Design, develop, and monitor robust data analysis and reporting systems, along with communication tools, to ensure accurate and timely insights. Information Security Risk Management (Advisory ...
Design, develop, and monitor robust data analysis and reporting systems, along with communication tools, to ensure accurate and timely insights. Information Security Risk Management (Advisory ...
Senior, Tax Analyst - Payroll
$29.25 - $38/hr
Configuration of payroll wage codes for the accurate application of employer and employee taxes and social security * Analysis of payroll tax notices * Preparation of Powers of Attorney * Liaison ...
Senior, Tax Analyst - Payroll
$29.25 - $38/hr
Configuration of payroll wage codes for the accurate application of employer and employee taxes and social security * Analysis of payroll tax notices * Preparation of Powers of Attorney * Liaison ...
Conduct risk assessments and gap analyses * Identify opportunities to improve security posture through automation and tooling * Maintain documentation to support audit readiness and operational ...
Conduct risk assessments and gap analyses * Identify opportunities to improve security posture through automation and tooling * Maintain documentation to support audit readiness and operational ...
Conduct risk assessments and gap analyses * Identify opportunities to improve security posture through automation and tooling * Maintain documentation to support audit readiness and operational ...
Conduct risk assessments and gap analyses * Identify opportunities to improve security posture through automation and tooling * Maintain documentation to support audit readiness and operational ...
Security Engineer
Auburn Hills, MI · On-site
Conduct risk assessments and gap analyses * Identify opportunities to improve security posture through automation and tooling * Maintain documentation to support audit readiness and operational ...
Security Engineer
Auburn Hills, MI · On-site
Conduct risk assessments and gap analyses * Identify opportunities to improve security posture through automation and tooling * Maintain documentation to support audit readiness and operational ...
It's a role for an elite security operator - someone with the instincts of a seasoned SOC analyst and the technical depth to own the platforms that power detection, response, and protection at ...
It's a role for an elite security operator - someone with the instincts of a seasoned SOC analyst and the technical depth to own the platforms that power detection, response, and protection at ...
Security Manager
Auburn Hills, MI · On-site
Conduct and oversee security risk assessments and vulnerability analyses. * Design and implement security systems and processes, including: * Access control and badging * Surveillance systems
Security Manager
Auburn Hills, MI · On-site
Conduct and oversee security risk assessments and vulnerability analyses. * Design and implement security systems and processes, including: * Access control and badging * Surveillance systems
Conduct and oversee security risk assessments and vulnerability analyses. * Design and implement security systems and processes, including: * Access control and badging * Surveillance systems
Conduct and oversee security risk assessments and vulnerability analyses. * Design and implement security systems and processes, including: * Access control and badging * Surveillance systems
SSE will assist in conducting trade-off analyses and will integrate contributions from system security engineering disciplines such as anti-tamper, cybersecurity, exportability features, hardware ...
SSE will assist in conducting trade-off analyses and will integrate contributions from system security engineering disciplines such as anti-tamper, cybersecurity, exportability features, hardware ...
Conduct cloud security analysis, recommendations and configurations of prospective clients' Microsoft Entra ID, Office 365 (O365), Exchange Online, Teams, OneDrive for Business, and SharePoint Online ...
Conduct cloud security analysis, recommendations and configurations of prospective clients' Microsoft Entra ID, Office 365 (O365), Exchange Online, Teams, OneDrive for Business, and SharePoint Online ...
Senior Cyber Security Analyst
Wixom, MI · On-site
$95K - $123K/yr
Lead and independently own security investigations from detection through containment, remediation, and root cause analysis. * Lead and participate in incident response activities, including high ...
Quick apply
Senior Cyber Security Analyst
Wixom, MI · On-site
$95K - $123K/yr
Lead and independently own security investigations from detection through containment, remediation, and root cause analysis. * Lead and participate in incident response activities, including high ...
Senior Cyber Security Analyst
Wixom, MI · On-site
$95K - $123K/yr
Lead and independently own security investigations from detection through containment, remediation, and root cause analysis. * Lead and participate in incident response activities, including high ...
