Information Security Analyst

General Purpose:

The University of Michigan Health Sparrow Information Assurance (IA) Team is seeking a candidate to fulfill the role of Security Analyst Associate. This role will join the University of Michigan Health Regional IA team and work with the Michigan Medicine IA team. The team is responsible for security incident response services for servers, end user computers, and mobile devices within the University of Michigan Health Regional Network related to areas such as malware infections and network intrusions.

A successful candidate will be creative, adaptable, data driven, and proactive as a part of our team helping to protect the University of Michigan Health Regional Network.

Essential to the success of this position will be the ability to successfully navigate and work collaboratively with the IT organizations, assurance partners, technical security staff across the University of Michigan Health Regional Network and Michigan Medicine. We work in a highly collaborative environment with an extraordinary scope of responsibilities and priorities. A successful candidate will be required to operate with minimal supervision, deliver effective and predictable results, and solve problems creatively, yet practically. A candidate should be comfortable and confident in meeting deadlines and executing timely performance of operations and project work within shared systems of work. This organization changes to suit the needs of the institution.

Our Division's Mission

We serve as a trusted partner and provide a best-in-class security program to uphold and protect the mission of University of Michigan Health Regional Network.

Our Division's Vision

We believe in cultivating a shared responsibility of security to enhance how we provide care, deliver education and create innovation to protect the quality of healthcare.

Our Division's Principles

• Prioritize your self-care, family-care, team-care, then the work.
• Implement balanced assurance solutions.
• Strengthen our department's capabilities.
• Develop an assurance-minded workforce
• Focus on practical information assurance.

Essential Duties:

• Carry out activities (e.g. containment, eradication, restoration) in response to reported information security incidents and in accordance with established incident response procedures. Participate in lessons learned activities.
• Expose and/or assess the impact of reported vulnerabilities; implement mitigation strategies based on severity.
• Assist with reporting of security and vulnerability controls.
• Monitor and provide support to the University of Michigan Health Regional Network around security policy and security standards.
• Identify sensitive data and provide input for proper storage and protection; assist with remediation efforts as required.
• Participate as an information assurance subject matter expert in the analysis and design of new enterprise systems and services.
• Participate in the design, implementation, and continuous improvement of security service offerings.
• Build good relationships with teams, and stakeholders at all levels (e.g. management, colleagues, and employees) using strong competencies to build trust, change perceptions, effectively communicate, influence, and adapt.
• Continually improve security service solutions and offerings by keeping up to date on security conferences, seminars, reading, research, and testing.
• Help maintain documentation for security policies, procedures, and knowledge base articles.