🌎
This job posting isn't available in all website languages

(While navigating through the site, please be sure to disable your pop-up blocker.)


📁
Information Technology
💼
📅
150354 Requisition #
Sign Up for Job Alerts

The primary purpose of the Senior Information Security Analyst position is to function as a resource that will contribute towards the development, implementation and maintenance of the institution's information security technologies, standards, workflow and processes.  This experienced resource will be expected to function as a self-sufficient self-starter in a team-oriented environment.  This resource will actively work to develop recommendations and mitigation strategies to ambiguous technical information security issues and emerging technologies. This resource will counsel interdepartmental personnel on institutional information security policies, regulatory compliance issues, security best practices, and provide training as required.  This resource will provide information security guidance to inter-departmental and cross-functional work groups as needed to ensure successful integration of and exposure to security policies, procedures, risk assessment process workflow and supporting processes.  This resource will be expected to actively contribute to departmental continuous process improvement initiatives. This resource will function as a technical resource to Security Analysts and other IT personnel.  This resource will be expected to develop and maintains documentation for all assigned projects.

I

nformation Security Risk Management Program Support  
Facilitate and coordinate information security risk assessment program support to include: application/cloud security risk assessments, vendor solutions/protocol study reviews/clearance, medical device security reviews and associated contract rider reviews.
Facilitate and coordinate continued partnership development with customer information security program initiatives and related process work flow / procedures documentation development.

 

Risk Advisory Services Program Support  
Demonstrate Advisory Engagement Work papers: (meeting agendas, meeting notes, issues tracking, recommendations, other project related artifacts, etc.) in support of customer risk assessments / engagements / cross-functional work groups.
Perform application risk assessments in support of Epic (EHR) and related Tier 0/1 systems, 21 CFR Part 11 related applications, research IRB / OPR information security programs, and Tier 2 & 3 applications, and track related customer reporting.
Provide backup support for CAB, as needed, and customer Firewall, Accounts, DNS request support, tracking and reporting.

 

Process Improvement   
Actively contribute to the departmental OneIS - Anderson Award Goals.
Participate in, or facilitate in a department or service line process improvement or an OneIS division process improvement initiative.
Contribute to RM process improvement initiative focused on Risk team customer service.
Contribute to the departmental metrics development initiative and success.

 

Annual Professional Certification Training and Personal Development Plan   
Attend annual professional certification training:
Attend Educational Center soft skills course:
Maintain Personal Development Plan:
 

Education Requried: Bachelor’s degree in Computer Information Systems, Business Information Systems, Computer Science or related field.

 

 

Experience Requried: Five years of information security experience, to include experience in multiple security domains. May substitute required education degree with additional years of equivalent experience on a one to one basis or completed years of college on a one to one basis. 

 

 

Onsite Presence: Is Required
 

 

It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law. http://www.mdanderson.org/about-us/legal-and-policy/legal-statements/eeo-affirmative-action.html

My Submissions

Track your opportunities.

My Submissions

Similar Listings

United States, Texas, Houston, Houston (TX Med Ctr)

📁 Information Technology

Requisition #: 146142

United States, Texas, Houston, Houston (TX Med Ctr)

📁 Information Technology

Requisition #: 143280

United States, Texas, Houston, Houston (TX Med Ctr)

📁 Information Technology

Requisition #: 145785