience Knowledge of HIPAA Privacy and Security regulations; PCI Data Security Standards; NIST, ISO and other security standards