We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Universal Health Services jobs

Information Security Analyst I - Biomedical Security

Universal Health Services
paid time off, 401(k)
United States, Pennsylvania, Tredyffrin
May 15, 2025
Responsibilities

One of the nation's largest and most respected providers of hospital and healthcare services, Universal Health Services, Inc. (NYSE: UHS) has built an impressive record of achievement and performance. Growing steadily since its inception into an esteemed Fortune 300 corporation, annual revenues were $15.8 billion in 2024. During the year, UHS was again recognized as one of the World's Most Admired Companies by Fortune; and listed in Forbes ranking of America's Largest Public Companies. Headquartered in King of Prussia, PA, UHS has approximately 99,000 employees and continues to grow through its subsidiaries. Operating acute care hospitals, behavioral health facilities, outpatient facilities and ambulatory care access points, an insurance offering, a physician network and various related services located all over the U.S. States, Washington, D.C., Puerto Rico and the United Kingdom. www.uhs.com

The Corporate Information Services Department is seeking a dynamic and talented Information Security Analyst I-Biomedical Security.

As a member of the Cybersecurity team, the Information Security Analyst I - Biomedical Security participates in the identification, implementation, maintenance, and support of technologies designed to protect the confidentiality, integrity or availability of UHS and affiliates' information systems. The candidate will be focused on identifying and managing security vulnerabilities in biomedical and clinical technology systems, including connected medical devices and IoT/OT infrastructure. Collaborate with healthcare technology management, IT, and vendor teams to identify risks, implement controls, and ensure compliance with relevant healthcare cybersecurity standards and regulations. Where appropriate, trains and supports technical staff in UHS affiliated locations to deploy, manage and support selected technologies. May oversee the technical aspects of tasks assigned to less experienced staff or contractors on projects, systems or applications assigned.

Key Responsibilities include:

  • Maintains selected information security technologies within guidelines of policies and in keeping with good project management principles. Monitors the resolution of maintenance or enhancement issues assigned by the UHS Customer Support Center.
  • Lead or support vulnerability management efforts for biomedical and IoT/OT devices.
  • Conduct regular scans and assessments to identify vulnerabilities across medical devices and supporting systems.
  • Periodically reviews deployed security technologies to ensure that the solutions continue to provide the intended protection efficiently and effectively.
  • Work with healthcare technology management and IT to validate vulnerabilities, assess risk, and coordinate remediation or compensating controls.
  • Identifies gaps in protection and recommends solutions to remediate or mitigate the risks associated with the protection gaps.
  • Maintain a comprehensive inventory of biomedical assets and track associated vulnerabilities and patch statuses.
  • Prioritize and categorize vulnerabilities using CVSS scores, FDA advisories, vendor disclosures, and clinical impact analysis.
  • Assists more experienced members of the Information Security Team implement and support new information security technologies or processes.
  • Stay informed on medical device cybersecurity threats, vulnerabilities (e.g., ICS-CERT, FDA alerts), and emerging standards.
  • Works with staff at all levels in the organization, vendors and contractors to ensure protections are effective, efficient and non-disruptive to the appropriate duties, rights and mission of the individuals and the organization(s) affected.
  • Generate regular reports and dashboards for leadership on biomedical vulnerability trends, metrics, and remediation progress.
  • Assist with incident response and forensic investigations involving biomedical systems.

Qualifications

Position Requirements:

  • Bachelor's degree in Information Systems Security and Risk Management, Computer Science, or related field required. Significant relevant experience in addition to an Associate's Degree (4 years) may be considered in lieu of the educational requirement.
  • 2+ years of experience in cybersecurity, vulnerability management, or biomedical/IoT security - preferably in healthcare.
  • Experience with tools for asset discovery and vulnerability management (e.g., Asimily, Tenable).
  • Knowledge of medical device protocols and systems (e.g., HL7, DICOM, PACS, infusion pumps, patient monitors).
  • Basic understanding of CVEs, CVSS scoring, and patch management lifecycle.
  • Familiarity with network segmentation, NAC, VLANs, and firewalls in OT/clinical environments.
  • Familiarity with risk assessment and risk management concepts or processes.
  • Working knowledge of various regulatory security requirements - particularly Sarbanes-Oxley (SOX), HIPAA, and HITECH.
  • Working knowledge of common cyber security frameworks such as HITRUST, NIST, CSC20, or others.
  • Working knowledge of scripting languages such as Python, PowerShell, and VB is a plus.
  • Ability to prioritize multiple tasks and be detail oriented.
  • An information security certification is a plus -- to demonstrate proficiency and knowledge of information security best practices and concepts.
  • Excellent communication, interpersonal and project management skills

Travel Requirements: Up to 5% - 10% US - to field locations may be necessary to complete assigned projects.

This opportunity provides the following:

  • Challenging and rewarding work environment
  • Growth and development opportunities within UHS and its subsidiaries
  • Competitive Compensation
  • Excellent Medical, Dental, Vision and Prescription Drug Plan
  • 401k plan with company match
  • Generous Paid Time Off

*UHS is a registered trademark of UHS of Delaware, Inc., the management company for Universal Health Services, Inc. and a wholly-owned subsidiary of Universal Health Services, Inc. Universal Health Services, Inc. is a holding company and operates through its subsidiaries including its management company, UHS of Delaware, Inc. All healthcare and management operations are conducted by subsidiaries of Universal Health Services, Inc. To the extent any reference to "UHS or UHS facilities" on this website including any statements, articles or other publications contained herein relates to our healthcare or management operations it is referring to Universal Health Services' subsidiaries including UHS of Delaware. Further, the terms "we," "us," "our" or "the company" in such context similarly refer to the operations of Universal Health Services' subsidiaries including UHS of Delaware. Any employment referenced in this website is not with Universal Health Services, Inc. but solely with one of its subsidiaries including but not limited to UHS of Delaware, Inc.

UHS is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at UHS via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of UHS. No fee will be paid in the event the candidate is hired by UHS as a result of the referral or through other means.

EEO Statement

All UHS subsidiaries are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates. UHS subsidiaries are equal opportunity employers and as such, openly support and fully commit to recruitment, selection, placement, promotion and compensation of individuals without regard to race, color, religion, age, sex (including pregnancy, gender identity, and sexual orientation), genetic information, national origin, disability status, protected veteran status or any other characteristic protected by federal, state or local laws.

We believe that diversity and inclusion among our teammates is critical to our success.

Notice

At UHS and all our subsidiaries, our Human Resources departments and recruiters are here to help prospective candidates by matching skillset and experience with the best possible career path at UHS and our subsidiaries. We take pride in creating a highly efficient and best in class candidate experience. During the recruitment process, no recruiter or employee will request financial or personal information (Social Security Number, credit card or bank information, etc.) from you via email. The recruiters will not email you from a public webmail client like Hotmail, Gmail, Yahoo Mail, etc. If you are suspicious of a job posting or job-related email mentioning UHS or its subsidiaries, let us know by contacting us at: https://uhs.alertline.com or 1-800-852-3449.

Applied = 0
MORE JOBS LIKE THIS

(web-7fb47cbfc5-6j2jx)