Senior Information Security Analyst

WHY UT SOUTHWESTERN?
With over 75 years of excellence in Dallas-Fort Worth, Texas, UT Southwestern is committed to excellence, innovation, teamwork, and compassion. As a world-renowned medical and research center, we strive to provide the best possible care, resources, and benefits for our valued employees. Ranked as the number 1 hospital in Dallas-Fort Worth according to U.S. News & World Report, we invest in you with opportunities for career growth and development to align with your future goals. Our highly competitive benefits package offers healthcare, PTO and paid holidays, on-site childcare, wage, merit increases and so much more. We invite you to be a part of the UT Southwestern team where you'll discover a culture of teamwork, professionalism, and a rewarding career!

JOB SUMMARY
We're looking for an Information Security professional to support and enhance cybersecurity across a decentralized healthcare environment for UT Southwestern. This role protects the confidentiality, integrity, and availability of sensitive data, including patient information. Responsibilities include Implement and promote security best practices; monitor security systems and identify threats, perform risk assessments and address vulnerabilities, ensure compliance with HIPAA and internal policies, collaborate with teams across the organization to strengthen security posture. Our ideal candidate has a strong cybersecurity background, ideally in healthcare, knowledge of risk management and regulatory requirements, and effective communication and collaboration skills. This position is 100% remote with occasional on-site meetings. Incumbent must reside in Texas.

BENEFITS
UT Southwestern is proud to offer a competitive and comprehensive benefits package to eligible employees. Our benefits are designed to support your overall wellbeing, and include:

• PPO medical plan, available day one at no cost for full-time employee-only coverage
• 100% coverage for preventive healthcare-no copay
• Paid Time Off, available day one
• Retirement Programs through the Teacher Retirement System of Texas (TRS)
• Paid Parental Leave Benefit
• Wellness programs
• Tuition Reimbursement
• Public Service Loan Forgiveness (PSLF) Qualified Employer
• Learn more about these and other UTSW employee benefits!

EXPERIENCE AND EDUCATION

Required
Education
High School Diploma or equivalent.

Experience
3 years' experience in information security, cybersecurity operations, incident response, security engineering, or a related technical security discipline or extensive demonstrated hands-on experience using security tools and technology, including vulnerability management, encryption, monitoring systems, and email gateway security solutions.
Additional education and/or technical training may be considered in lieu of experience.

Licenses and Certifications
Must possess one or more of the following, or obtain within one year of hiring:
CompTIA Security+, or CISSP, or CISM, or CEH, or GIAC within 1 Year. Or
Other similar industry-recognized security-related certifications within 1 Year.

Preferred
Education
Bachelor's Degree in a computer science and technology or related field.

JOB DUTIES

• Security Incident Response & Forensics: Direct responses to security incidents to prevent further loss, obtain and preserve forensic evidence, and lead root cause analysis efforts to identify improvement opportunities. Maintain a database of security incidents and provide reports to leadership, university management, and external regulatory agencies. Work closely with IT, disaster recovery, and application support teams, including the service desk, to ensure rapid incident response and recovery.
• Security Safeguards & System Protection: Assist technical support staff in identifying and implementing appropriate security safeguards, ensuring compliance with security patch applications, antivirus management, and virus protection policies. Oversee Active Directory protection alerts and remediation to maintain system integrity. Collaborate with the IT team to support the disaster recovery plan and ensure alignment with security protocols.
• Email Gateway & Endpoint Security: Respond to email gateway alerts, manage quarantine folder reviews, and coordinate email gateway agent updates. Conduct regular reviews of the EDR (Endpoint Detection and Response) and SIEM portals for potential security threats, ensuring prompt remediation of identified issues.
• Monitoring & Reporting: Aggregate and analyze SIEM logs to detect and respond to security events. Administer and review data loss prevention (DLP) tools and TRAP (Threat Response and Adaptive Protection) alerts, ensuring the organization's data is safeguarded. Deliver monthly metrics reports, project updates, and yearly penetration testing results to leadership.
• Training & Awareness Programs: Provide security training and awareness programs for technical and non-technical users. Disseminate security notices and alerts, coordinating campus-wide security collaboration and communication initiatives.
• Surveillance & Access Control: Review quarterly reports to identify and address security concerns related to physical access control systems.
• Collaboration with IT and Support Teams: Work closely with IT, disaster recovery, application support teams, and the service desk to ensure that security measures are integrated across all technology functions. Coordinate efforts to resolve service desk tickets related to security incidents and support disaster recovery planning and execution.
• Reporting & Leadership Communication: Prepare technical briefings, reports, and slide presentations on security incidents, trends, and initiatives for leadership, ensuring ongoing communication about the organization's security posture.
• Provide the management team with intel, threat updates, and escalations, while supporting the Governance, Risk, and Compliance (GRC) and Third-Party Risk Management (TPRM) teams by delivering critical information from security tools to ensure informed decision-making and effective risk management.
• Performs other duties as assigned.

SECURITY AND EEO STATEMENT

Security
This position is security-sensitive and subject to Texas Education Code 51.215, which authorizes UT Southwestern to obtain criminal history record information. To the extent this position requires the holder to research, work on, or have access to critical infrastructure as defined in Section 117.001(2) of the Texas Business and Commerce Code, the ability to maintain the security or integrity of the critical infrastructure is a minimum qualification to be hired and to continue to be employed in the position.

EEO
UT Southwestern Medical Center is committed to an educational and working environment that provides equal opportunity to all members of the University community. As an equal opportunity employer, UT Southwestern prohibits unlawful discrimination, including discrimination on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity, gender expression, age, disability, genetic information, citizenship status, or veteran status.