Vulnerability Management Senior Analyst

Description
Penn Medicine is dedicated to our tripartite mission of providing the highest level of care to patients, conducting innovative research, and educating future leaders in the field of medicine. Working for this leading academic medical center means collaboration with top clinical, technical and business professionals across all disciplines.

Today at Penn Medicine, someone will make a breakthrough. Someone will heal a heart, deliver hopeful news, and give comfort and reassurance. Our employees shape our future each day. Are you living your life's work?

Department: IS Cybersecurity

Location: 3400 Spruce Street, Philadelphia, PA

Summary:

• The Vulnerability Management Analyst works with the Threat & Vulnerability Operations team, which provides support to various other cybersecurity and information services teams within the Penn Medicine environment. The role ensures the effective use and distribution of vulnerability-related data through the design of reporting strategies and the creation of reporting artifacts. This role requires the ability to independently analyze enterprise vulnerability management data and identify trends, problems, and areas of improvement. The successful candidate will have an expert level knowledge of the vulnerability data lifecycle, including technical acquisition techniques, data cleanup, quality assessment, normalization, transformation, verification, and reporting. They will provide meaningful insight based on the data that will drive future vulnerability management efforts and provide recommendations to decision makers. The role will work with the other professionals in cybersecurity and information services to create consolidated reporting across these areas and to provide specialized reporting to meet specific objectives.

Responsibilities:

• Analyze and report on enterprise vulnerability management data from multiple sources in various formats as standalone or merged data sets
• Develop insights that lead to short- and long-term improvements in the enterprise vulnerability management program
• Communicate complex information to stakeholders in a concise and understandable manner
• Analyze data to assist with identifying risk and prioritizing remediation efforts
• Assist others with developing reporting and providing analysis around enterprise vulnerability data
• Ensure that organization's core values and vulture are embedded into all aspects of team's work
• Work with key stakeholders throughout the organization to build relationships based on an understanding of stakeholder needs and actions consistent with the company's standard of service
• Provide reporting and analysis to demonstrate program effectiveness, drive improvements in maturity and stakeholder awareness, and develop strategic programs
• Work with third-party providers to assess, report, remediate, and measure the effectiveness of team objectives
• Performs duties in accordance with Penn Medicine and entity values, policies, and procedures
• Other duties as assigned to support the unit, department, entity, and health system organization

Education or Equivalent Experience:

• High School Diploma/GED (Required)
• 3+ years of familiarity with security standards and frameworks (Required)
• 5+ years of experience with vulnerability management tools (Required)
• 7+ years of experience with vulnerability management technology, process, and programs (Required)
• 0-1 years of experience in healthcare and academia. (Preferred)
• 0-1 years of experience with penetration testing tools (Preferred)
• Information security certification (Preferred)

We believe that the best care for our patients starts with the best care for our employees. Our employee benefits programs help our employees get healthy and stay healthy. We offer a comprehensive compensation and benefits program that includes one of the finest prepaid tuition assistance programs in the region. Penn Medicine employees are actively engaged and committed to our mission. Together we will continue to make medical advances that help people live longer, healthier lives.

Live Your Life's Work

We are an Equal Opportunity employer. Candidates are considered for employment without regard to race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, familial status, genetic information, domestic or sexual violence victim status, citizenship status, military status, status as a protected veteran or any other status protected by applicable law.