Title:  IT Security Associate

Division:  Compliance and Audit Services
Schedule:  Monday - Friday, 8 AM - 5 PM
Work Location:  Texas Medical Center, Houston, TX
Salary Range:  $63,151 - $87,149
FLSA Status:  Exempt
Requisition ID:  9883


Baylor College of Medicine is shaping the future of medicine, forging a dynamic environment where the best minds come together to discover and deliver the best possible health care. Join the BCM Compliance and Audit Team as we continue to expand our comprehensive compliance program. In the Information Security Associate role you will assist in developing and maintaining an integrated compliance program to protect the integrity, confidentiality, and availability of Baylor College of Medicine information resources. 


Primary responsibilities of this position include, information security compliance support of college business, clinical, and research information systems, enterprise network security systems; information security incident investigations and forensic analysis; assisting in the development of information systems compliance policies and procedures; and developing ongoing knowledge of security compliance technologies, issues, and best practices.


Working with Information Security and Compliance, the Office of Information Technology and departmental managed information systems, personnel and processes. incumbent will be responsible for assisting with the review, development, testing, implementation, monitoring and analysis of information security systems and processes.

Job Duties

  • Investigates information systems security incidents, including appropriate forensic analysis of the resources implicated in an incident.
  • Assists in developing and implementing information systems compliance policies, procedures, guidelines, and measures to support various aspects of BCM-wide information systems.
  • Assists in identifying BCM-wide information security compliance risks and exposures by participating in security compliance reviews, evaluations, and risk assessments.
  • Assists in designing and developing security and control measures to address identified risks.
  • Works effectively as part of the Compliance and Audit Services team, under the direction of the Information Security Officer and more senior team members, to address the team's objectives and priorities.
  • Effectively plans and manages assigned activities to ensure that objectives and schedules are met.
  • Assists with the testing, implementation, and analysis of network and information security, network facilities or user support.
  • Maintains and administers information and network security or identity and access systems and infrastructure.
  • Provides process improvement support and researches and recommends network and system security upgrades.
  • Provides technical support to network and information security, system, or end-user incidents.
  • Installs, updates, and troubleshoots software and hardware problems.
  • Creates and maintains documentation of configuration and design changes.
  • Monitors and controls performance of information security, network security, or identity and access management resources; may participate in development and implementation of security and technology projects.
  • May participate in security reviews, evaluations, and risk assessments.
  • Progressive experience in information systems security compliance, to include information systems security controls and management such Endpoint Detection and Response, Vulnerability Assessment/Management, Data Classification/Data Loss Prevention, Intrusion Detection/Intrusion Prevention, Security Information and Event Management, Network Access Control and regulatory requirements such as HIPAA, FISMA, NIST, and PCI.


Minimum Qualifications

  • Bachelor's degree.  Four years of relevant experience may substitute for degree requirement. 
  • Two years of relevant experience.

Preferred Qualifications

  • Strongly Preferred:  Certified Information Systems Security Professional (CISSP)
  • Certified Incident Handler (GCIH) or Certified Ethical Hacker (CEH) or equivalent certification



Baylor College of Medicine requires employees to be fully vaccinated -subject to approved exemptions-against vaccine-preventable diseases including, but not limited to, COVID-19 and influenza.


Baylor College of Medicine is an Equal Opportunity/Affirmative Action/Equal Access Employer.