Information Security Analyst (Governance, Risk, & Compliance)

The Doctors Company is currently seeking an Information Security Analyst. This is a hybrid opportunity based in East Lansing, MI.

Position Mission

The Information Security Analyst works closely with management and senior security team, analyst will assist team to complete tasks designed to ensure the confidentiality, integrity, and availability of the organization's systems and informational assets. Support incident response and forensics efforts for all security related investigations, including collecting logs, documenting response steps, and collecting critical evidence. Assist in security risk management processes, including security assessments for both internal and 3rd party systems and software. Assist in compliance auditing internal systems against baseline configuration requirements and adherence to TDC Security Policy. Works with project teams to assist with security related deliverables of limited complexity in a supporting role. Assists management team with developing and maintaining information security policies and procedures and tracking compliance throughout the organization. Role requires analyst to maintain security certifications to demonstrate command of knowledge in the security industry and to maintain up to date knowledge of security threats, vulnerabilities, exploits, and trends in the security environment and their impact to the IT systems. Work is closely managed.

Qualifications

• Associate degree (2 years college) or equivalent educational experience; and an expressed interest in Cybersecurity, Secure Systems Engineering and / or IT Governance Can substitute degree with additional certification from list below.
• One or more of the following certifications are required (2 w / o Associated Degree) : CEH : Certified Ethical HackerCompTIA Security CompTIA Network CompTIA Linux (ISC)2 Associate (or higher)GSEC : SANS GIAC Security Essentials.CRISC : Certified in Risk and Information Systems ControlCIPP / US : Certified Information Privacy Professional / USCISM : Certified Information Security ManagerCISA : Certified Information System AuditorCISSP : Certified Information Systems Security ProfessionalCCNA : Cisco Certified Network Associate SecurityCCNP : Cisco Certified Network Professional SecurityC|HFI : Computer Hacking Forensics InvestigatorSimilar entry level certifications which cover cyber security may be leveraged.
• Demonstrated desire to complete future certifications in cybersecurity or other IT fields is required.
• Knowledge of enterprise identity management systems such as Active Directory, Azure Active Directory.
• Knowledge of Identity Management Lifecycle.
• Knowledge of managing and securing Microsoft Windows or Linux Operating Systems.
• Knowledge of NTFS file system permissions management and model.
• Knowledge of networking, routing, switching and firewalls.
• Knowledge of security, vulnerability, exploits, forensics, incident response.
• Knowledge of virtualization technologies, including VMware, desirable.
• Relevant background in programming in either PowerShell, Batch or Bash Shell
• Knowledge of relevant IT industry concepts, practices, standards and procedures.
• Ability to prioritize multiple projects and meet deadlines.
• Excellent oral and written communication skills.
• Ability to work with diverse personalities.
• Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, or governmental regulations.
• Ability to write comprehensive reports, business correspondence, and technical procedure manuals.
• Ability to effectively present information and respond to questions from groups of managers, clients, customers, and the general public.
• Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages.
• Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and set variables.
• 2 - 5 ) years’ experience supporting technical environments required. Experience may include servers, networking, telephonic, and / or storage systems.
• 2 - 5 ) years’ experience building, administrating, and monitoring systems in a multi-site network environment with more than 500 users preferred.
• Ability to be on-call to support security incident response scenarios that may occur outside of standard business hours.
• Willingness to occasionally work outside of business hours to support project teams and perform assigned system maintenance tasks in order to minimize business interruptions.

Salary Range :  $82,328 - $101,670

Responsibilities

Identity and Access Management

Monitoring and Operations of Security Systems

Vulnerability and Patch Management

Project Management & Execution

Security Risk Management

Compliance and Audit Management

Other Duties As Assigned

Salary Range : $87,171 - $101,700

Compensation varies based on skills, knowledge, and education. We consider factors such as specialized skills, depth of knowledge in the field, and educational background to ensure fair and competitive pay.

Benefits

We offer competitive compensation, incentive bonus plans, outstanding career opportunities, an exceptional work environment, and an impressive benefits package, which starts with medical, family and bereavement leave; same-sex domestic partner benefits; short- and long-term disability programs; and an employee assistance program. There's more :

About The Doctors Company

The Doctors Company is the nation’s largest physician-owned medical malpractice insurer. Founded and led by physicians, we are committed to advancing, protecting, and rewarding the practice of good medicine.

The Doctors Company is proud to be.

Salary : $82,328 - $101,670