Associate Information Security Analyst - Vulnerability Management

Universal Health Services•Tredyffrin, PA

34d

About The Position

One of the nation's largest and most respected providers of hospital and healthcare services, Universal Health Services, Inc. (NYSE: UHS) has built an impressive record of achievement and performance. Growing steadily since its inception into an esteemed Fortune 300 corporation, annual revenues were $15.8 billion in 2024. During the year, UHS was again recognized as one of the World's Most Admired Companies by Fortune; and listed in Forbes ranking of America's Largest Public Companies. Headquartered in King of Prussia, PA, UHS has approximately 99,000 employees and continues to grow through its subsidiaries. Operating acute care hospitals, behavioral health facilities, outpatient facilities and ambulatory care access points, an insurance offering, a physician network and various related services located all over the U.S. States, Washington, D.C., Puerto Rico and the United Kingdom. www.uhs.com The Corporate Information Services Department is seeking a dynamic and talented Associate Information Security Analyst - Vulnerability Management. As a member of the Cybersecurity team, the Associate Information Security Analyst - Vulnerability Management, supports and assists with the implementation and maintenance of UHS applications or systems intended to protect the confidentiality, integrity and availability of UHS and affiliates Information Services assets. The candidate will focus on identifying, analyzing, and coordinating remediation of security vulnerabilities across systems and applications, helping ensure the organization maintains a strong, and proactive cybersecurity posture. Monitors the resolution of maintenance or enhancement issues assigned by the UHS Customer Support Center or more senior members of the Information Security Team. Implements modifications to existing applications that will effectively accomplish desired objectives, with guidance from more senior team members. Provides technical support to UHS entities as needed. Meets deadlines and ensures continued progress toward assignment completion. Shares experience with other members of team.

Requirements

This position requires a Bachelor's degree in Computer Science or Information Systems, with a concentration in cybersecurity highly preferred. No working experience is required. Up to one year of Information Technology or Systems experience would enhance the skills and abilities necessary to perform this job. An Associate's Degree in Computer Science or Information Systems, with a concentration in cybersecurity highly preferred AND one year of relevant Information Technology or Systems experience may be considered in lieu of the Bachelor's degree.
Basic understanding of the following or similar information security technologies: Active Directory Intrusion detection/prevention systems (IDS/IPS) Web filtering Vulnerability scanners/remediation Encryption technologies for data at rest and data in transit Mobile device and removable media protection or management systems Forensic analysis Security Information and Event Management (SIEM) systems Common Vulnerabilities and Exposures (CVE) databases Anti-Virus Device Control
Basic knowledge of information security best practice standards or frameworks.
Basic knowledge of general IS standards and quality methods and metrics.
Basic knowledge of project management methods.
Basic knowledge of security vulnerability management.
Basic knowledge of security penetration testing and ethical hacking best practices.
Familiarity with vulnerability management concepts (CVEs, CVSS, patches, misconfigurations).
Exposure to vulnerability scanning tools such as Qualys, Tenable, Rapid7, or similar.
Has a general familiarity with business practices, concepts and terminology sufficient to support the security applications or systems and communicate effectively with colleagues.
Able to prioritize multiple tasks and be details oriented.
Excellent communication, interpersonal and project management skills

Responsibilities

Regularly meets with users, vendors, and IS staff to develop/modify system specifications.
Assists with the implementations of security solutions and prepares the appropriate documentation.
Researches and resolves technical security-related tickets.
Adheres to appropriate UHS Project Management standards.
Ensures strict adherence to work plans, reporting all serious deviations to management.
Assists with the training of users in operating procedures for security solutions.
Researches and resolves tickets including major security solution implementations and upgrades.
Perform routine vulnerability scanning, analysis, and validation to identify security weaknesses across systems, applications, and network assets.
Coordinate with IT teams to track and verify remediation activities, ensuring timely closure of high-risk vulnerabilities and accurate reporting to leadership.
Assists with Vendor and Third Party Risk Management.
Adheres to UHS Service Level and Change Management Policies.
Provides on-call support as scheduled.
Establishes and maintains regular communications with user community.
Maintains Service Excellence principles.
Prepares and submits status reports to supervisor as required.Keeps management well informed of activities, needs, problems.