Information Security Analyst Staff - IT Readiness – Testing and Release Management

JOB SUMMARY:

Develops, monitors, and maintains Information Security policies, standards, and procedures. Ensures Information Security policies, plans, controls, and processes are aligned with internal and external requirements including regulatory requirements and industry best practices. Develops and executes techniques and procedures to identify and track Information Security risks, issues, and incidents. Develops and executes response and investigative procedures for Information Security risks, issues, and incidents to limit negative impact, identify root cause, and guide remediation. Coordinates with other IT Staff and representatives throughout the Health Network to ensure Information Security is engrained into all technology and business practices.

May focus on a specific Information Security domain such as Cybersecurity Operations, Identity Governance, or IT Risk & Resilience where targeted skills and expertise are required for the successful deployment and operation of the Information Security Program.

Focus for this position includes:

IT Change Management

• Develop, operate and maintain UVMHN IT Change Management functions
• Facilitate change management processes including change control meetings, communications and workflows
• Operate, maintain and improve change management program scope, process, procedure and workflows
• Continuously improve change management functions in response to changes in IT structure, risk tolerance, operational workflows and technology

IT Testing

• Develop and operate UVMHN’s IT testing program
• Scope, plan and facilitate automated and manual testing processes with internal and external partners
• Conduct scoping, review, and onboarding of new automated testing for critical IT systems
• Coordinate development and maintenance of test script portfolios
• Maintain testing schedules and roadmaps
• Coordinate deployment and maintenance of testing equipment and systems

IT Release Management

• Develop and implement release management program for IT systems in support of critical operational and clinical functions
• Define release scope, frequency and processes in coordination with IT and Operational stakeholders
• Coordinate system and application releases with IT and operational stakeholders
• Integrate IT Testing and Release Management programs

IT Go-live governance

• Develop and maintain criteria for IT system and application go-live
• Implement go-live governance and workflows
• Measure and monitor go-live success
• Integrate go-live governance with intake, risk management, SAFe Agile and Change Management functions as needed

EDUCATION:

Bachelor’s Degree in Information Security, Computer Science or Information Systems or commensurate experience

EXPERIENCE:

3 or more years of experience in an Information Security or Information Technology role.