Business Systems Analyst - Senior / Intermediate

Apply Now

How to Apply

A cover letter is required for consideration for this position and should be attached as the first page of your resume. The cover letter should address your specific interest in the position and outline skills and experience that directly relate to this position.

Job Summary

Are you an analytical and adaptable professional who thrives in ambiguous environments, enjoys identifying risk, and excels at solving complex problems? Do you have a talent for working with diverse stakeholders to clarify requirements and move work forward?

The Academic Applications team is seeking a Senior Business Systems Analyst to support information assurance activities for a portfolio of applications used across Michigan Medicine. This role focuses on facilitating and coordinating information assurance processes rather than providing application support, and reports to the Manager of the Academic Applications team.

Within HITS, the Academic Applications team oversees applications that support research and medical student education. In this role, you will serve as a key liaison for information assurance by coordinating assurance requests, supporting security control and risk assessments, and helping reduce risk and vulnerabilities for existing and new applications. You will work closely with data owners and stewards, Michigan Medicine Information Assurance teams, business owners, and vendors to ensure information assurance requirements are understood, documented, and addressed in a timely and consistent manner. 

Who We Are

Department Overview

Health Information Technology & Services (HITS) plays a role in the success of Michigan Medicine by providing clinicians, educators, researchers, students, and staff with technology-related information, products, and support. HITS also provides institutional expertise related to IT strategy, security, infrastructure, and resource management.


Division Overview

The Academic IT (AcadIT) division in Health Information & Technology Services (HITS) serves both the education and research communities at the University of Michigan Medical School (UMMS). We engage faculty, students, and staff to provide a holistic portfolio of software and applications, infrastructure, device support, and custom projects to promote innovation and excellence. AcadIT is comprised of three areas that work in concert to provide support: 1) Application Services - focused on product management and support for vendor applications; 2) Software Delivery - focused on building custom applications when a vendor solution is not available and offering secure application environments; 3) Technical Services & Engagement - focused on providing support for high-performance computing, device management, data integration, and scientific programming and engagement and outreach with our customers.

Responsibilities*

  • Work with faculty, researchers, investigators, and application stakeholders to collect, clarify, and document information assurance and security-related requirements for systems.
  • Partner with Michigan Medicine Information Assurance (IA) teams to understand the impact and severity of reported vulnerabilities and to coordinate mitigation efforts with business owners and vendors.
  • Collaborate closely with IA to understand proposed remediation and mitigation strategies, support risk assessments, and assist Michigan Medicine service providers in bringing risk levels within acceptable thresholds.
  • Develop and maintain requirements and design documentation related to information assurance for new applications and for changes to existing applications.
  • Analyze existing processes, procedures, and systems to identify gaps, risks, and opportunities for improvement, and provide recommendations to enhance security posture and compliance.
  • Develop and maintain strong working relationships with internal and external partners by providing accurate, timely, and effective coordination and communication.
  • Serve as a central point of coordination for information assurance activities, ensuring issues are tracked, prioritized, escalated, and resolved in accordance with established policies and timelines.
  • Stay current on information security trends, regulatory requirements, and institutional policies through ongoing professional development, research, and engagement with the information assurance community.

Required Qualifications*

Senior Level

  • Bachelor's degree or equivalent years of experience in a related discipline.
  • 5+ years of related experience supporting technology or business analysis.
  • 2+ years of demonstrated knowledge or experience in a security-related area.


Intermediate Level

  • Bachelor's degree or equivalent years of experience in a related discipline.
  • 4 years of related experience supporting technology or business analysis.
  • 1+ years of demonstrated knowledge or experience in a security-related area.

Desired Qualifications*

  • Solid understanding of fundamental security practices, including risk management, incident response, vulnerability management, system and application hardening, identity and access management, authentication, authorization, auditing, encryption, and firewall concepts.
  • Knowledge of National Institute of Standards and Technology (NIST) standards, with particular emphasis on the NIST Special Publications 800 and 1800 series.
  • Understanding of information assurance considerations and risk implications associated with cloud-based solutions.
  • Ability to conduct root cause analysis for issues of varying complexity, and to clearly explain both technical and business concepts.
  • Ability to understand technical information and communicate it effectively using clear, user-friendly language for diverse audiences.
  • Strong facilitation and communication skills, including leading meetings, delivering presentations, and leveraging formal and informal networks to achieve goals.
  • Proven ability to work across organizational boundaries and effectively engage with stakeholders who have differing perspectives and levels of technical understanding.
  • Demonstrated commitment to inclusion and collaboration, showing respect for diverse perspectives and maintaining positive, cooperative working relationships.
  • Experience using ticketing and work management tools such as ServiceNow, JIRA, or similar platforms.
  • Experience using process mapping and documentation tools such as LucidChart, Visio, or equivalent.
  • Security-related certifications such as CISSP, CISA, or GIAC GSEC are preferred.

Work Schedule

This position is being made available with the ability for you to negotiate alternative work schedules and remote/on-site options to suit your work-life balance. Non-Michigan residents should inquire about potential employment while working remotely in a state other than Michigan.

Modes of Work

Positions that are eligible for hybrid or mobile/remote work mode are at the discretion of the hiring department. Work agreements are reviewed annually at a minimum and are subject to change at any time, and for any reason, throughout the course of employment. Learn more about the work modes.

Underfill Statement

This position may be underfilled at a lower classification depending on the qualifications of the selected candidate.

Additional Information

Benefits

We offer a benefits package that includes comprehensive training and career development opportunities, generous retirement savings plans, ample paid time off, and a wealth of family care support: https://careers.umich.edu/benefits

Mission Statement

Michigan Medicine improves the health of patients, populations and communities through excellence in education, patient care, community service, research and technology development, and through leadership activities in Michigan, nationally and internationally.  Our mission is guided by our Strategic Principles and has three critical components; patient care, education and research that together enhance our contribution to society.

Background Screening

Michigan Medicine conducts background screening and pre-employment drug testing on job candidates upon acceptance of a contingent job offer and may use a third party administrator to conduct background screenings.  Background screenings are performed in compliance with the Fair Credit Report Act. Pre-employment drug testing applies to all selected candidates, including new or additional faculty and staff appointments, as well as transfers from other U-M campuses.

Application Deadline

Job openings are posted for a minimum of seven calendar days.  The review and selection process may begin as early as the eighth day after posting. This opening may be removed from posting boards and filled anytime after the minimum posting period has ended.

U-M EEO Statement

The University of Michigan is an equal employment opportunity employer.