IT Security Specialist II

Current Employees

• If you are a current Staff, Faculty or Temporary employee at the University of Miami, please click here to log in to Workday to use the internal application process. To learn how to apply for a faculty or staff position, please review this tip sheet. The University of Miami Health System (“UHealth”) IT Department has an exciting opportunity for an IT Security Specialist II to join its team in Miami in a full-time capacity. The Security Specialist II is primarily responsible for the end user and technical security training and awareness program at UM. This position will also provide technical support for all activities related to the CISO office, some of which include PCI-DSS compliance tasks, auditing, risk management, and security assessments. The CISO Security Specialist II will participate with risk management activities as authorized by the Chief Information Security Officer (CISO), independently and in teams. The Security Specialist II will be assigned to tasks of a highly technical nature that require expert understanding of security technologies and strategies. This individual is expected to provide technical direction in the identification and remediation of system and application vulnerabilities and controls to successfully accomplish the objectives and goals of the CISO office.
• CORE
• RESPONSIBILITIES: Provide support to technical and non-technical teams on the security findings while maintaining industry best practice standards. Collect, analyze threat intelligence reports, and escalate depending on the risk level. Drafts comprehensive reports, including assessment-based findings and outcomes, and propositions for further system security enhancements. Performs vulnerability scans, assesses impact and risk, and owns remediation efforts end-to-end, ensuring timely resolution and alignment with security priorities. Monitors and analyzes emerging security threats and related vulnerabilities for the University's vulnerability management program. Develop and implement standard operating procedures to monitor vulnerabilities, including CISA advisories, vendor’s vulnerabilities disclosures, ISACs threat reports, and security vendors’ reports. Adheres to University and unit-level policies and procedures and safeguards University assets. Support the incident response process to the resolution of the incident. Ensures the delivery of threat intelligence collected from incident engagements to threat intelligence teams and content creators for the purpose of operationalizing. Department Specific Functions Maintain and enhance threat and vulnerability management program to discover and track current cyber-threats. Process and enrich information to ensure timely, actionable, high confidence IOCs are ingested and shared with key stakeholders. Produce actionable intelligence and proactively drive threat hunting, detection and prevention. Responsible for working within the security operations team and providing direct risk intelligence support in cross functional areas of business resilience, physical security, supply chain, business continuity, illegal trade, criminal investigations, and other initiatives. Stay informed and provide subject matter expertise regarding recent attacks / exploits - especially against the healthcare industry and relevant web applications, databases, and common desktop tools. Partner closely with other functions within the cybersecurity and IT Management teams and collaborate with the security operations center and Managed Security Services Provider to ensure consistent and quality Incident Response services are provided to the organization. Produce, maintain, and disseminate threat intelligence summaries. Be available for on-call duty to handle high-impact cybersecurity incidents. This list of duties and responsibilities is not intended to be all-inclusive and may be expanded to include other duties or responsibilities as necessary. MINIMUM QUALIFICATIONS Bachelor's degree in Computer Science, Mathematics, Statistics, or equivalent or a related field. A master’s degree is highly desirable.
• Preferred industry certifications including: CompTIA CySA+ (Cybersecurity Analyst) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) or the equivalent Cloud Computing Security Certification GIAC Certified Incident Handler (GCIH) 5-7+ years of progressive cybersecurity experience with 3+ years directly related to the area of threat and vulnerability management, threat intelligence, incident response, digital forensics, malware analysis, or threat hunting. In-depth experience managing vulnerability management tools, e.g., Qualys, Tenable, Rapid7. Strong time management, presentation, and communication skills. Ability to maintain confidentiality, and high levels of integrity in the conduct of personal and professional affairs. Skill in collecting, organizing, and analyzing data. Ability to recognize, analyze, and solve a variety of problems. Ability to exercise sound judgment in making critical decisions. Excellent communication and technical writing skills Strong critical thinking skills. Ability to work independently and/or in a collaborative environment. Ability to maintain effective interpersonal relationships. Ability to communicate effectively in both oral and written form. Ability to identify and communicate best practices. Ability to understand, document, and analyze business processes from a control and operational perspective Any appropriate combination of relevant education, experience and/or certifications may be considered. #LI-AS1 The University of Miami is recognized as one of the nation’s premier research institutions and academic health systems and is among the largest employers in South Florida. With more than 20,000 faculty and staff, the University is committed to excellence and guided by a mission to positively impact the lives of students, patients, and communities locally and globally. We are dedicated to fostering a culture where every individual feels valued and empowered to contribute meaningfully. United by shared values, the University community works together to build an environment defined by purpose, collaboration, and service. The University of Miami is an Equal Opportunity Employer. Applicants and employees are protected from discrimination based on certain categories protected by Federal law. Click here for additional information.

Job Status

Full time Employee Type: Staff The mission of the University of Miami is to transform lives through education, research, innovation, and service. A vibrant and diverse academic and healthcare community, the University of Miami and the University of Miami Health System ("UHealth") have rapidly progressed to become one of the nation’s top research universities and academic medical centers in the nation. The University comprises 12 schools and colleges serving undergraduate and graduate students in more than 350 majors and programs. Visit welcome.miami.edu/about-um to learn more about our points of pride. The University ranks No. 55 on U.S. News & World Report’s 2022 Best Colleges list and ranked No. 49 in the 2022 Wall Street Journal/Times Higher Education College Rankings. Bascom Palmer Eye Institute is ranked the #1 eye hospital in the USA and offers some of the nation's premiere eye doctors to treat every eye condition for adults. Sylvester Comprehensive Cancer, part of the Miller School of Medicine, received the prestigious National Cancer Institute designation in 2019. The University of Miami and UHealth have also ranked among the Forbes Best Employers and Best Employers for Women on several occasions, most recently in 2022. With more than 17,000 faculty and staff, the University strives for excellence, and is driven by a powerful mission to transform and impact the lives of its students, patients, members of the community, and people across the globe. The University of Miami is an Equal Opportunity Employer. Applicants and employees are protected from discrimination based on certain categories protected by Federal law.