How to Apply
A cover letter and resume are required; the cover letter must be PAGE 1 of your resume. The letter should:
- Specifically outline the reasons for your interest in the position.
- Outline your particular skills and experience that directly relate to this position.
- Include your current or ending salary.
Merit Network, Inc., a non-profit corporation governed by Michigan's public universities, owns and operates America's longest-running regional research and education network. Founded in 1966, Merit provides high-performance networking and services to the research and education communities in Michigan serving the needs of Michigan's universities, colleges, K-12 schools, libraries, state government, healthcare, and other non-profit organizations. Merit believes in the strength of a robust educational community. By connecting organizations, building relationships and sharing services, institutions can achieve far more together than they can alone.
For more information: www.merit.edu
Merit Network is seeking a highly motivated candidate to join our Information Technology group. You will be part of a team providing large-scale, high-volume services, infrastructure, security and customer service to Merit Members, customers, and staff.
The Information Assurance and Compliance Analyst will be responsible for overseeing Merit’s security and risk management program. This position will work with various teams, both Merit Network and external stakeholders, to conduct IT risk assessments against systems and processes, perform vulnerability scans along with developing and documenting remediation plans of discovered weaknesses. The analyst will be responsible for recommending and implementing internal information security related tools and automate those tools to streamline processes and improve response times to threats.
Essential Functions for this position are followed by an (E).
As the Merit Information Assurance and Compliance Analyst, this position’s key responsibilities include, but are not limited to the following:
Approximately 65% of the positions time and duties include:
- Work with the Chief Information Security Officer in conducting audits and risk assessments on Merit and member IT systems and processes (E)
- Develop risk mitigation plans, which include time, money, and FTE resources, and communicate those plans to internal and external stakeholders (E)
- Assist with the acquisition and deployment of information security and governance, risk, and compliance tools (E)
Approximately 35% of the positions time and duties include:
- Use of trouble tickets for response and resolution (E)
- Keep abreast of new security threats, and make recommendations to mitigate threats against Merit resources
- Assist with development and maintenance of policies, standards and procedures (E)
- Develop scripts to automate risk management tools to improve efficiency of auditing, monitoring and alerting
- Bachelor’s degree in Information Technology, IT Security, Information Assurance or related field
- 3+ years of experience in an information security and governance, risk and compliance role
- Experience performing audits, generating GAP analysis, writing reports, and developing plan of action and milestones
- Experience with security best practices
- Knowledge of IT security and risk management frameworks
- Verify application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct inconsistencies
- Experience with interpreting vulnerability and penetration test results
- Experience in vetting 3rd party vendors and cloud service providers
- Work independently, prioritize multiple projects and achieve objectives by required due dates
- Hold industry leading certifications such as CISSP, CISA, CGEIT, CRISC, CCSP or similar certifications
- Experience working in a security operations center and being part of an incident response team
- Knowledge of applicable laws and regulatory requirements such as HIPAA, HITECH, PCI, FERPA, ITAR and other regulatory requirements
- Experience performing risk assessments utilizing NIST, CobiT or ISO frameworks
- Prior IT security experience in government or education sectors
- Prior IT consulting experience
- Relocation assistance is not available for this position.
- For information about benefits: http://careers.umich.edu/benefits/
- For additional information about this position and to review other current openings at Merit, please visit our website at: http://merit.edu/merit-careers/
This position has no supervisory responsibilities.
This job operates in a professional environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
The physical demands described here are representative of those that must be met by an employee (with or without accommodations) to successfully perform the essential functions of this job.
Employee must frequently work at computer station, answer telephone calls, emails, and/or other forms of customer/client communication. Employee may on occasion be required to move items of various sizes and weights throughout the office or building.
Position Type/Expected Hours of Work:
This is a full-time position, work schedule will be determined by supervisor and may change if necessary. There may be some occasional work required outside of established schedule, which may include weekends and holidays. Typical work schedule is 8am – 5pm, Monday through Friday for most staff.
Travel may be required.
The University of Michigan/Merit Network conducts background checks on all job candidates upon acceptance of a contingent offer and may use a third party administrator to conduct background checks. Background checks will be performed in compliance with the Fair Credit Reporting Act.
If you have any questions regarding this job, please contact: firstname.lastname@example.org
If you need assistance completing this application, please call (734) 615-2000, option 1
Merit Network Inc. serves the research, education and public sector communities as a trusted and valued partner. Merit advances member success, research, economic development, collaboration, and professional development by leveraging its network infrastructure, expertise and the value of its member communities.
Job openings are posted for a minimum of seven calendar days. This job may be removed from posting boards and filled any time after the minimum posting period has ended.
U-M EEO/AA Statement
The University of Michigan is an equal opportunity/affirmative action employer.