IT Information Security Analyst IV

Schedule:
Monday - Friday (40 hrs/wk)
8:00 AM - 5:00 PM

Department: Information Security - 206

Primary Purpose:

The Information Security Analyst is responsible for monitoring, detecting, and responding to security threats across the organization’s IT environment. Working within the Security Operations Center (SOC), this role ensures the confidentiality, integrity, and availability of information systems. The analyst collaborates with IT and business teams to protect sensitive data and maintain regulatory compliance.

About ARUP:

ARUP Laboratories is a national clinical and anatomic pathology reference laboratory and an enterprise of the University of Utah and its Department of Pathology. Based in Salt Lake City, Utah.

ARUP proudly hires top talent to create a work environment of diversity, professional growth and continuous development. Our workforce is committed to the important service we provide to over one million patients each month. We always strive for excellence and have a strong desire to have involvement with the advances in medicine and the role laboratory services plays within each patient’s life. We never forget that there is a patient behind every specimen we receive.

We are looking for individuals who want to contribute to ARUP's culture of accountability, integrity, service, and excellence. Consider joining our dynamic team.

Essential Functions:

Advanced Threat Monitoring and Analysis: Lead threat monitoring activities to detect and analyze complex security incidents using SIEM tools, IDS/IPS, EDR, and other advanced security platforms.

Triage, investigate, and respond to security incidents in accordance with established procedures, including containment, eradication, and recovery.

Analyze logs from firewalls, IDS/IPS, endpoint protection platforms, SIEM, and other sources to detect and assess security events.

Incident Response and Coordination: Direct and manage incident response actions, from identification through containment, eradication, and recovery.

Participate in on-call as required to ensure 24/7 monitoring and response coverage.

Document investigations, actions taken, and outcomes in case management systems with accuracy and clarity.

Collaborate with SOC analysts, IT teams, and other departments (quality, compliance, legal, finance, executive) to resolve incidents, share threat intelligence, and support audits or legal holds.

Follow and contribute to the improvement of SOC playbooks, workflows, and standard operating procedures.

Identify, test, implement, and administer technologies that protect the organization’s information infrastructure.

Track, monitor, and report on key performance indicators (KPIs) and metrics (such as MTTD and MTTR) to measure the effectiveness of security operations and drive continuous improvement.

Perform periodic risk assessments, security reviews, and audits to ensure regulatory and security requirements are met; assist with remediation planning and follow-up.

Support malware analysis, containment efforts, and forensic investigations as directed, including responding to security emergencies during and after business hours.

Participate in ongoing corporate information security awareness training, notifications, and updates.

Communicate findings and recommendations clearly to technical and non-technical stakeholders.

Maintain confidentiality and integrity of sensitive information encountered during investigations.

Stay current with emerging threats, attack techniques, regulatory requirements (e.g., HIPAA, PCI), and security technologies through continuous learning and training.

Assist in the implementation, maintenance, and improvement of the organization-wide information security program.

Perform project leadership tasks on select security projects as assigned.

Mentorship and Training: Provide guidance, training, and mentorship to junior and mid-level analysts, fostering a culture of continuous improvement and knowledge sharing within the team.

Lead IR efforts.

Perform other duties as assigned.

Physical and Other Requirements:

Stooping: Bending body downward and forward by bending spine at the waist.

Reaching: Extending hand(s) and arm(s) in any direction.

Mobility: The person in this position needs to occasionally move between work sites and inside the office to access file cabinets, office machinery, etc.

Communicate: Frequently and effectively communicate with others.

PPE: Biohazard laboratory environment that requires use of personal protective equipment in accordance with CDC and OSHA regulations and company policies.

ARUP Policies and Procedures: To conduct self in compliance with all ARUP Policies and Procedures.

Medium Work: Exerting up to 50 pounds of force occasionally, and/or up to 30 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects.

Fine Motor Control: Picking, pinching, typing or otherwise working, primarily with fingers rather than with the whole hand as in handling.

Vision: Having close, far, and peripheral visual acuity to perform a variety of tasks such as make general observations of depth and distance.

Color Vision: Perception of and ability to distinguish colors

Continuing Education: Continual assessment of current literature and best practices.

Experience

• Bachelor’s degree in information security, information systems, or related field and six (6) years of applicable work experience OR Associate degree and eight (8) years of applicable work experience OR High School diploma and ten (10) years of applicable work experience
• Experience supporting desktop and server OS devices
• One or more High-level Certifications in Information Security (e.g., CISSP, GIAC, OSCP, CASP )

• Experience with PCI, NIST, and CIS regulatory requirements, risk assessments, and required controls
• Additional high-level security certificates (OSCP, CEH, CASP )
• Intermediate understanding of network, server, storage, database, and desktop operations and interrelationships
• Experience with HIPAA/HITECH regulatory requirements, risk assessments, and required controls
• Experience implementing and administering systems such as SIEM, Anti-Virus, MFA, Threat Hunting, Detection Engineering, SOAR etc.

Education

• High School Diploma or Equivalent or better

• Bachelor's Degree or better in Information Systems or related field
• Associates Degree or better

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.