Senior Cyber Security Analyst
Wixom, MI · On-site
$95K - $123K/yr
Lead and independently own security investigations from detection through containment, remediation, and root cause analysis. * Lead and participate in incident response activities, including high ...
IAM SailPoint Analyst
Farmington, MI · On-site
... security practices and end-user experience. • Stay current with the latest industry trends, best ... Excellent analytical, problem-solving, and troubleshooting skills. • Strong written, oral ...
IAM SailPoint Analyst
Farmington, MI · On-site
... security practices and end-user experience. • Stay current with the latest industry trends, best ... Excellent analytical, problem-solving, and troubleshooting skills. • Strong written, oral ...
... security practices and end-user experience. * Stay current with the latest industry trends, best ... Excellent analytical, problem-solving, and troubleshooting skills. * Strong written, oral ...
... security practices and end-user experience. * Stay current with the latest industry trends, best ... Excellent analytical, problem-solving, and troubleshooting skills. * Strong written, oral ...
Security Operations Manager-Enterprise Security - Midwest
Detroit, MI · On-site
$66K - $145K/yr
Analyze data and trends to identify potential threats * Support threat intelligence efforts and share findings with leadership * Work closely with internal teams to achieve security goals * Deliver ...
Security Operations Manager-Enterprise Security - Midwest
Detroit, MI · On-site
$66K - $145K/yr
Analyze data and trends to identify potential threats * Support threat intelligence efforts and share findings with leadership * Work closely with internal teams to achieve security goals * Deliver ...
Security Guard
Royal Oak, MI · On-site
$15 - $18.25/hr
Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...
Security Guard
Royal Oak, MI · On-site
$15 - $18.25/hr
Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...
Security Guard
Royal Oak, MI · On-site
$15 - $18.25/hr
Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...
Security Guard
Royal Oak, MI · On-site
$15 - $18.25/hr
Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...
Security Guard
$15 - $18.25/hr
Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...
Security Guard
$15 - $18.25/hr
Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...
Intelligence Analyst Employment Type: Full-Time, Experienced Contact Government Services is hiring ... Duties may include the processing and verification of national security threat actor nominations ...
Intelligence Analyst Employment Type: Full-Time, Experienced Contact Government Services is hiring ... Duties may include the processing and verification of national security threat actor nominations ...
Analyze market and industry trends and adjust cybersecurity strategy accordingly. * Maintain and ... Ability to communicate security designs, priorities, and concepts to working level and business ...
Analyze market and industry trends and adjust cybersecurity strategy accordingly. * Maintain and ... Ability to communicate security designs, priorities, and concepts to working level and business ...
Security Analyst information
See Rochester, MI salary details
$36.4K - $44.9K
1% of jobs
$44.9K - $53.3K
3% of jobs
$53.3K - $61.8K
4% of jobs
$61.8K - $70.3K
5% of jobs
$70.3K - $78.8K
6% of jobs
$85.5K is the 25th percentile. Wages below this are outliers.
$78.8K - $87.3K
6% of jobs
$87.3K - $95.8K
5% of jobs
The median wage is $100.8K / yr.
$95.8K - $104.3K
32% of jobs
$104.3K - $112.8K
3% of jobs
$115.1K is the 75th percentile. Wages above this are outliers.
$112.8K - $121.3K
32% of jobs
$121.3K - $129.8K
2% of jobs
$36.4K
$98.8K
$129.8K
How much do security analyst jobs pay per year?
Is cybersecurity a dead-end job?
What are Security Analysts?
What is the difference between Security Analyst vs Network Security Analyst?
| Aspect | Security Analyst | Network Security Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CISSP, CEH | CompTIA Security+, CISSP, Cisco CCNA Security |
| Work Environment | IT security teams, cybersecurity firms, corporate security | Network operations centers, IT departments, cybersecurity teams |
| Responsibilities | Monitor security systems, analyze threats, implement security measures | Secure network infrastructure, monitor network traffic, prevent intrusions |
Security Analysts focus on overall cybersecurity, including threat detection and incident response, while Network Security Analysts specialize in protecting network infrastructure and traffic. Both roles require similar certifications and often work in overlapping environments, but their core responsibilities differ in scope and focus.
