You can provide the tools necessary to deliver cutting-edge health care and groundbreaking research. As part of our Information Technology team, you’ll ensure that our medical professionals have access to the latest breakthroughs in technology, and you’ll play a key role in protecting our global patient community.
The Senior IT Risk Analyst at UCLA Health Sciences plays a central role in the risk assessment lifecycle for both new and existing solutions.
The responsibilities include performing risk assessments and developing risk management tactics and strategies and sustaining a thorough understanding of the IT needs for both third-party and security assessments. This understanding is achieved by building strong relationships and developing collaborative solutions that align with the stakeholders’ needs.
The Analyst must also be able to operate within both structured and unstructured environments and various levels of process maturity. The Analyst is responsible for ensuring the timely delivery of third-party and security assessments to protect sensitive data, critical systems, and infrastructure. This role involves regular engagement with enterprise stakeholders, IT technical teams, and vendors, enforcing compliance with UCLA Health Sciences’ policies, procedures, HIPAA/FERPA standards, and all other relevant regulations.
In addition, the Analyst must display thoughtful decision-making skills, meticulously weighing the risk and business impact of each choice. They should also be proficient at conveying the rationale behind their decisions to a diverse audience, including both technical and non-technical individuals. Being well-organized and committed to keeping all information current and accurately managed is also a significant part of this role.
This is a flex-hybrid role which will require you to be onsite at least six days a quarter or as needed by operational need. Please note that there are no reimbursements for travel to “home office” location.
Each employee must complete a FlexWork Agreement with their manager which will outline arrangement parameters and aids both parties in fully understanding expectations. Arrangements are regularly evaluated, and are subject to termination.
Salary offers are determined based on various factors including, but not limited to, qualifications, experience, and equity. The full salary range for this position is $95,900 – $222,100 annually. The budgeted salary or hourly range that the University reasonably expects to pay for this position is approximately between the minimum and $150,000 annually.
This is a one year contract role. Contracts may convert to career.
• Bachelor’s degree in Computer Science, Engineering, Information Systems (or similar) OR 5+ years of relevant professional experience in Information Security or IT Risk Management, preferably in healthcare
• In-depth knowledge of research IT needs at an academic medical center and familiarity with vendors and purchasing processes.
• Relevant information security certifications preferred (e.g., CISSP, CISA, CISM, CRISC, or GIAC)
• Proven experience in cyber risk assessments, preferably within the healthcare or educational sector.
• Demonstrated skill in establishing and maintaining cooperative working relationships.
• A strong sense of customer service and attention to detail
• Ability to work independently, setting goals and priorities.
• Confidence to follow-up and champion critical findings, follow through and deliver timely results.
• Strong understanding of IoT/IoMT devices and their security implications.
• Excellent communication skills, both written and verbal, with the ability to effectively communicate technical concepts to diverse audiences.
• Strong interpersonal skills and the ability to collaborate and build partnerships with various stakeholders.
• Analytical mindset with the ability to think critically and assess complex cyber risks.
• Strong problem-solving skills and the ability to provide practical recommendations for risk mitigation.
• Proficient knowledge of hardware/software architecture and domains in IT operations with a focus on governance, risk and compliance.
• Ability to understand large, complex systems.
• An understanding of communications and network vulnerabilities.
• Knowledge of personal computer and mobile architectures, OS and applications.
• Understanding of legal and regulatory compliance standards and requirements against data and IT, including HIPAA, FERPA, Payment Card Industry Data Security Standard (PCIDSS), ISO27001, NIST and COBIT.
• Knowledge of products which protect systems, such as Intrusion Prevention Systems (host- and network-based), Firewalls, Security Event Management Systems, port scanning and vulnerability identification, monitoring and logging mechanisms, etc.
• Familiarity with multiple software types at the application and enterprise levels.
• Possess the verbal and written communication skills to work effectively with technical and non-technical personnel at various levels in the organization; ability to use standard English grammar and punctuation.
• Proficient in Microsoft Office product suite (MS Outlook, Word, PowerPoint, and Excel).
EMPLOYMENT SCAM ALERT:
UCLA Health Recruitment is currently being targeted by scam artists through external job board sites. Review some tips in order to avoid becoming targeted. El reclutamiento de salud de UCLA actualmente está siendo atacado por estafadores a través de sitios de juntas de trabajo externos. Revisar algunos consejos para evitar ser apuntado.
“The environment is nurturing and fosters growth. When I come to work, I know what I'm doing matters.”
VINCENT, Sr. CLS Specialist, Toxicology
MONICA
I've been blessed to touch so many lives through my serving. It's a privilege to uplift other employees with words of encouragement and a smile.
SOZIT
The first thing i noticed when i joined the team was how everyone is very welcoming and friendly with supportive management. I did not feel like an outsider.
EDGAR
Once I joined, I knew UCLA Health was THE place to be due to the growth potential and training offered
RENE
If you want to grow professionally, this is the right place for you.
ERA
We are family here. We support each other. We collect together.
ELIZABETH
It’s so diverse and inclusive here. There’s always the opportunity to share your thoughts. It's a place where you feel you belong.
JERRY
Your career path at UCLA Health will enable you to follow a myriad of avenues and turns. It opens up a wide variety of opportunities.
ORLANDO
There’s a togetherness and higher level of commitment to teamwork at UCLA Health. We are several groups and teams that work together with a common goal which is to improve our patients experience.
DAVID
UCLA Health walks the walk and talks the talk! It's an incredible feeling to work for an organization that always puts the patient first. I am honored to work in full alignment with the UCLA Health Mission and Vision.
DR. ISLA GARRAWAY
UCLA has incredible resources and a team science approach. The ability to work with collaborative teams and access the amazing resources around campus is the best part about being at UCLA.
RADU
UCLA is very diverse in its personnel as well as its many research fields studied
JENNA
UCLA Health provides so many opportunities to exchange ideas, share moments and grow. I have learned a lot about team management and relationship building.
SHARON
I was looking for a job to further my career and continue to improve and learn as a therapist.
TARO
I have been blessed to be surrounded by supportive colleagues who aspire me to be the best version of myself.