A cover letter is required for consideration for this position and should be attached as the first page of your resume. The cover letter should address your specific interest in the position and outline skills and experience that directly relate to this position.
The University of Michigan's Information Assurance team at Michigan Medicine (IA:MM) is seeking a candidate to fulfill the role of Security Analyst Intermediate. This role will join the Cybersecurity Operations Team within IA:MM. The team is responsible for security incident response services for servers, end user computers, and mobile devices within Michigan Medicine related to areas such as malware infections and network intrusions. Our team provides security consultation on a variety of subject areas and partners with the appropriate data stewards to safeguard sensitive data.
A successful candidate will be creative, adaptable, data driven, and proactive as a part of our team helping to protect Michigan Medicine.
This position will also work with our third-party Managed Security Service Provider at their remote site with rotation to the onsite team.
Build good relationships with teams, and stakeholders at all levels (e.g. management, colleagues, and employees) using strong competencies to build trust, change perceptions, effectively communicate, influence, and adapt
Carry out activities (e.g. containment, eradication, restoration) in response to reported information security incidents and in accordance with established incident response procedures. Participate in lessons learned activities
Detect and prevent intrusions using IDS/IPS, SIEM, and other tools
Monitor and provide support Michigan Medicine around security policy and security standards
Identify sensitive data and provide input for proper storage and protection; assist with remediation efforts as required
Provide information security consulting for various Michigan Medicine groups and units requesting information assurance assistance on a project or long-term consulting basis
Participate as an information assurance subject matter expert in the analysis and design of new enterprise systems and services
Collaborate with the Compliance Office to determine applicability and scope of various regulations; assist in interpreting and/or implementing technical requirements to ensure compliance
Participate in the design, implementation, and continuous improvement of security service offerings
Continually improve security service solutions and offerings by keeping up-to-date on security conferences, seminars, reading, research, and testing
Bachelor’s degree, preferably in a technology related field, or an equivalent combination of education and experience.
Minimum of 2 years of information technology experience
Minimum of 2 years of experience applying security related technologies, practices, or services
Minimum of 1 year of experience of direct security incident response
Solid understanding of fundamental Operating System and TCP/IP Networking concepts
Solid understanding of fundamental information security concepts including: Authentication, Authorization, Audit, Encryption, Firewalls
Solid understanding of fundamental security related practices including: Risk Management, Incident Response, Vulnerability Management, Penetration Testing, IDS/IPS, System and Application Hardening, Identity and Access Management, Security Information and Event Management, Firewall management, IDS/IPS
Extensive exposure to, experience with, responsibility for, and a deep understanding of at least four of the security related concepts or practices listed above
Experience performing information security risk assessments using an interview-based approach
Experience assessing the security architecture of proposed IT solutions
Detailed understanding of security controls for Windows, Macintosh, Linux, and Networking platforms
Detailed understanding of the assurance implications associated with cloud-based solutions
Solid understanding of mobile device security issues, strategies, and controls
Possess Splunk Certified Power User or higher for the Intermediate and Splunk Certified User or higher
Experience securing virtualized environments
Extensive system administration background with Microsoft, Macintosh and *nix environments
Detailed understanding of the assurance implications of various regulatory and compliance requirements including PCI and HIPAA
Demonstrated success working across organizational boundaries
Michigan Medicine conducts background screening and pre-employment drug testing on job candidates upon acceptance of a contingent job offer and may use a third party administrator to conduct background screenings. Background screenings are performed in compliance with the Fair Credit Report Act. Pre-employment drug testing applies to all selected candidates, including new or additional faculty and staff appointments, as well as transfers from other U-M campuses.
Job openings are posted for a minimum of seven calendar days. The review and selection process may begin as early as the eighth day after posting. This opening may be removed from posting boards and filled anytime after the minimum posting period has ended.
The University of Michigan is an equal opportunity/affirmative action employer.
Internal Number: 201005
About University of Michigan - Ann Arbor
A great university is made so by its faculty and staff, and Michigan is recognized as one of the best universities to work for in the country. The Michigan culture is known for engaging faculty and staff in all facets of the university to create a workplace that is vibrant and stimulating.For two consecutive years, the Chronicle of Higher Education has placed U-M in its "Great Colleges to Work For" survey. In particular, the university earns high marks for strong relations between faculty and administrators, a collaborative system of governance, strong pay and benefits, and a healthy work/life balance.