Join UChicago Medicine as a Payment Card Industry Data Security Standards (PCI DSS) Risk Analyst on the Information Security and Privacy GRC team. This remote role will ensure PCI DSS compliance across business units by understanding payment processes, maintaining documentation, and communicating PCI requirements. The position acts as a subject matter expert for Payment Card Industry Data Security Standards, overseeing the implementation of PCI controls.
We are seeking a Senior Security Analyst to strengthen our information security and compliance posture as we scale; this role will help design, implement, and monitor security controls, ensuring alignment with regulatory and customer requirements such as SOC 2 and ISO 27001. You will partner cross-functionally with IT, Legal, and Engineering to maintain compliance, mitigate risk, and foster a culture of security throughout the organization.
Central point of contact for customers regarding IT/TK security, risk management, audit and compliance. Support in the development and implementation of customer-specific security concepts. Assistance in handling security incidents related to customers. Coordination and support of security audits related to customers and suppliers.
As the Security Manager within the InfoSec team, you will manage the delivery of security and accreditation, produce security assurance documentation, support security testing, create remediation plans, and contribute to procurement bids and security questionnaires to ensure the security of the company and its customers.
This role is a critical part of the NBC Universal Cyber Security, executing strategy and overseeing operational engagement with leaders across Operations & Technology teams, Media Services, and enterprise-wide business solution teams. The position requires proactively defending and translating insights into a tactical roadmap, building strong relationships with leadership and teams, assessing business practices, identifying security control gaps, and leading cyber security strategies.
The Information Systems Security Engineer II (ISSE) will perform technical security assessments of computing environments to identify vulnerabilities and recommend mitigation strategies, validates system security requirements, and builds IA into systems deployed to operational environments. This role supports security planning, risk analysis, and certification activities.
The Information Security Analyst Tier 3 provides technical guidance and leadership to ensure effective threat detection and incident response activities, employing advanced techniques, tools, and workflows to continuously improve. Lead initiatives to identify and mitigate complex security risks by analyzing security events and alerts. Conduct an in-depth analysis of multiple data sources.