Current Employees:

If you are a current Staff, Faculty or Temporary employee at the University of Miami, please click here to log in to Workday to use the internal application process. To learn how to apply for a faculty or staff position, please review this tip sheet.

The University of Miami Health System (“UHealth”) IT Department has an exciting opportunity for an IT Security Specialist II to join its team in Miami in a full-time capacity.

The Security Specialist II is primarily responsible for the end user and technical security training and awareness program at UM. This position will also provide technical support for all activities related to the CISO office, some of which include PCI-DSS compliance tasks, auditing, risk management, and security assessments. The CISO Security Specialist II will participate with risk management activities as authorized by the Chief Information Security Officer (CISO), independently and in teams.

The Security Specialist II will be assigned to tasks of a highly technical nature that require expert understanding of security technologies and strategies. This individual is expected to provide technical direction in the identification and remediation of system and application vulnerabilities and controls to successfully accomplish the objectives and goals of the CISO office.

CORE RESPONSIBILITIES:

• Provide support to technical and non-technical teams on the security findings while maintaining industry best practice standards.

• Collect, analyze threat intelligence reports, and escalate depending on the risk level.

• Drafts comprehensive reports, including assessment-based findings and outcomes, and propositions for further system security enhancements.

• Performs vulnerability scans, assesses impact and risk, and owns remediation efforts end-to-end, ensuring timely resolution and alignment with security priorities.

• Monitors and analyzes emerging security threats and related vulnerabilities for the University's vulnerability management program.

• Develop and implement standard operating procedures to monitor vulnerabilities, including CISA advisories, vendor’s vulnerabilities disclosures, ISACs threat reports, and security vendors’ reports.

• Adheres to University and unit-level policies and procedures and safeguards University assets.

• Support the incident response process to the resolution of the incident.

• Ensures the delivery of threat intelligence collected from incident engagements to threat intelligence teams and content creators for the purpose of operationalizing.

Department Specific Functions

• Maintain and enhance threat and vulnerability management program to discover and track current cyber-threats.

• Process and enrich information to ensure timely, actionable, high confidence IOCs are ingested and shared with key stakeholders.

• Produce actionable intelligence and proactively drive threat hunting, detection and prevention.

• Responsible for working within the security operations team and providing direct risk intelligence support in cross functional areas of business resilience, physical security, supply chain, business continuity, illegal trade, criminal investigations, and other initiatives.

• Stay informed and provide subject matter expertise regarding recent attacks / exploits - especially against the healthcare industry and relevant web applications, databases, and common desktop tools.

• Partner closely with other functions within the cybersecurity and IT Management teams and collaborate with the security operations center and Managed Security Services Provider to ensure consistent and quality Incident Response services are provided to the organization.

• Produce, maintain, and disseminate threat intelligence summaries.

• Be available for on-call duty to handle high-impact cybersecurity incidents.

This list of duties and responsibilities is not intended to be all-inclusive and may be expanded to include other duties or responsibilities as necessary.

MINIMUM QUALIFICATIONS

• Bachelor's degree in Computer Science, Mathematics, Statistics, or equivalent or a related field. A master’s degree is highly desirable.

Preferred industry certifications including:

• CompTIA CySA+ (Cybersecurity Analyst)

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM) or the equivalent

• Cloud Computing Security Certification

• GIAC Certified Incident Handler (GCIH)

• 5-7+ years of progressive cybersecurity experience with 3+ years directly related to the area of threat and vulnerability management, threat intelligence, incident response, digital forensics, malware analysis, or threat hunting.

• In-depth experience managing vulnerability management tools, e.g., Qualys, Tenable, Rapid7.

• Strong time management, presentation, and communication skills.

• Ability to maintain confidentiality, and high levels of integrity in the conduct of personal and professional affairs.

• Skill in collecting, organizing, and analyzing data.

• Ability to recognize, analyze, and solve a variety of problems.

• Ability to exercise sound judgment in making critical decisions.

• Excellent communication and technical writing skills

• Strong critical thinking skills.

• Ability to work independently and/or in a collaborative environment.

• Ability to maintain effective interpersonal relationships.

• Ability to communicate effectively in both oral and written form.

• Ability to identify and communicate best practices.

• Ability to understand, document, and analyze business processes from a control and operational perspective

Any appropriate combination of relevant education, experience and/or certifications may be considered.

#LI-AS1

The University of Miami is recognized as one of the nation’s premier research institutions and academic health systems and is among the largest employers in South Florida.

With more than 20,000 faculty and staff, the University is committed to excellence and guided by a mission to positively impact the lives of students, patients, and communities locally and globally.

We are dedicated to fostering a culture where every individual feels valued and empowered to contribute meaningfully. United by shared values, the University community works together to build an environment defined by purpose, collaboration, and service.

The University of Miami is an Equal Opportunity Employer. Applicants and employees are protected from discrimination based on certain categories protected by Federal law. Click here for additional information.

Job Status:

Employee Type: