Senior IT Security Analyst
Job Description
Job Description
Position : Senior IT Security Analyst
Location : Detroit, MI 48226
Duration : 6+ Months
Job Type : Contract to Hire
Work Type : Hybrid
Department : EIS Purchased Services
Position Overview :
We are seeking a Senior IT Security Analyst to join our team, focusing on enhancing and securing our IT infrastructure. The ideal candidate will bring extensive experience in security and IT, with a proven track record in security audits, risk management, and project management.
This role requires a strong analytical background, proficiency in advanced Excel, and experience with security tools and metrics.
Key Responsibilities :
Security and Risk Management : Identify, track, and monitor IT risks; review and close risk evidence; perform risk impact analysis;
and discuss remediation strategies with risk owners.
- Audit and Compliance : Assist with HITRUST assessments and ensure compliance with security standards.
- Technical Analysis : Analyze Tenable scans and Splunk data; maintain expertise in operating systems, databases, networks, firewalls, and identity access.
- Project Management : Manage projects related to IT security and risk management.
- Documentation and Reporting : Develop risk metrics and analyses, and provide detailed reports and recommendations.
Required Skills and Experience :
- Experience : 10+ years in security and information technology.
- Security Audits / Risk Management : 5+ years in security audit or risk management.
- Project Management : Minimum of 1 year of project management experience.
- Technical Skills : Advanced proficiency in Excel and Microsoft Office, including macro development.
- Analytical Skills : Strong analytical abilities for risk analysis and remediation.
- Security Tools : Experience with Tenable, Splunk, and technical knowledge in operating systems, databases, networks, firewalls, and identity access.
Preferred Skills and Experience :
- Technical Expertise : Experience in network security, cloud security, SOC audits, and ISO 27001.
- Additional Knowledge : Familiarity with MFA, security operations, threat hunting, and OWASP.
- Certifications : CISA, CRISK, CISSP, and knowledge of HIPAA, HITRUST, and NIST frameworks.
Education / Certifications :
- Degree : Bachelor’s degree in Computer Engineering, Computer Science, or related field.
- Certifications : Relevant security certifications such as CISA, CRISK, CISSP.
- Knowledge : Understanding of OWASP, HIPAA, HITRUST, and NIST frameworks.