Information Security Analyst - (Onsite & Remote (hybrid) working schedule required)
If you are a current University Health or University Health Physicians employee and wish to be considered, you must apply via the internal career site. Please log into to search for positions and apply. Information Security Analyst - (Onsite & Remote (hybrid) working schedule required)101 Truman Medical Center Job Location Truman Support Center, University Health Truman Medical CenterKansas City, Missouri Department IT Security Position Type Full time Work Schedule 8:00AM - 4:30PM Hours Per Week 40
Job Description
At University Health KC, cybersecurity is more than technology — it’s about protecting patients, safeguarding critical healthcare systems, and ensuring trust across every interaction. We are seeking a driven and highly analytical Information Security Analyst to help strengthen and advance our enterprise security program. In this role, you’ll work at the intersection of healthcare, technology, compliance, and risk management to defend systems that directly support patient care and organizational operations. This is an opportunity for an IT security professional who thrives in a mission-critical environment, enjoys solving complex security challenges, and wants to make a measurable impact in a rapidly evolving healthcare ecosystem. Why This Role Matters Healthcare is one of the most targeted industries for cyber threats. As part of our Information Security team, you’ll play a key role in protecting sensitive patient information, securing enterprise infrastructure, supporting regulatory compliance, and helping shape the future of cybersecurity across our organization. You won’t just respond to threats — you’ll help prevent them. What You’ll Do Enterprise Security Operations
- Support and maintain enterprise security technologies and infrastructure in collaboration with strategic technology partners
- Assist in maintaining high availability, resiliency, and operational security performance
- Participate in system maintenance activities and ongoing security optimization initiatives
Risk Assessment & Security Compliance
- Evaluate new applications, systems, and technologies for alignment with security standards and best practices
- Support security risk assessments, audits, and remediation activities
- Help ensure compliance with HIPAA Security and Privacy standards, NIST frameworks, and organizational policies
Threat Monitoring & Incident Response
- Analyze security reports, system logs, alerts, and audit findings to identify potential security threats or violations
- Coordinate and support information security incident investigations and reporting efforts
- Assist with vulnerability identification and mitigation across enterprise environments
Security Awareness & Collaboration
- Promote a culture of cybersecurity awareness through education, training, and communication
- Partner with technical and operational teams to improve security posture organization-wide
- Collaborate with internal stakeholders and external technology providers to strengthen security operations
What You Bring Minimum Qualifications:
- Bachelor’s degree in Information Technology, Cybersecurity, or related field — or equivalent combination of education, training, and experience
- Minimum of 2 years of information security experience plus 5 years of professional-level IT experience
- Strong understanding of information security principles, technologies, and operational practices
- Knowledge of HIPAA Security & Privacy requirements and NIST frameworks
- Experience identifying and mitigating network and infrastructure vulnerabilities
- Familiarity with:
Cisco firewalls Splunk Antivirus platforms Intrusion Detection/Prevention Systems (IDS/IPS) Linux and Windows environments
- Strong communication, analytical thinking, and independent decision-making skills
Preferred Qualifications:
- Industry certifications such as:
CISSP CISM CISA CHPC
- Healthcare industry experience
- Experience working in regulated or mission-critical environments