Information Security Analyst

Information Security Analyst

Ann Arbor, MI

Vulnerability Analyst Intermediate

Ann Arbor, Michigan Jobs

48103 Jobs

Information Security Analysts Jobs

$91,647 - $112,013

One Click Easy Apply with Gigzio

by clicking on apply, you agree to our
Terms of Use and Privacy Policy

How to Apply

A cover letter is required for consideration for this position and should be attached as the first page of your resume. The cover letter should address your specific interest in the position and outline skills and experience that directly relate to this position.

Information Assurance: Michigan Medicine

The Information Assurance: Michigan Medicine (IA:MM) team was established to protect systems, data, and identities that Michigan Medicine relies upon. The team educates and prepares staff and students for increasing cyber threats, and proactively mitigates IT security risks in partnership with the greater U-M community. The IA:MM team enables teaching, learning, research, and healthcare in a large, open environment by helping to balance risks and threats. IA:MM collaborates and coordinates with university efforts and participates in the development of university-wide security, compliance, and privacy strategies and strives to implement best practice cybersecurity efforts.

Job Summary

The University of Michigan's Information Assurance: Michigan Medicine Team (IA:MM) is seeking a candidate to fulfill the role of Vulnerability Analyst Intermediate. This role will support risk assessment, vulnerability response and assurance of new investments for Michigan Medicine to ensure the confidentiality, integrity, and availability of the data, systems, and identities of our workforce, students, and patients.  IA:MM values positive teamwork and a work-life balance including commitments to professional growth and development.  This is primarily a remote position. 

Mission Statement

Michigan Medicine improves the health of patients, populations and communities through excellence in education, patient care, community service, research and technology development, and through leadership activities in Michigan, nationally and internationally.  Our mission is guided by our Strategic Principles and has three critical components; patient care, education and research that together enhance our contribution to society.


  • Prepare security assessments for new and existing information systems, applications, and information technology services of Michigan Medicine Service Providers for compliance with U-M and Michigan Medicine policy and procedure, as well as relevant legal and regulatory requirements.

  • Use tools and methodology to assess the information security risks associated with sensitive and mission critical systems based on the NIST 800-53 security control framework.

  • Assist with developing mitigation strategies to bring risk levels into an acceptable range and assist and support the Michigan Medicine Service Providers with those remediation activities.

  • Identify information security risk areas where further awareness and training is needed.

  • Compare, evaluate, and recommend improvements in policies, procedures, and technical safeguards to address significant risks to the security of Michigan Medicine information systems and data.

  • Assess the impact of reported vulnerabilities and assist with the implementation of mitigation strategies based on severity.

  • Identify sensitive data and provide input for proper storage and protection.

  • Make recommendations and participate in the development of information assurance policies and procedures.

  • Participate in the development of education and awareness efforts and the timely dissemination of security information to staff and end users.

  • Assist with the process improvements, problem management, and risk management functions within the Michigan Medicine information assurance team.

  • Build good relationships with teams, and stakeholders at all levels (e.g., management, colleagues, and employees) using strong competencies to build trust, change perceptions, effectively communicate, influence, and adapt.

  • Collaborate with teams, stakeholders, and business partners to understand and implement improvement opportunities.

  • Inspire and influence teams including staff and Health Information Technology & Services business partners to deliver risk management solutions and offerings effectively to the Academic Medical Center’s community.

  • Continually improve security service solutions and offerings by keeping up to date on security conferences, seminars, reading, research, and testing.

  • Guiding the development of information security standards, guidelines, and policy.

  • Develop sound relationship with internal and external customers by providing accurate and effective support.

Required Qualifications*

  • Bachelor’s degree in computer science or a related field and/or equivalent combination of education, certification, and experience.

  • Minimum of 4 years demonstrated experience in information systems security.

  • Demonstrated experience in conducting audits or risk assessments or using audit/assessment tools and methodologies.

  • Demonstrated knowledge of National Institute of Standards and Technology (NIST) with specific emphasis on the NIST Special Publications (SP) 800 and 1800 series.

  • Experience in IT auditing and/or information security consulting.

  • Exposure to, experience with, responsibility for, and deep understanding of at least two of these security related technologies or practices.

  • Demonstrated understanding of/and exposure to, experience with, responsibility for, and deep understanding of at least two of these security related technologies and practices including but not limited to; authentication and authorization systems, digital forensics, encryption, endpoint protection, education and awareness, firewalls, IDS/IPS, incident response, malware disassembly, mobile device security, NAC, secure code review, secure remote access, secure wireless networking, penetration testing, PKI, policy development, risk management, SIEM, threat modeling, two-factor authentication, vulnerability management, web application security, web application firewalls.

  • Demonstrated knowledge of TCP/IP stack.

  • Demonstrated understanding of attack methodologies and vectors.

  • Ability to work independently and proactively.

  • Excellent organizational, analytical, and independent problem-solving skills.

  • Ability to communicate effectively, both verbally and in writing. Demonstrated success giving presentations.

  • Demonstrated success coordinating and completing multiple tasks within established and changing deadlines.

Desired Qualifications*

  • Minimum of 5 years’ experience in information systems security.

  • Experience in a healthcare environment.

  • Experience with vulnerability scanning and penetration testing tools and technology

  • Hold security certification such as CISSP, CISA, GIAC-GSEC.

Work Locations

This position is being made available with the ability for you to negotiate alternative work schedules and remote/on-site options to suit your work-life balance. 

Non-Michigan residents should inquire about potential employment while working remotely in a state other than Michigan. Apply to be part of a strong team that partners with our institution, community, and each other.

Background Screening

Michigan Medicine conducts background screening and pre-employment drug testing on job candidates upon acceptance of a contingent job offer and may use a third party administrator to conduct background screenings.  Background screenings are performed in compliance with the Fair Credit Report Act. Pre-employment drug testing applies to all selected candidates, including new or additional faculty and staff appointments, as well as transfers from other U-M campuses.

Application Deadline

Job openings are posted for a minimum of seven calendar days.  The review and selection process may begin as early as the eighth day after posting. This opening may be removed from posting boards and filled anytime after the minimum posting period has ended.

U-M EEO/AA Statement

The University of Michigan is an equal opportunity/affirmative action employer.


U-M COVID-19 Vaccination Policy

COVID-19 vaccinations are now required for all University of Michigan students, faculty and staff across all three campuses, including Michigan Medicine.  This includes those working or learning remotely.  More information on this policy is available on the Campus Blueprint website or the U-M Dearborn and U-M Flint websites.

Job ID: 7641084622963183227

This job is located in

Ann Arbor, Michigan, 48103

Popular Companies Hiring Now