Associate Information Security Analyst - GRC

One of the nation’s largest and most respected providers of hospital and healthcare services, Universal Health Services, Inc. (UHS) has built an impressive record of achievement and performance. Growing steadily since its inception into an esteemed Fortune 500® corporation, annual revenues  during 2025 were $17.4 billion. In 2026, UHS was again recognized as one of Fortune World’s Most Admired Companies™ and in 2025, was listed in Forbes ranking of America’s Largest Public Companies.  

Headquartered in King of Prussia, PA, UHS has approximately 101,500 employees and continues to grow through its subsidiaries. Operating acute care hospitals, behavioral health facilities, outpatient facilities and ambulatory care access points, an insurance offering, a physician network and various related services located in 40 U.S. states, Washington, D.C., Puerto Rico and the United Kingdom. For additional information visit www.uhs.com. 

The Corporate Information Services Department is seeking a dynamic and talented Associate Information Security Analyst – GRC.

As a member of the Cybersecurity team, the Associate Information Security Analyst – GRC supports and assists with the implementation, maintenance, and governance of UHS information security controls designed to protect the confidentiality, integrity and availability of UHS and affiliates Information Services assets.  This role contributes to the Governance, Risk, and Compliance (GRC) objectives by supporting risk management activities, compliance initiatives, security control implementation, and ongoing monitoring of security operations. Monitors and tracks the resolution of security-related maintenance, remediation,  and enhancement issues assigned by the UHS Customer Support Center or more senior members of the Information Security Team.  With guidance, this role assists in implementing and documenting security controls, ensuring alignment with UHS policies, regulatory requirements, and industry best practices. Provides technical support to UHS entities, meet deadlines, and shares knowledge and experience with other members of team. 

Key responsibilities include:

System Implementation:

As part of a team of more experienced staff:

• Regularly meets with users, vendors, and IS staff to  support the development or modification of security and compliance-related system specifications.
• Assists with the implementation and ongoing operation of security controls aligned with UHS policies, standards, and regulatory requirements.
• Researches and resolves technical security-related tickets.
• Adheres to appropriate UHS Project Management standards.
• Ensures strict adherence to work plans, reporting all serious deviations to management.
• Assists with the training of users in operating procedures for security solutions.

System Maintenance and Support:

• Researches and resolves tickets including major security solution implementations and upgrades.
• Monitor security alerts and dashboards daily
• Assist with phishing analysis and user-reported security issues
• Perform initial triage and severity assessment of security events.
• Assists with risk and vulnerability assessments by gathering evidence, validating remediation actions, and updating risk registers or tracking systems.
• Assists with Vendor and Third-Party Risk Management.
• Adheres to UHS Service Level and Change Management Policies.
• Provides on-call support as scheduled.
• Establishes and maintains regular communications with user community.

Administration and Oversight:

• Maintains Service Excellence principles.
• Prepares and submits status reports to supervisor as required.
• Keeps management well informed of activities, needs, problems.
• Performs other tasks as required by management.

Position Requirements:

• This position requires a Bachelor’s degree in Computer Science, or Information Systems, with a concentration in cybersecurity highly preferred. No working experience is required, up to one year of Information Technology or Systems experience would enhance the skills and abilities necessary to perform this job. An Associate’s Degree in Computer Science or Information Systems, with a concentration in cybersecurity AND one year of relevant Information Technology or Systems experience may be considered in lieu of the Bachelor’s degree.
• Basic understanding of the following or similar information security technologies:
  • Active Directory
  • Intrusion detection/prevention systems (IDS/IPS)
  • Web filtering
  • Vulnerability scanners/remediation
  • Encryption technologies for data at rest and data in transit
  • Mobile device and removable media protection or management systems
  • Forensic analysis
  • Security Information and Event Management (SIEM) systems
  • Common Vulnerabilities and Exposures (CVE) database
  • Anti-Virus
  • Device Control
• Basic knowledge of information security governance frameworks and best practices (e.g., NIST, ISO, CIS, HIPAA).
• Basic understanding of risk management, vulnerability management, and compliance monitoring.
• Basic knowledge of general IS standards and quality methods and metrics.
• Basic knowledge of project management methods.
• Basic understanding of incident response lifecycle (detect, analyze, contain, remediate).
• Basic knowledge of security penetration testing and ethical hacking best practices.
• Exposure to threat intelligence and log analysis concepts.
• Has a general familiarity with business practices, concepts and terminology sufficient to support the security applications or systems and communicate effectively with colleagues.
• Able to prioritize multiple tasks and be details oriented.
• Excellent communication, interpersonal and project management skills

Travel Requirements: Minimal

This opportunity provides the following:

• Challenging and rewarding work environment
• Growth and development opportunities within UHS and its subsidiaries
• Competitive Compensation
• Excellent Medical, Dental, Vision and Prescription Drug Plan
• 401k plan with company match
• Generous Paid Time Off

*UHS is a registered trademark of UHS of Delaware, Inc., the management company for Universal Health Services, Inc. and a wholly-owned subsidiary of Universal Health Services, Inc. Universal Health Services, Inc. is a holding company and operates through its subsidiaries including its management company, UHS of Delaware, Inc. All healthcare and management operations are conducted by subsidiaries of Universal Health Services, Inc. To the extent any reference to "UHS or UHS facilities" on this website including any statements, articles or other publications contained herein relates to our healthcare or management operations it is referring to Universal Health Services' subsidiaries including UHS of Delaware. Further, the terms "we," "us," "our" or "the company" in such context similarly refer to the operations of Universal Health Services' subsidiaries including UHS of Delaware. Any employment referenced in this website is not with Universal Health Services, Inc. but solely with one of its subsidiaries including but not limited to UHS of Delaware, Inc.

UHS is not accepting unsolicited assistance from search firms for this employment opportunity. Please, no phone calls or emails. All resumes submitted by search firms to any employee at UHS via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of UHS. No fee will be paid in the event the candidate is hired by UHS as a result of the referral or through other means.

EEO Statement

All UHS subsidiaries are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates. UHS subsidiaries are equal opportunity employers and as such, openly support and fully commit to recruitment, selection, placement, promotion and compensation of individuals without regard to race, color, religion, age, sex (including pregnancy, gender identity, and sexual orientation), genetic information, national origin, disability status, protected veteran status or any other characteristic protected by federal, state or local laws.

We believe that diversity and inclusion among our teammates is critical to our success.

Notice

At UHS and all our subsidiaries, our Human Resources departments and recruiters are here to help prospective candidates by matching skillset and experience with the best possible career path at UHS and our subsidiaries.  We take pride in creating a highly efficient and best in class candidate experience. During the recruitment process, no recruiter or employee will request financial or personal information (Social Security Number, credit card or bank information, etc.) from you via email. The recruiters will not email you from a public webmail client like Hotmail, Gmail, Yahoo Mail, etc. If you are suspicious of a job posting or job-related email mentioning UHS or its subsidiaries, let us know by contacting us at: https://uhs.alertline.com or 1-800-852-3449.