Senior IT Security Analyst – Risk Management

University of VirginiaVA
92d$74,922 - $149,843
Match Resume

About The Position

The Senior IT Security Analyst – Cybersecurity Operations is a highly skilled and technically proficient member of the Cybersecurity Operations team within the University of Virginia Health System Health IT (HIT) organization. This role is critical in deploying, configuring, operating, troubleshooting, and evaluating the effectiveness of a wide array of cybersecurity controls and services. The ideal candidate will have deep technical expertise and a passion for defending complex environments against evolving cyber threats.

Requirements

  • Bachelor’s degree.
  • 5-7 years relevant experience. Relevant experience may be considered in lieu of a degree.
  • CISSP or HCISPP or similar preferred.

Nice To Haves

  • Strong knowledge of cybersecurity frameworks, tools, and technologies across multiple domains.
  • Experience with SIEM, SOAR, EDR, DLP, CASB, vulnerability management, and cloud security platforms.
  • Proficiency in scripting and automation (e.g., Python, PowerShell).
  • One or more certifications: CISSP, GIAC, OSCP, GCIA, GCIH.

Responsibilities

  • Maintain cybersecurity technologies supporting cyber defense and Security Operations Center (SOC) functions.
  • Lead and support cybersecurity incident response, threat hunting, and detection engineering efforts.
  • Manage SIEM and SOAR platforms, including development of detection rules and automation playbooks.
  • Conduct digital forensics and analyze cyber threat intelligence to inform proactive defense strategies.
  • Implement and manage technologies that deliver UVA Health’s information protection and insider risk strategy including data loss prevention (DLP), UEBA, CASB, and email protection.
  • Perform vulnerability and attack surface management and ensure risks are addressed in a timely manner.
  • Endpoint security engineering to ensure appropriate OS hardening and security configuration of servers and workstations.
  • Secure Medical IoT and mobile/BYOD devices through policy configuration and enforcement using technical controls and passive vulnerability assessment tools.
  • Review and approve firewall changes, conduct firewall ruleset reviews, and manage network security configurations.
  • Conduct and facilitate third party offensive security testing and security control validation as needed, including penetration testing, application security testing, and adversary simulation.
  • Validate the effectiveness of security controls through continuous testing and measurement.
  • Participate in purple team and blue team exercises to validate and enhance security posture.
  • Collaborate with DevOps teams to integrate security into the software development lifecycle and CI/CD pipelines (DevSecOps).
  • Monitor and manage web application firewalls.
  • Implement cloud security guardrails, security posture management, and security monitoring.

Benefits

  • Comprehensive Benefits Package: Medical, Dental, and Vision Insurance.
  • Paid Time Off, Long-term and Short-term Disability, Retirement Savings.
  • Health Saving Plans, and Flexible Spending Accounts.
  • Certification and education support.
  • Generous Paid Time Off.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service