What Do Security Analysts Do?
Security analysts evaluate information systems and recommend security measures and protocols to protect a company’s sensitive data from security threats. Security administrators implement their recommendations and put suggested protocols into action. As a security analyst, your job duties include monitoring security access, performing audits of internal and external network security programs, analyzing breaches to inform future security system measures, and training colleagues in security awareness and proper procedures. You also collaborate with outside vendors on security plans, which may include website applications, container, or cloud-based solutions.
What are some common challenges Security Analysts face when responding to security incidents, and how can they effectively manage these situations?
Can you make $500,000 a year in cyber security?
What are the key skills and qualifications needed to thrive as a Security Analyst, and why are they important?
What exactly does a security analyst do?
How much can a security analyst make?

Job description
The Senior Security Risk Management Consultant serves as a strategic advisor, liaison, and subject matter expert, driving enterprise-wide security risk management strategies that support our mission and operational excellence. This role partners with senior leadership, security, IT, and business stakeholders to identify, assess, and mitigate cybersecurity risks while ensuring alignment with organizational priorities and regulatory requirements. Responsibilities include leading complex risk assessments, guiding risk treatment strategies, influencing enterprise decision-making, and strengthening overall risk posture through governance, metrics, and continuous improvement.
Program and Regulatory Compliance
- Supports the development and execution of our Information Security Third Party Risk and Integrated Risk Management Program, contributing to definition of team goals, scope of work, and deliverables aligned to Enterprise Information Security (EIS) priorities.
- Serves as a trusted advisor and liaison to stakeholders, ensuring initiatives align with organizational mission, values, operational goals, and applicable regulatory, legal, and contractual requirements.
- Leads and coordinates team participation in regulatory audits and investigations, including the preparation, validation, and delivery of required evidence, while supporting overall audit readiness and response efforts.
- Contributes to a high-performing team of security risk professionals by providing guidance and support in third-party and integrated risk management, risk-based prioritization, and enterprise risk remediation coordination.
- Serves as a mentor and trusted resource to team members, offering subject matter expertise and helping to drive consistency, accountability, and quality in work delivery.
- Supports the development and refinement of team practices, including role clarity, competencies, and growth pathways aligned to organizational expectations.
- Provides ongoing coaching, knowledge sharing, and development support to colleagues, fostering professional growth and preparing team members for expanded responsibilities.
- Promotes a collaborative and inclusive team environment, encouraging open communication, psychological safety, and data-informed decision-making.
- Demonstrates authentic and professional influence, building trust through clear communication, partnership, and effective engagement with peers, leadership, and stakeholders.
- Supports and contributes to third-party and integrated risk management activities within our GRC platforms, identifying opportunities for process improvement and adapting to evolving control frameworks and risk requirements.
- Performs and reviews vendor tiering and risk assessments, partnering with team members and providing guidance on complex or higher-risk cases as needed.
- Contributes to the execution and ongoing refinement of the third-party cyber risk lifecycle, including intake, due diligence, control assessment, remediation tracking, and ongoing monitoring.
- Evaluates vendor security controls across multiple domains (e.g., identity and access management, network and cloud security, data protection, incident response, and business continuity), applying risk-based judgment.
- Reviews and provides input on security-related contractual requirements, supporting alignment with organizational standards and regulatory expectations.
- Participates in coordination of offshore security risk compliance activities, helping to ensure consistency, quality, and timeliness of deliverables.
- Translates technical findings into clear business risk insights to support decision-making by stakeholders and business partners.
- Prepares and supports materials for audits, regulatory inquiries, and internal governance reviews.
- Documents and tracks risks, supports remediation efforts, and facilitates security policy exception (risk acceptance) processes in alignment with established standards.
