Sr. Information Security Analyst

Who We Are JPS Health Network is a $950 million, tax-supported healthcare system in North Texas. Licensed for 582 beds, the network features over 25 locations across Tarrant County, with John Peter Smith Hospital a Level I Trauma Center, Tarrant County's only psychiatric emergency center, and the largest hospital-based family medical residency program in the nation. The health network employs more than 7,200 people.

Acclaim Multispecialty Group is the medical practice group featuring over 300 providers serving JPS Health Network. Specialties range from primary care to general surgery and trauma. The Acclaim Multispecialty Group formed around a common set of incentives and expectations supporting the operational, financial, and clinical performance outcomes of the network. Our goal is to provide high quality, compassionate clinical care for every patient, every time.

Why JPS? We're more than a hospital. We're 7,200 of the most dedicated people you could ever meet. Our goal is to make sure the people of our community get the care they need and deserve. As community stewards, we abide by three Rules of the Road:

When working here, you're surrounded by passion, diversity, and dedication. We look forward to meeting you!

Under direction from the Chief Information Security Officer and Manager - Information Security Operations, the Senior Information Security Analyst assists with the planning, implementation, and maintenance of the District’s information security program including security administration, security operations, risk management, education, policy/procedure development, and other required duties.

• Controls the addition and modification of user identifiers, user credentials, or other object identifiers. Perform access reviews of network and application user accounts.
• Performs tests on backup media for information integrity, as necessary.
• Coordinates cybersecurity incident response activities with interested personnel and affected parties. Responds to triage alerts from security systems in a timely manner. Periodically test the cybersecurity incident response plan and related procedures.
• Compiles event logs from Security Incident Event Manager (SIEM) and other components into a system‑wide, time‑correlated audit trail. Establish and maintain logging and monitoring operations. Identify potential cybersecurity events in SIEM and audit logs. Include incident alert thresholds in continuous security alert monitoring procedures. Monitor systems for inappropriate usage and other security violations. Review SIEM event logs, Intrusion Detection System reports, security incident tracking reports, vulnerability scan reports, and other security logs regularly.
• Establishes and maintains a data security awareness program. Evaluates the effectiveness of end‑user information security training via email phishing and other campaigns. Provide end‑user information security training via multiple platforms (newsletters, videos, in‑person discussion, et. al.). Conduct periodic phishing simulations of the workforce.
• Develops and monitors key performance indicators (KPIs) to ensure the effectiveness of the information security program. Develops, implements, and maintains information security standards, policies, and procedures in accordance with established information security governance frameworks and regulations (NIST, HIPAA, et. al.).
• Job description is not an all‑inclusive list of duties and may be subject to change with or without notice. Staff are expected to perform other duties as assigned.
• Must be able to complete all job duties and functions of the role with or without assistive/adaptive devices, and/or reasonable accommodations.
• Work environments may differ based on job functions and location. Work is subject to schedule changes and/or variable…