Information Security Analyst I - Application Security (King of Prussia)

Information Security Analyst I-Application Security

One of the nation's largest and most respected providers of hospital and healthcare services, Universal Health Services, Inc. has built an impressive record of achievement and performance. Growing steadily since its inception into an esteemed Fortune 300 corporation, annual revenues were $15.8 billion in 2024. Headquartered in King of Prussia, PA, UHS has approximately 99,000 employees and continues to grow through its subsidiaries. Operating acute care hospitals, behavioral health facilities, outpatient facilities and ambulatory care access points, an insurance offering, a physician network and various related services located all over the U.S. States, Washington, D.C., Puerto Rico and the United Kingdom.

The Corporate Information Services Department is seeking a dynamic and talented Information Security Analyst I-Application Security. As a key member of our collaborative Cybersecurity team, the Information Security Analyst I Application Security will play a critical role in safeguarding UHS and affiliates information systems. In this role, you will be responsible for identifying, assessing, and mitigating security vulnerabilities in our applications, guiding secure development practices, and collaborating with development teams to embed security throughout the software development lifecycle (SDLC). Works with technical and non-technical staff to insure that deployed technologies are effectively and efficiently providing the intended controls consistent with established policies and procedures. Where appropriate, trains and supports technical staff in UHS affiliated locations to deploy, manage and support selected technologies. May oversee the technical aspects of tasks assigned to less experienced staff or contractors on projects, systems or applications assigned. Key include :

• Maintains selected information security technologies within guidelines of policies and in keeping with good project management principles.
• Monitors the resolution of maintenance or enhancement issues assigned by the UHS Customer Support Center.
• Perform in-depth security assessments of web, mobile, APIs, and cloud-based applications through code reviews, using tools such as SAST, DAST, IAST, SCA, manual techniques, and penetration testing.
• Periodically reviews deployed security technologies to ensure that the solutions continue to provide the intended protections efficiently and effectively.
• Work closely with DevOps and engineering teams to integrate security into CI / CD pipelines (DevSecOps).
• Identifies gaps in protection, and recommends solutions to remediate or mitigate the risks associated with the protection gaps.
• Document findings and assist in creating reports and metrics for technical and non-technical audiences.
• Assists more experienced members of the Information Security Team implement and support new information security technologies or processes.
• Works with staff at all levels in the organization, vendors and contractors to insure protections are effective, efficient and non-disruptive to the appropriate duties, rights and mission of the individuals and the organization(s) affected.

Qualifications Position Requirements :

Travel Requirements :

This opportunity provides the following :

EEO Statement All UHS subsidiaries are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates. UHS subsidiaries are equal opportunity employers and as such, openly support and fully commit to recruitment, selection, placement, promotion and compensation of individuals without regard to race, color, religion, age, sex (including pregnancy, gender identity, and sexual orientation), genetic information, national origin, disability status, protected veteran status or any other characteristic protected by federal, state or local laws. We believe that diversity and inclusion among our teammates is critical to our success.