Information Security Analyst I - Application Security (Penetration Testing)

Responsibilities

One of the nation's largest and most respected providers of hospital and healthcare services, Universal Health Services, Inc. (NYSE : UHS) has built an impressive record of achievement and performance. Growing steadily since its inception into an esteemed Fortune 300 corporation, annual revenues were $15.8 billion in 2024. During the year, UHS was again recognized as one of the World's Most Admired Companies by Fortune; and listed in Forbes ranking of America's Largest Public Companies. Headquartered in King of Prussia, PA, UHS has approximately 99,000 employees and continues to grow through its subsidiaries. Operating acute care hospitals, behavioral health facilities, outpatient facilities and ambulatory care access points, an insurance offering, a physician network and various related services located all over the U.S. States, Washington, D.C., Puerto Rico and the United Kingdom.

The Corporate Information Services Department is seeking a dynamic and talented Information Security Analyst I-Application Security.

As a key member of our collaborative Cybersecurity team, the Information Security Analyst I – Application Security will play a critical role in safeguarding UHS and affiliates information systems. In this role, you will be responsible for identifying, assessing, and mitigating security vulnerabilities in our applications, guiding secure development practices, and collaborating with development teams to embed security throughout the software development lifecycle (SDLC). Works with technical and non-technical staff to insure that deployed technologies are effectively and efficiently providing the intended controls consistent with established policies and procedures. Where appropriate, trains and supports technical staff in UHS affiliated locations to deploy, manage and support selected technologies. May oversee the technical aspects of tasks assigned to less experienced staff or contractors on projects, systems or applications assigned.

Key Responsibilities

• Maintains selected information security technologies within guidelines of policies and in keeping with good project management principles. Monitors the resolution of maintenance or enhancement issues assigned by the UHS Customer Support Center.
• Perform in-depth security assessments of web, mobile, APIs, and cloud-based applications through code reviews, using tools such as SAST, DAST, IAST, SCA, manual techniques, and penetration testing.
• Periodically reviews deployed security technologies to ensure that the solutions continue to provide the intended protections efficiently and effectively.
• Work closely with DevOps and engineering teams to integrate security into CI / CD pipelines (DevSecOps).
• Identifies gaps in protection, and recommends solutions to remediate or mitigate the risks associated with the protection gaps.
• Document findings and assist in creating reports and metrics for technical and non-technical audiences.
• Assists more experienced members of the Information Security Team implement and support new information security technologies or processes.
• Works with staff at all levels in the organization, vendors and contractors to insure protections are effective, efficient and non-disruptive to the appropriate duties, rights and mission of the individuals and the organization(s) affected.

Qualifications

Technical Expertise

Entry-Level Certifications

Advanced Certifications

Broader Offensive Security Certifications

Travel Requirements

Up to 5% - 10% US – to field locations may be necessary to complete assigned projects.

Compensation and Benefits

EEO Statement

All UHS subsidiaries are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates. UHS subsidiaries are equal opportunity employers and as such, openly support and fully commit to recruitment, selection, placement, promotion and compensation of individuals without regard to race, color, religion, age, sex (including pregnancy, gender identity, and sexual orientation), genetic information, national origin, disability status, protected veteran status or any other characteristic protected by federal, state or local laws.

Notice

At UHS and all our subsidiaries, our Human Resources departments and recruiters are here to help prospective candidates by matching skillset and experience with the best possible career path at UHS and our subsidiaries. We take pride in creating a highly efficient and best in class candidate experience. During the recruitment process, no recruiter or employee will request financial or personal information (Social Security Number, credit card or bank information, etc.) from you via email. The recruiters will not email you from a public webmail client like Hotmail, Gmail, Yahoo Mail, etc. If you are suspicious of a job posting or job-related email mentioning UHS or its subsidiaries, let us know by contacting us at https : / / uhs.alertline.com or 1-800-852-3449.

J-18808-Ljbffr