How to Apply

A cover letter is required for consideration for this position and should be attached as the first page of your resume. The cover letter should address your specific interest in the position and outline skills and experience that directly relate to this position.

Summary

The Center for Statistical Genetics (CSG) in the Department of Biostatistics at the University of
Michigan has an exciting opportunity for a Data Security Analyst Intermediate/Senior. As part of
a high performing multi-disciplinary team, you will lead efforts to secure cloud and on-premises
applications involving human genetic data to FISMA standards using the NIST 800-53
framework. You will play a key role in preparing critical administrative deliverables such as
POA&Ms, risk treatment plans and security plans, in addition to managing incident response,
carrying out security assessments and assisting with system hardening, vulnerability
remediation and security event monitoring.

Who We Are

The Center for Statistical Genetics supports some of the world’s largest human genetic studies
with petascale genetic information, health data, and additional biologic information on hundreds
of thousands of human subjects. We develop methodologies and tools that make this data and
the insights it supports available to thousands of researchers worldwide across academia,
industry and government.

Responsibilities*

• Risk Management (30%)
• Compliance (30%)
• Audit (10%)
• System and Application Hardening (5 %)
• Education and Awareness (5%)
• Security Advising (10%)
• Subject Matter Expert (5 %)
• Incident Response (5 %)

Click here to download a detailed description.

Required Qualifications*

• Bachelor's degree in Computer Science, Electrical Engineering, Computer Engineering,MIS, Information Technology, Information Assurance or an equivalent combination of education and experience.
• Minimum of 4 years of information technology experience involving hands-on familiarity with the UNIX or Linux environment.
• Minimum of 2 years of experience using free and open-source security tools, techniques and sources of information to carry out activities such as security assessment, system hardening, incident response, vulnerability management, penetration testing, IAM and SIEM.
• Minimum of 2 years of experience applying NIST 800-53 or similar security frameworks including a lead or major contributor role in preparing administrative deliverables such as POA&Ms, risk treatment plans, security plans and contingency plans.
• Familiar with web application security best practices and at least one programming language, with sufficient depth of knowledge to assist developers with SDLC process refinement, application hardening and manual or automated code review.
• Strong soft skills including writing, communications, project management and effectively working across organizational boundaries.

Desired Qualifications*

• Experience with Amazon Web Services, Google Cloud Platform or Azure.
• Experience assessing the security architecture of proposed IT solutions.
• Experience securing virtualized environments.
• Experience meeting regulatory and compliance requirements such as FISMA at a federal agency or federal contractor.
• Experience working in small or medium-sized teams.

Work Locations

This position may be eligible for remote and/or flexible work opportunities at the discretion of the hiring department.  Flexible work agreements are reviewed annually and are subject to change dependent on the business needs of the hiring department, throughout the course of employment.

Underfill Statement

This position may be underfilled at a lower classification depending on the qualifications of the selected candidate.

• Salary for Senior level:  $89,599-$110,681
• Salary for Intermediate level:  $71,018-$87,728

Additional Information

Michigan Public Health is seeking a dynamic staff member with a commitment to contributing to a diverse, equitable and inclusive environment for all members of our community.

Background Screening

The University of Michigan conducts background checks on all job candidates upon acceptance of a contingent offer and may use a third party administrator to conduct background checks.  Background checks are performed in compliance with the Fair Credit Reporting Act.

Application Deadline

Job openings are posted for a minimum of seven calendar days.  The review and selection process may begin as early as the eighth day after posting. This opening may be removed from posting boards and filled anytime after the minimum posting period has ended.

U-M EEO/AA Statement

The University of Michigan is an equal opportunity/affirmative action employer.

U-M COVID-19 Vaccination Policy

COVID-19 vaccinations, including one booster when eligible, are required for all University of Michigan students, faculty and staff across all campuses, including Michigan Medicine.  This includes those working remotely and temporary workers.   More information on this new policy is available on the U-M Health Response website or the UM-Dearborn and UM-Flint websites.