- Identifies security risks and manages issues by working with stakeholders to develop corrective action plans, including cost and timeline analysis, and partners with leadership to present temporary risk acceptance plans in accordance with organizational security policies, procedures, and standards. Provides guidance on governance processes and collaborates with stakeholders to embed security and compliance into operational and strategic initiatives.
- Maintains active involvement in day-to-day assessments to ensure quality, consistency, and timely delivery.
- Escalates risks and concerns through appropriate channels to support effective resolution and visibility.
- Partners with Strategy and Planning and Enterprise Information Security leadership to develop and report on key risk indicators (KRIs) and key performance indicators (KPIs), delivering clear, actionable insights that support informed decision-making and effective governance.
- Design, develop, and monitor robust data analysis and reporting systems, along with communication tools, to ensure accurate and timely insights.
- Coordinates and supports assignment of assessment work, partnering with team members and stakeholders to ensure alignment with established standards and effective intake processes.
- Reviews and provides guidance on risk assessments to promote consistency, quality, and alignment with our information security requirements.
- Contributes to workload balancing through collaboration and knowledge sharing, supporting team readiness and capability to deliver departmental services effectively.
- Cultivates and maintains effective relationships with executives and key stakeholders through clear, authentic, and risk-informed communication; supports alignment, enables informed decision-making, and promotes shared accountability for managing security risk.
- Synthesizes and communicates enterprise security risk insights to executives and stakeholders in a clear, actionable manner, operating within established leadership direction and communication protocols; translates complex risk data into meaningful narratives that support informed decision-making, drive prioritization, and strengthen governance in alignment with organizational objectives.
- Serves as a representative of the Manager and/or Director as directed. Supports Information Security leadership by providing risk-informed insights, actionable recommendations, and clear communication to enable strategic decision-making, program prioritization, and alignment with organizational objectives.
- Partners with Enterprise Information Security leadership to support aligned execution of security and risk management activities, including policy and standards development, control assessments, and risk management education; promotes collaboration, consistency, and integration of security practices across the organization.
- Maintains a working knowledge of applicable Federal, State, and local laws and regulations, our Integrity and Compliance Program and Code of Conduct, and relevant policies and procedures, while staying current with industry developments and regulatory changes to ensure updates are reflected and adherence is upheld with honest, ethical, and professional behavior.
- Leads and supports security risk initiatives and annual program activities, ensuring successful delivery aligned with organizational standards and risk management objectives.
- Provides guidance and mentorship to team members managing projects, promoting consistency, accountability, and high-quality outcomes without direct supervisory responsibility.
- Partners with stakeholders and leadership to align priorities, communicate status, and support achievement of strategic outcomes.
- Proactively identifies risks and supports mitigation efforts to keep initiatives on track and aligned with organizational expectations.
- Builds and maintains effective relationships to support stakeholder engagement throughout the project, program, or initiative lifecycle.
- Partners with stakeholders to support development and alignment of business process workflows, as well as training and communication plans.
- Provides guidance, tools, and resources to help stakeholders address challenges, mitigate risks, and sustain engagement, promoting risk-aware decision-making and adoption of information security best practices across the organization.
- Bachelor's degree or an equivalent combination of education and experience.
- One or more security certifications: Certified Information Systems Security Professional (CISSP), International Social Security Association (ISSA), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) Certified in Governance, Risk and Compliance (GRCP) or equivalent.
- Minimum of seven (7) years of progressive experience in information services including three (3) years working in cybersecurity governance, risk, and compliance (GRC).
- Minimum of three (3) years of progressively responsible experience in healthcare and/or other regulated industries.
- Strong knowledge of the HIPAA Security Rule and applicable industry security regulations, with the ability to rapidly build and sustain expertise; working understanding of broader HIPAA requirements, including Privacy and Breach Notification Rules.
- Proven knowledge of enterprise security principles and practices, with hands-on experience or demonstrated capability in implementing, integrating, and managing security solutions across enterprise environments.
