Organization:
VEC AVA
Job Summary:
This role will provide expertise and guidance on assessments, security issues, and projects. This role will also have an active role in the development of the EAA team and it's team members.
The requested position comes from a need of having an Analyst and Team dedicated to Application Assessment as well as Security. Below are an outline of roles and responsibilities that will be expected out of this Analyst and team:
- Identify and Assess Applications through DAST and SAST
- Previous experience with DAST and SAST tools
- Previous experience with running open source tools
- Assist in ensuring the secure development of Applications in VUMC
- Assist to help develop secure coding best practices with IT teams
- Provide advanced knowledge and troubleshooting skills when needed
- Advanced knowledge of applications and their underling technologies
- Advanced knowledge of various coding languages
- Advanced knowledge of various security frameworks like OWASP
- Advanced knowledge of web application vulnerabilities
- Professional and effective verbal and written communication
- Assist in the development of processes and procedures for the team
- Being able to operate effectively in an independent setting
- Being the lead authority with technical skills
TECHNICAL CAPABILITIES
Project Resource - The Principal Analyst will be the subject matter expert for all EAA projects. They will be expected to be assigned to multiple initiatives at the same time. They will be expected to operate in an independent environment executing proper time and resource management skills. Regular reporting cadence with their director is expected. The analyst will also be responsible for identifying new projects and following the proper channels to get those projects initiated.
Escalation/Advanced Trouble-shooting - The Principal Analyst will be expected to the lead technical resource for any issues that may arise from scanning or assessing applications. The Analyst will be expected to report the issue to the necessary parties and follow through until the issue is resolved.
Consultation - The Principal Analyst will provide consulting services to VUMC support personnel as designated by leadership. They will operate in both a per directive and per request basis through approved methods. These include, but not limited to approved short-term and long-term initiatives.
Technology Leader - This Principal Analyst oversees the technology on the team and will be expected to make strategic decisions about technology adoption. They make suggestions for the team and ensure alignment with leadership. They will be responsible for designing the overall technology infrastructure, including the selection of software, hardware, and platforms. They work to ensure that the chosen technology solutions are scalable, efficient, and secure.
Application Security Researcher - The Principal Analyst will conduct advanced research and analyze emerging cyber threats and vulnerabilities. They will provide timely intelligence to inform security strategies and management. They will be expected to conduct security audits and assessments to identify vulnerabilities and weaknesses while following proper approval channels.
EAA Guidance, Standards, and Strategy Documentation Development -The Principal analyst is expected to provide insight into developing standards and strategy documentation for the EAA. They will be expected to be a key role in developing and defining the team's strategic objectives, including long-term goals, key performance indicators, and initiatives. They will also assist in creating and maintaining standards and best practices for the team.
Our professional administrative functions include critical supporting roles in information technology and informatics, finance, administration, legal and community affairs, human resources, communications and marketing, development, facilities, and many more.
At our growing health system, we support each other and encourage excellence among all who are part of our workforce. High-achieving employees stay at Vanderbilt Health for professional growth, appreciation of benefits, and a sense of community and purpose.
Core Accountabilities:
Organizational Impact: Delivers projects/assignments that have a direct impact on goals/objectives of the unit/department that the job is in. Problem Solving/ Complexity of work: Conducts extensive analysis of situations or data to resolve numerous, complex issues; may involve the input/work of others. Breadth of Knowledge: Has in-depth level of knowledge within a professional area and working knowledge of other areas. Team Interaction: May lead mid-sized projects; coaches and guides team members.
Core Capabilities :
Supporting Colleagues: - Develops Self and Others: Invests time, energy, and enthusiasm in developing self/others to help improve performance e and gain knowledge in new areas. - Builds and Maintains Relationships: Maintains regular contact with key colleagues and stakeholders using formal and informal opportunities to expand and strengthen relationships. - Communicates Effectively: Recognizes group interactions and modifies one's own communication style to suit different situations and audiences. Delivering Excellent Service: - Serves Others with Compassion: Seeks to understand current and future needs of relevant stakeholders and customizes services to better address them.- Solves Complex Problems: Approaches problems from different angles; Identifies new possibilities to interpret opportunities and develop concrete solutions. - Offers Meaningful Advice and Support: Provides ongoing support and coaching in a constructive manner to increase employees' effectiveness. Ensuring High Quality: - Performs Excellent Work: Engages regularly in formal and informal dialogue about quality; directly addresses quality issues promptly. - Ensures Continuous Improvement: Applies various learning experiences by looking beyond symptoms to uncover underlying causes of problems and identifies ways to resolve them. - Fulfills Safety and Regulatory Requirements: Understands all aspects of providing a safe environment and performs routine safety checks to prevent safety hazards from occurring. Managing Resources Effectively: - Demonstrates Accountability: Demonstrates a sense of ownership, focusing on and driving critical issues to closure.- Stewards Organizational Resources: Applies understanding of the departmental work to effectively manage resources for a department/area. - Makes Data Driven Decisions: Demonstrates strong understanding of the information or data to identify and elevate opportunities. Fostering Innovation: - Generates New Ideas: Proactively identifies new ideas/opportunities from multiple sources or methods to improve processes beyond conventional approaches. - Applies Technology: Demonstrates an enthusiasm for learning new technologies, tools, and procedures to address short-term challenges. - Adapts to Change: Views difficult situations and/or problems as opportunities for improvement; actively embraces change instead of emphasizing negative elements.
Position Qualifications:
Responsibilities:
Certifications:
Work Experience:
Relevant Work Experience
Experience Level:
5 years
Education:
Bachelor's
Vanderbilt Health recognizes that diversity is essential for excellence and innovation. We are committed to an inclusive environment where everyone has the chance to thrive and to the principles of equal opportunity and affirmative action. EOE/AA/Women/Minority/Vets/Disabled