How to Apply
A cover letter is required for consideration for this position and should be attached as the first page of your resume. The cover letter should address your specific interest in the position and outline skills and experience that directly relate to this position.
Information Assurance: Michigan Medicine –
The Information Assurance: Michigan Medicine (IA:MM) team was established to protect systems, data, and identities that Michigan Medicine relies upon. The team educates and prepares staff and students for increasing cyber threats, and proactively mitigates IT security risks in partnership with the greater U-M community. The IA:MM team enables teaching, learning, research, and healthcare in a large, open environment by helping to balance risks and threats. IA:MM collaborates and coordinates with university efforts and participates in the development of university-wide security, compliance, and privacy strategies and strives to implement best practice cybersecurity efforts.
The University of Michigan's Information Assurance team at Michigan Medicine (IA:MM) is seeking a candidate to fulfill the role of Product and Application Specialist. This role will join the Cybersecurity Operations Team within IA:MM and will report to the Cybersecurity Operations Manager. The team is be responsible for security incident response services for servers, end user computers, and mobile devices within Michigan Medicine related to such areas as malware infections and network intrusions. Also, the team provides security consultation, as required, on a variety of subject areas and works with the appropriate data owners/stewards to safeguard sensitive data. This position will provide technical support for the security assets run by Information Assurance such as vulnerability scanners and endpoint protection.
A successful Product and Application Specialist must be a highly motivated, results-oriented and data driven professional that is willing to be part of the team helping to secure the highly dynamic environment within Michigan Medicine.
- Act as project lead for product enhancement initiatives
- Coordinate upgrades, patches to security assets
- Configure need functionality to meet business needs
- Maintain required documentation
- Work with the product service support team
- Facilitate HITS Change Management process
- Coordinate with the HITS enterprise hosting and infrastructure for server and hardware maintenance and upgrades
- Mitigate vulnerabilities with business owners and vendor
- Communicate service outages to end-users and support teams
- Bachelor’s degree in Computer Science, Computer Engineering, or Information Assurance or an equivalent combination of education and experience
- Minimum of 5 years information technology experience
- Minimum of 2 years of experience applying security related technologies, practices, or services
- Minimum of 2 years of Windows Server or Linux Server administrative experience
- Solid understanding of using and implementing scripting languages such as Python and Bash
- Solid understanding of fundamental Operating System and TCP/IP Networking concepts
- Outstanding verbal and written communication skills
- Demonstrated success completing tasks within established deadlines
- Solid understanding of fundamental information security concepts including: Authentication, Authorization, Audit, Encryption, Firewalls
- Solid understanding of fundamental security related practices including: Risk Management, Incident Response, Vulnerability Management, Penetration Testing, IDS/IPS, System and Application Hardening, Identity and Access Management, Security Information and Event Management, Firewall management, IDS/IPS
- Extensive experience with scripting languages, like Python and Bash
- Comprehensive experience using REST APIs
- Exposure to Ansible automation and associated GUI front end like Rundeck
- Experience assessing the security architecture of proposed IT solutions
- Detailed understanding of the assurance implications associated with cloud-based solutions
- Experience securing virtualized environments
- Extensive system administration background with Microsoft, Macintosh and *nix environments
- Detailed understanding of security controls for Windows, Macintosh, Linux, and Networking platforms
- Demonstrated success working across organizational boundaries
- ITIL v2 Foundation Level certification
Michigan Medicine conducts background screening and pre-employment drug testing on job candidates upon acceptance of a contingent job offer and may use a third party administrator to conduct background screenings. Background screenings are performed in compliance with the Fair Credit Report Act.
Michigan Medicine conducts background screening and pre-employment drug testing on job candidates upon acceptance of a contingent job offer and may use a third party administrator to conduct background screenings. Background screenings are performed in compliance with the Fair Credit Report Act. Pre-employment drug testing applies to all selected candidates, including new or additional faculty and staff appointments, as well as transfers from other U-M campuses.
The mission of UM Information Assurance is to direct university-wide IT security, IT policy, compliance, privacy, and enterprise continuity efforts and provide operation security services that enable the university to excel in its research, teaching, and patient care mission.
This role, as part of the academic medical center’s assurance program, is both part of UM Information Assurance and the Michigan Medicine Chief Information Officer’s program. The goal is to represent and balance the needs of the health system and medical school in the framework and processes of the greater UM Information Assurance effort.
Essential to the success of this position will be the ability to successfully navigate and work collaboratively with the IT organizations, assurance partners, technical security staff, and Michigan Medicine management and external organizations’ roles and priorities. We work in a highly collaborative environment with an extraordinary scope of responsibilities and priorities. A successful candidate will be required to operate with minimal supervision, deliver effective and predictable results, and solve problems creatively, yet practically. A candidate should be comfortable and confident in meeting deadlines and executing timely performance of operations and project work within shared systems of work. This organization changes to suit the needs of the institution. Candidates should understand the dynamic nature of information services within an academic health center, information technology operations, and medical education.
Job openings are posted for a minimum of seven calendar days. This job may be removed from posting boards and filled anytime after the minimum posting period has ended.
U-M EEO/AA Statement
The University of Michigan is an equal opportunity/affirmative action employer.