No experience
Employment Type:
Job Category:
Information Services
Health Care & Medicine
Security Analyst
(This job is no longer available)
UCLA Health | Los Angeles, CA
Grad Date

Not sure what types of jobs you are interested in?

Explore Jobs
Based on Your Education

Follow This Company

Job Description

Job Duties
Under the general guidance of the Chief Information Security Officer, the Security Analyst will be a technical leader with a high degree of knowledge in the overall field of Information Security. Plan, perform and implement information security compliance assessment including the independent analysis of results. Perform monitoring, audits and consulting, and information security training (both on-line and in-person in front of small and large groups). Serve as part of the Computer Incident response team, lead internal investigations and coordinate responses to external investigations and audits. Appropriately identify information security risks across the UCLA Health System and David Geffen School of Medicine. Work with Privacy staff to assist in identifying privacy risks. Develop and execute effective compliance, audit or work programs. Identify and analyze internal controls, identify ways to improve security. Document findings, assess and advise on the appropriateness of corrective action plans, and track remediation progress. Provide summary reports to management. Serve as an information security resource for IT staff, faculty and physicians. Analyze proposed systems, projects and software for potential information security and privacy issues. Analyze network scans and follow up with users on issues. Research and evaluate new and emerging information security technology. Information Security Compliance Assessment, Audit and Monitoring Plan and perform information security compliance projects, identify associated compliance gaps, risks and opportunities in client departments and operations. Design, distribute, collect assessment surveys; enter results into database and summarize results. Perform walk-throughs and onsite inspections. Document issues, assess appropriateness of and advise on corrective action plans, and track remediation. Advise and work with the ISS risk assessment team on standard assessments of new projects. Provide reports to management on information security compliance status. Information Security Compliance Response and Prevention Lead investigation of incidents, review logs, correlate events, document findings, interface with forensic and ISS teams. Coordinate responses to external investigations and audits including production of requested documentation and other materials. Information Security Consultant Serve as an information security resource for IT staff, faculty and physicians on a wide range of applications, platforms and protocols such as Microsoft Windows, IIS, SQL Server, Linux, Mac OS, (Linux), mobile device encryption, firewalls, routers, switches, DHCP, HTTP, HTTPS, FTP, SMTP, DICOM, application vulnerability scanning, etc. Research and identify Information Security best practices. Analyze proposed systems, projects and software for potential information security and privacy issues. Analyze network scans and follow up with users on issues. Research and evaluate new and emerging information security technology. Assist Chief Information Security Officer in responding to any security incidents and other issues as required. Training and Training Content Development and Administration Perform information security-related training as necessary for all areas of the university (faculty, staff students). Research and develop content for presentations, security bulletins, information security web pages and other training materials. Program Development Make recommendations for information security strategies and assessments, audit and monitoring plan implementation in compliance with laws, regulations, contractual requirements and university policy. Understand university culture and incorporate this understanding into recommendations and proposals so they will achieve greatest results while building or maintaining agreement or consensus. Actively continue professional education and maintain and expand professional competencies.

Job Qualifications
5+ years of Information Security experience. CISSP or equivalent Information Security certification preferred. Expert knowledge of information security issues and best practices Expert analytical skills to evaluate current security practices, identify compliance gaps, and propose remediation Experience in information security auditing or general compliance experience Knowledge of HIPAA Privacy and Security regulations; PCI Data Security Standards; NIST, ISO and other security standards

About UCLA Health

For more than half a century, UCLA Health  has provided the best in healthcare and the latest in medical technology to thepeople of Los Angeles and throughout the world. Today we are one of the most comprehensive and advanced healthcare systems in existence. We are comprised of Ronald Reagan UCLA Medical Center, UCLA Medical Center, Santa Monica, Resnick Neuropsychiatric Hospital at UCLA, Mattel Children’s Hospital UCLA, and the UCLA Medical Group, with offices throughout the region.

Ronald Reagan UCLA Medical Center is consistently ranked by U.S.News & World Report as one of the top five hospitals in the nation and the best medical center in the western United States. The doctors, scientists and caregivers of UCLA are leaders in their fields. Every day, they perform pioneering work across an astounding range of disciplines, from organ transplantation and cardiac surgery to neurosurgery and cancer treatment. Year after year, our people have achieved medical breakthroughs and earned the highest industry honors. And we’re just getting started.

The dedicated professionals of UCLA Health are committed to healing humankind, one patient at a time, by improving health, alleviating suffering, and delivering acts of kindness on a daily basis.