Data Security Director jobs in Michigan

How to Apply

A cover letter and resume are important submissions for the hiring team to get a sense of your experience. In the cover letter, in one page or less, please let us know how this role aligns with your career aspirations and skills. Submit both a cover letter and resume as one file.

Competitive salary available based on qualifications, experience and education of the selected candidate.

Job Summary:

The Information and Technology Services (ITS) organization at the University of Michigan has an exciting opportunity for a Data Security Analyst Intermediate to join the Responsible Information Security for Campus (RISC) Team within Information Assurance (IA). As part of a high performance team with expanding responsibilities, you will have the opportunity to work in a very collaborative and dynamic environment to perform risk and compliance assessments of critical systems to improve the security posture of the University's most sensitive and assets, and provide security consulting for university systems and units.

This is a hybrid position based in Ann Arbor, MI. You will need to attend meetings on campus and be within a reasonably commutable distance. Details can be worked out with the hiring manager. May also require on-call availability and working during non-business hours.

For more information about ITS, please visit our website: http://its.umich.edu/

Who we are:

Information and Technology Services (ITS) supports U-M faculty, researchers, staff, and students in their use of technology to teach, learn, research, and work, and be leaders in their fields. We are dedicated to creating cohesive digital experiences and promoting university wide innovations. ITS's mission is to be trusted enablers of technology for the U-M community. ITS works together to provide cohesive digital experiences and seamless support to the U-M community. For more information about ITS, visit: https://its.umich.edu/about

The Information Assurance (IA) Office:

• Directs IT security, policy, compliance, privacy, enterprise continuity, and identity and access management (IAM) strategy across the entire university.
• Proactively mitigates IT security risks in partnership with U-M's campuses UM-Ann Arbor, UM-Dearborn, UM-Flint, and Michigan Medicine.
• Collaborates with U-M units to:
• Develop university IT security, privacy, and IAM strategy.
• Implement best practice security, privacy, and IAM infrastructure and protocols.
• Takes a risk-based approach to securing the university's most sensitive information assets that enables teaching, learning, research, and healthcare in a large open environment.
• Provides operational information assurance and IAM services that enable the university to excel in its research, teaching, and patient care missions
• Provides guidance to the entire university community on IT security and privacy compliance best practices to help individuals protect university systems and data, as well as their own personal information.

For more information about Information Assurance, please visit our website: https://safecomputing.umich.edu

Responsibilities:

Participate in the successful execution of a potentially wide range of security services and activities. Primary responsibilities include:

• Risk Management Use tools and methodology to assess the information security risks associated with sensitive and mission critical systems based on the NIST 800-53 security control framework and develop mitigation strategies to bring risk levels into an acceptable range.
• Compliance Determine applicability and scope of various regulations; interpret and implement technical requirements to ensure compliance.
• System and Application Hardening Develop, implement, and monitor secure system and application configuration standards in accordance with applicable policies, regulations, and laws
• Education & Awareness - Support campus units through creation and delivery of education and awareness materials, security orientations and training.

Additional Duties may include the following based on skills and experience of the candidate -

• Security Advising - Provide on-demand and in-depth ongoing security advising to campus units regarding security initiatives, systems procurement and hardening, handling sensitive data, system security plans, research proposals, and other security related topics.
• Subject Matter Expert Participate as an information assurance subject matter expert in the analysis and design of new enterprise systems and services; Participate in the design, implementation, and continuous improvement of security service offerings. Provide consulting services to campus units on your subject matter expertise.

Required Qualifications:

• Bachelor's degree in Computer Science, Computer Engineering, or Information Assurance or an equivalent combination of education and experience
• Minimum of 4 years information technology experience
• Minimum of 2 years of experience applying security related technologies, practices, or services
• System administration background with Microsoft, Macintosh or *nix environments
• Solid understanding of fundamental Operating System and TCP/IP Networking concepts
• Solid understanding of fundamental information security concepts including: Authentication, Authorization, Audit, Encryption, Firewalls
• Extensive exposure to, experience with, responsibility for, and deep understanding of at least two security related technologies or practices including Risk Management, Incident Response, Vulnerability Management, Penetration Testing, IDS/IPS, System and Application Hardening, Identity and Access Management, Security Information and Event Management, Firewall management, IDS/IPS
• A strong commitment to collaboration, teamwork, and continual improvement
• Outstanding verbal, written, and presentation communication skills, including the ability to explain technical concepts to a non-technical audience
• Demonstrated success working independently, and completing tasks within established deadlines

Desired Qualifications:

• Experience performing information security risk assessments using an interview-based approach
• Experience assessing the security architecture of proposed IT solutions
• Detailed understanding of the assurance implications of various regulatory and compliance requirements including Export Control, HIPAA, CUI, FISMA
• Information Security Certification. For example, CISSP

Benefits at the University of Michigan

In addition to a career filled with purpose and opportunity, The University of Michigan offers a comprehensive benefits package to help you stay well, protect yourself and your family and plan for a secure future. Benefits include:

• Generous time off
• A retirement plan that provides two-for-one matching contributions with immediate vesting
• Many choices for comprehensive health insurance
• Life insurance
• Long-term disability coverage
• Flexible spending accounts for healthcare and dependent care expenses
• Dental and Vision Insurance
• Parental and Maternity Leave
• Underfill Statement:

UM- ITS welcomes a healthy applicant pool so we encourage all interested applicants to apply. This position may be underfilled at a lower classification depending on the qualifications of the selected candidate.

Application Deadline:

Job openings are posted for at least seven calendar days. The review and selection process may begin as early as the eighth day after posting. This opening may be removed from posting boards and filled anytime after the minimum posting period has ended.

U-M EEO/AA Statement

The University of Michigan is an equal opportunity/affirmative action employer.