Special Selection Applicants : Apply by 02/21/24. Eligible Special Selection clients should contact their Disability Counselor for assistance. This position will work a hybrid schedule which includes a combination of working both onsite at Towne Centre Drive and remote. DESCRIPTION This is a position in the Center for Healthcare Cybersecurity and the Health Information Security Operations team as an Information Security Analyst with additional domain expertise in emergency management and business continuity. The primary responsibility includes developing and supporting UCSD Health’s Cyber Resilience Strategy and working with the newly formed Center for Healthcare Cybersecurity on Projects to support research related to supporting the Healthcare industry’s Cyber readiness. This role requires a technical leader with a high degree of knowledge in the overall field and recognized expertise in specific areas; problem-solving frequently requires analysis of unique issues/problems without precedent and/or structure. May manage programs that include formulating strategies and administering policies, processes, and resources; functions with a high degree of autonomy. Seeking candidates with experience defining the security requirements for safeguarding Healthcare systems and supporting Clinical units with technical and administrative readiness who are also open to cross training with emergency management or business continuity professionals to develop a foundational understanding of emergency management, disaster preparedness, and business continuity principles and practice in order to better protect health care systems against a variety of emergencies arising from hostile cyber threats. This position will serve as a subject matter expert in the area of cybersecurity and work on a regular basis with a cross-functional team comprised of emergency management and technical stakeholders to achieve the goals of a federal research contract. MINIMUMM QUALIFICATIONS Nine (9) years of related experience, education/training, OR a Bachelor’s degree in related area plus five (5) years of related experience/training. Related experience: System administration and enterprise server support. Professional experience and proven success, monitoring, detecting, protecting and maintaining the security of data, systems and networks using IT security systems and tools. Thorough understanding of the risk assessment requirements and demonstrated skills to conduct, analyze and document risk assessments at the enterprise level as defined in HIPAA and HITECH. Advanced knowledge of IT security. Extensive expertise in security policy creation and compliance monitoring, auditing methodology, and conducting technology risk assessments. Advanced experience with web application and network/endpoint vulnerability scanning and remediation, pen testing, sensitive data discovery and data loss prevention systems. Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks. Understanding of network/host firewalls, application gateways/proxies, anti-malware, patch management, disk encryption, centralized configuration, log management, system hardening practices, etc. Advanced experience in incident response and digital forensics including reporting. Expert knowledge of forensic processes, standards and tools. Broad knowledge of other areas of IT. Knowledge of networking technology. Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies. Expert understanding of cryptography and strengths/weaknesses of various encryption ciphers and hash functions. Demonstrated skill at analyzing and preventing security incidents of high complexity. Demonstrated knowledge of secure hardware, software and network design techniques. Ability to give work direction, create task assignments, and give instructions to subordinate technical staff to accomplish project goals/milestones. Demonstrated ability to effectively prioritize tasks, manage time, organize activities and deliver overall high productivity. Works with a high degree of autonomy. Ability to function well in stressful situations, under tight deadlines, and in a generally fast-paced work environment. Advanced interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization. Ability to quickly develop knowledge of department processes and procedures. PREFERRED QUALIFICATIONS Experience in managing and setting up disaster recovery solutions in Healthcare environment. Business impact analysis experience. SPECIAL CONDITIONS Must be able to work various hours and locations based on business needs. Employment is subject to a criminal background check and pre-employment physical. Pay Transparency Act Annual Full Pay Range: $101,200 – $192,200 (will be prorated if the appointment percentage is less than 100%) Hourly Equivalent: $48.47 – $92.05 Factors in determining the appropriate compensation for a role include experience, skills, knowledge, abilities, education, licensure and certifications, and other business and organizational needs. The Hiring Pay Scale referenced in the job posting is the budgeted salary or hourly range that the University reasonably expects to pay for this position. The Annual Full Pay Range may be broader than what the University anticipates to pay for this position, based on internal equity, budget, and collective bargaining agreements (when applicable).
application-security System administration risk management Information Security Analyst network-security Incident response HIPAA disaster-recovery cryptography