We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Medical College of Wisconsin jobs

IS Security Analyst II

Medical College of Wisconsin
parental leave, paid holidays, tuition reimbursement, 403(b)
United States, Wisconsin, Milwaukee
Apr 10, 2026
Summary

The Cybersecurity Analyst II is a mid-level practitioner who safeguards MCW systems and data while enabling research. The role specializes in compliance, risk management, incident response, and program coordination. It translates complex requirements (HIPAA Security Rule, CMMC, NIST SP 800-171, NIST SP 800-53, and NIH/dbGaP controlled-access genomic data expectations) into practical, auditable controls across enterprise and research environments. In partnership with the Office of Compliance and Risk and the Office of Research, the analyst co-designs pre-award guidance and post-award monitoring to ensure investigators understand and meet obligations related to ePHI, CUI, and controlled-access data throughout the award's life. This role does not own engineering, code development, or system/tool administration; it coordinates with those teams to drive outcomes.

Primary Responsibilities

  • Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.

  • Evaluates, tests, recommends, develops, coordinates, monitors, and maintains information security.

  • Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents.

  • Investigates and resolves security incidents and recommends enhancements to improve security.

  • Develops techniques and procedures for conducting IS security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security information systems.

  • Monitors, evaluates, and maintains systems and procedures to protect the data systems and databases from unauthorized users.

  • Researches, recommends, and implements changes to procedures and systems to enhance data systems security in accordance with industry standards. Prepare and present findings to leadership.

  • Other duties as assigned.

Knowledge - Skills - Abilities
  • Alert triage
  • Incident documentation
  • Risk Assessment
  • Strong collaboration with Information Technology Services colleagues
  • Effective partnership with colleagues from Compliance and Risk Management, the Office of Research, the Office of General Counsel, and other applicable departments.
  • Is respectful, honest, and demonstrates integrity and ethics.
  • Listens effectively, shares ideas and information openly, and facilitates relationship building by establishing trust.
  • Strong analytical thinker.
  • Possesses initiative, good judgment, and the ability to problem solve.
  • Possesses strong business acumen with proven experience in thinking strategically and implementing tactically.
  • Handles demanding workloads to meet objectives.
  • Is customer-focused, service-oriented, and has effectively affected change.
  • Makes tough decisions when needed.
  • Can make decisions under conditions of high uncertainty/ambiguity.
  • Stays current with cutting-edge developments in technology and the industry.
  • Ability to maintain confidences.
  • Ability to perform effectively in a stressful environment.
  • Demonstrated leadership ability.
  • Ability to work and communicate successfully with all levels of internal and external contacts.
  • Ability to communicate orally and in writing clearly and logically.
  • Ability to foster and maintain solid working relationships.
  • Ability to effectively plan and organize projects impacting the work of others.
Qualifications

Appropriate experience may be substituted for education on an equivalent basis.

Minimum Required Education: Bachelor's Degreein Information Security, IT, or related field-or equivalent experience.

Minimum Required Experience: 5 years in security operations, risk/compliance, or assessment roles within healthcare, higher ed, or research-intensive settings. Experience reviewing (not engineering) cloud environments against frameworks (HIPAA, NIST 800-53/171) and control catalogs (CIS Benchmarks, CSA CCM).

Framework Fluency: HIPAA Security Rule; NIST SP 800-53 r5; NIST SP 800-171; awareness of CMMC v2; familiarity with NIH/dbGaP controlled-access requirements for genomic data.
Certifications (preferred; or in progress): HIPAA Security Rule; NIST SP 800-53 r5; NIST SP 800-171; awareness of CMMC v2; familiarity with NIH/dbGaP controlled-access requirements for genomic data.
Preferred Qualifications: Experience supporting ePHI and/or CUI in academic medicine or research computing; exposure to research enclaves or secured workspaces.Working knowledge of NIST CSF 2.0 mappings to HIPAA/800-53 and experience contributing to DMS Plans or security appendices for grants.

Physical Requirements

Work requires occasional lifting of moderate-weight materials, standing, or walking continuously.

Work Environment

Occasional exposure to dust, noise, temperature changes, or contact with water or other liquids. Work is performed in an environmentally controlled environment.

Sensory Acuity

Ability to detect and translate speech or other communication required. May occasionally require the ability to distinguish colors and perceive relative distances between objects.

#LI-AV1

Why MCW?

  • Outstanding Healthcare Coverage, including but not limited to Health, Vision, and Dental. Along with Flexible Spending options

  • 403B Retirement Package

  • Competitive Vacation and Paid Holidays offered

  • Tuition Reimbursement

  • Paid Parental Leave

  • Employee & Family Assistance Program (EFAP)

  • Pet Insurance

  • On campus Fitness Facility, offering onsite classes

  • Additional discounted rates on items such as: Select cell phone plans, local fitness facilities, Milwaukee recreation and entertainment etc.

For a brief overview of our benefits see: Benefits Overview

For a full list of positions see: MCW Careers

At MCW all of our endeavors, from our internal operations to our interactions with our partners, are driven by our shared organizational values: Caring - Collaborative - Curiosity - Inclusive - Integrity - Respect. We are committed to fostering an inclusive environment that values diversity in backgrounds, experiences, and perspectives through merit-based processes and in alignment with all applicable laws. We believe that embracing human differences is critical to realize our vision of a healthier world, and we recognize that a healthy and thriving community starts from within. Our values define who we are, what we stand for and how we conduct ourselves at MCW. If you believe in embracing individuality and working together according to these principles to improve health for all, then MCW is the place for you. For more information, please visit our institutional website.

MCW as an Equal Opportunity Employer and Commitment to Non-Discrimination:

The Medical College of Wisconsin (MCW) is an Equal Opportunity Employer. We are committed to fostering an inclusive community of outstanding faculty, staff, and students, as well as ensuring equal educational opportunity, employment, and access to services, programs, and activities, without regard to an individual's race, color, national origin, religion, age, disability, sex, gender identity/expression, sexual orientation, marital status, pregnancy, predisposing genetic characteristic, or military status. Employees, students, applicants or other members of the MCW community (including but not limited to vendors, visitors, and guests) may not be subjected to harassment that is prohibited by law or treated adversely or retaliated against based upon a protected characteristic.

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-xdf5s)