Position Details

Type Full-Time

Experience entry

Exp. Years 0-1 years

Education Bachelor's degree in Computer Science or Information Systems (with cybersecurity concentration) required; or Associate's degree with cybersecurity concentration plus one year of relevant IT/Systems experience in lieu of Bachelor's.

Category Cybersecurity

About this role

Associate Information Security Analyst - GRC supports UHS's governance, risk, and compliance objectives by assisting with risk management, compliance initiatives, and security control implementation.

Key Responsibilities

Assist with the implementation and operation of security controls
Research and resolve security-related tickets
Monitor security alerts and dashboards daily
Assist with risk and vulnerability assessments and updating risk registers
Provides on-call support and regular communications with user community

Technical Overview

Role involves implementing and maintaining security controls aligned with UHS policies, monitoring security operations, and assisting with risk/vulnerability assessments; exposure to NIST, ISO, CIS, and HIPAA frameworks; uses SIEM and AD alongside encryption and incident response basics.

Ideal Candidate

The ideal candidate is an entry-level GRC analyst with a strong foundation in information security and regulatory compliance, capable of supporting risk management activities and the governance of security controls within a healthcare environment.

Must-Have Skills

Bachelor's degree in Computer Science or Information Systems (cybersecurity concentration) requiredExcellent communicationinterpersonal and project management skills

Nice-to-Have Skills

Knowledge of NISTISOCISand HIPAA frameworksVendor and Third-Party Risk ManagementThreat intelligence and log analysis

Tools & Platforms

Active DirectorySecurity Information and Event Management (SIEM)Vulnerability scannersThreat intelligence platformsChange management systems

Required Skills

Bachelor's degree in Computer Science or Information Systems (cybersecurity concentration); basic understanding of ADIDS/IPSweb filteringvulnerability scanningencryptionSIEMCVEHIPAA; risk management and regulatory compliance; strong communication

Hard Skills

Active DirectoryADIDS/IPSIntrusion Detection/Prevention SystemsWeb filteringVulnerability scanningVulnerability scannersEncryptionData at rest and data in transitMobile device managementMDMForensic analysisSecurity Information and Event ManagementSIEMCommon Vulnerabilities and ExposuresCVEAnti-VirusDevice ControlNISTISOCISHIPAARisk managementRegulatory compliance

Soft Skills

communicationinterpersonal skillsattention to detailproblem solvingtime managementteam collaborationability to prioritize multiple tasksattention to deadlines

Industry & Role

Industry Healthcare & Medical

Job Function Support governance, risk, and compliance for UHS information security

Role Subtype GRC Analyst

Tech Domains Active Directory, Cybersecurity, Security Information and Event Management, Vulnerability Management, Encryption, Mobile Device Management

Keywords for Your Resume

grc analystgovernance risk and complianceinformation securitycybersecurityactive directoryadsiemsecurity information and event managementvulnerability managementrisk managementregulatory compliancehipaanistciscveencryptiondata at restdata in transitmdmforensic analysisvulnerability scannerssecurity controlsincident responsebachelor's degreeinformation systems

Deal Breakers

Bachelor's degree in Computer Science or Information Systems (cybersecurity concentration) required

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile