Join our Talent Network
Skip to main content
Candidate Feedback

*Important Notice:

Applying for Jobs:

Thank you for your continued interest in career opportunities with UNC Health! Please note the following:

  • Current teammates of UNC Health looking to apply for a position outside of their current payroll entity, please close this notice and continue your job search and application as an external applicant. Please be sure to use your personal email address and not your UNC Health email address.
  • Current teammates of UNC Health looking to apply for a position within their current payroll entity, please apply as an internal applicant through Employee Self Service. Teammates applying internally, please be sure to have your teammate ID and UNC Health email address availble.

Discovery Teammate Referral Program:

**This referral program is applicable to teammates within UNC Health's core facilities and divisions. This includes UNC Health Caldwell, UNC Health Chatham, UNC Health Alliance, UNC Hospitals (UNC Medical Center, UNC WakeBrook, UNC Hillsborough, and UNC Faculty Physicians), UNC Health Johnston, UNC Physicians Network, UNC Health Rex, UNC Rex Holly Springs, UNC Health Rockingham, and Shared Services.**

Current teammates, looking to refer someone? Check out our Teammate Referral Program to earn extra cash!

Current teammates, please ensure that you submit your candidate in our system, before they apply. For teammate referral guidelines and eligibility, click here.

HCS Information Security Analyst Senior - IT Security

This job posting is no longer active.

Job ID: 1151
Location: Morrisville, NC
Facility/Division: Shared Services
Status: Full Time
Shift: Day Job

Did you know UNC Health has Ranked #2 Most Trusted Healthcare Brand in the U.S.? The UNC Health brand was ranked as the #4 healthcare brand in the United States overall and the #2 most trusted healthcare brand, just after Johns Hopkins and before Mass General. Join our One-Great-Team!

Job Description


Become part of an inclusive organization with over 30,000 diverse employees, whose mission is to improve the health and well-being of the unique communities we serve.

This position may involve support of various hospitals and health care systems within the UNC Health Care System, but will be employed by Rex Hospital, Inc. (this includes, but is not limited to, for purposes of payroll, health benefits, retirement options, and applicable policies).

Information Security Analyst Sr provides a high level of technical expertise of information security appliances, software and hardware which deliver defense in depth protection of information technology resources and confidential data across the health system. Performs project management, requirements analysis, security systems design, and implementation of security technologies. Translates data to information to support risk based decision making.

Description of Job Responsibilities:

1. Vulnerability Management - Maintains inventories and inventory processes of information resources protected by security regulations so vulnerability assessments can be performed. Uses tools and processes to effectively carry out vulnerability testing. Monitors and improves vulnerability management processes and procedures. Interprets scanning or testing results and provides consultation to network, workstation, systems, or web-applications administrators regarding system and application weaknesses. Appropriately escalates issues presenting unacceptable risk to the institution. Monitors risk mitigation progress.

2. Security Architecture, Consulting and Evaluation - develops security architecture components for newly proposed information systems and technologies using diagrams and narratives. Assists in materializing security architecture into projects. Develops and maintains and applies tools, processes and procedures to evaluate suitability of security configuration and feature offerings of proposed systems.

3. Information Security Risk Analysis - Develops, maintains and applies tools, methods and processes to analyze risk from threats to confidential information. Writes appropriate recommendations that will bring risks to an acceptable level. Develops and delivers audience appropriate information security assessment and recommendation presentations and reports. Establishes and maintains sound metrics to track and demonstrate information security improvement and risk management. Prepares risk assessment reports for technical and executive audiences.

4. Security Incident Prevention, Detection and Handling - Develops, maintains, communicates and applies incident management policy, standards and procedures. Researches, evaluates, recommends, designs technical policies for and implements security technologies such as web content filtering systems, email filtering systems, end point protection systems, network firewall systems, intrusion prevention and detection systems (IDS/IPS), data loss protection (DLP) systems, security incident event management (SIEM) systems to prevent, detect and respond appropriately to threats to confidential information and information resources. Monitors security systems; recognizes anomalies of various systems, and handles or escalates appropriately. Writes professional and factual incident reports. Makes recommendations for recovery and prevention.

5. Data Analysis - Analyzes security threat intelligence, tunes and calibrates security systems to improve effectiveness. Analyzes and correlates network dataflow logs, web logs, computer and application user activity logs, and security incident logs for information relevant to a real or potential information security or privacy breach or to support decision making and risk mitigation.

6. Project Management - Lead discovery and information gathering sessions. Perform alternatives analysis documenting pros and cons, cost, feasibility, risk and other information to support a decision to select the best solution. Manage small to medium projects; assemble project participants to organize work to complete specific tasks on projects. Organize and facilitate meetings to identify and remove barriers, and to progress work. Follow-up with assignees on incomplete tasks and open issues. Provide detailed communication between disparate teams to keep project moving.

7. Other – Trains and assists less experienced information security staff and IT staff regarding security methods for systems they support. Takes on-call for urgent security events.

Other Information

Other information:
Education Requirements:
● Bachelor’s degree in Computer Science, Information Systems Management or a related field (or an equivalent combination of education, training and experience) required.
Licensure/Certification Requirements:
● No licensure or certification required.
Professional Experience Requirements:
● If a Bachelor's degree: Eight (8) years in professional IT positions, with 4 years of experience in related job functions required.
● If an Associate's degree: Twelve (12) years in professional IT positions, with 4 years of experience in related job functions required.
● If a high school diploma or GED: Sixteen (16) years in professional IT positions, with 4 years of experience in related job functions required.
Knowledge/Skills/and Abilities Requirements:
● #NAME?

Job Details

Legal Employer:

Entity: Shared Services

Organization Unit:  

Work Type: Full Time

Standard Hours Per Week: 40.00

Work Schedule: Day Job

Location of Job: US:NC:Morrisville

Exempt From Overtime: Exempt: Not Applicable

Share: mail
Testimonial: Esther Sizhe 7.24.23 image
Testimonial: Bethany Case image
Testimonial: Jaleese Davis 7.24.23 image
Testimonial: Kristin Johnson 3.1.23 image
Testimonial: Khai 5.25.23 image
Testimonial: Denise Waulters 7.24.23 image
Testimonial: Jennifer Masterson 2.8.23 image
Testimonial: Christine NeoNatal NP image
Testimonial: Elizabeth CV Sonographer image
Testimonial: Kristin Mooring 9.29.23 image
Testimonial: Jewel Lewis 9.29.23 image
Recent Job Searches
Recently Viewed Jobs

Diversity Statement

The UNC Health System and the UNC School of Medicine are committed to valuing all people throughout our organization, regardless of background, lifestyle, and culture. A diverse and inclusive work environment for staff and culturally appropriate care for our patients, are essential to fulfilling our UNC Health vision of improving the health of all North Carolinians.

Equal Employment Opportunity

UNC Health is an equal opportunity and affirmative action employer.

Qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, disability, status as a protected veteran or political affiliation.

All interested applicants are invited to apply for career opportunities. Please refer to our Employment Application Accessibility page if you need a reasonable accommodation to search and/or to apply for a career opportunity.

To verify employment eligibility, UNC Health is committed to Form I-9 and the E-Verify process.

Learn further E-Verify details in E-Verify (English) or E-Verify (Spanish).

UNC Health supports your right to work. View the Right of Work Statement (English) or Right of Work Statement (Spanish).

View the KNOW YOUR RIGHTS (English) or the KNOW YOUR RIGHTS (Spanish)posters.

View the PAY TRANSPARENCY (English) or the PAY TRANSPARENCY (Spanish)Nondiscrimination provision posters.

View the Federal Workplace poster. View our EEO/AA Policy Statement.