- Working knowledge of one or more information security regulations and/or frameworks - HIPAA, ISO 27001/2, FISMA, FIPS, HITRUST and NIST security.
- Experience with GRC platforms (e.g., ServiceNow GRC, RSA Archer, OneTrust, or similar) supporting risk and compliance programs. Demonstrated ability to leverage tooling to improve process efficiency, enable reporting, and support scalable risk management practices.
- Ability to serve as a leadership representative of the Manager and/or Director, interfacing with a variety of Health Ministry and System Office Executive leaders, team members and end users, exercising effective facilitation skills, judgment, and decision-making in providing problem resolution and in meeting established goals and expectations. Ability to shape results, garner support and successfully manage complex relationships.
- Actively building skills in courageous, authentic leadership through clear, human-centered communication with senior leaders and stakeholders; builds trust through empathy and vulnerability while skillfully navigating complex conversations, influencing decisions, and delivering compelling, accessible messages in both formal and informal settings.
- Excellent oral and written communication skills. Facilitates meetings between diverse groups and interests and prepare communications that includes independent advisory recommendations. Ability to communicate with non-technical leaders and business owners providing a clear understanding of appropriate technology solutions to support and enhance business needs.
- Proficiency in performing third-party risk assessments and negotiating contractual security language
- Proficiency in performing third-party risk assessments and negotiating contractual security language
- Proven ability to apply appropriate project management methodology. Excellent project leadership, organization, integration, and execution skills required.
- Knowledge of and experience with change control, risk management, project planning, relationship management, budgeting, and scheduling.
- Ability to operate in an ambiguous and highly matrix organizational structure. Ability to manage multiple and ever-changing priorities in a highly autonomous self-directed manner.
- Some knowledge of and experience with clinical application systems (i.e., hospital work environment, technical terminology, etc.).
- Considerable knowledge of multiple technologies and experience with enterprise-wide applications and systems in an integrated work environment.
- Proven ability to operate with speed and focus, driving measurable value through high-quality delivery of time-sensitive initiatives.
- Must demonstrate a strong commitment to continuous personal and professional growth, maintain a proactive mindset, and consistently go above and beyond to deliver exceptional value with acceptable security controls.
- Ability to work independently, manage multiple priorities, and effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and workload.
- Master's degree from an accredited college/university
- One or more enterprise technology vendor certifications (e.g. PMP, Six Sigma, ITIL)
- Experience with risk quantification models (e.g. FAIR) or building custom risk scoring approaches.
- Familiarity with data visualization tools (e.g., Tableau, Power BI) for building risk dashboards
- Experience working cross-functionally to evaluate security controls and business processes, translating findings into meaningful risk insights
- Experience in managing risk in a healthcare environment
- Experience with Artificial Intelligence (AI) as a strategic tool to enhance efficiency in day-to-day business processes and strengthen risk assessment capabilities through automation, predictive analytics, and intelligent decision support.
- Demonstrated proficiency in executive-level communication and presence, including emotional intelligence, negotiation skills, and the ability to deliver compelling presentations to senior leadership and stakeholde...
About Conexess
Sourced by ZipRecruiter
One size does not fit all. That’s why we work with you to design a strategy that fits your organizations, coupled with a responsive relationship that ensures we get the job done right. We accomplish this using a very practical strategy built on 3 steps: Understand. Identify. Deliver. Our professionals place a high value on building a relationship with you and your organization, taking time to know the intricacies, nuances and desired skill set of what you’re looking for. With a vast knowledge and understanding of the staffing industry, we have built a network of highly-talented individuals and fantastic organization just waiting to be matched. And we’re not stopping. We will work to find exactly the right fit for you that not only solves your present challenge, but also sets you up for future success. We are committed to-yes, in fact, passionate about-creating a strategy that brings the right talent in the door today and for years to come.
Company size
51 - 200 Employees
Headquarters location
Nashville, TN, US
Year founded
2009