1

Security Analyst Jobs in Rochester, MI (NOW HIRING)

Senior, Tax Analyst - Payroll

Detroit, MI

$29.25 - $38/hr

Configuration of payroll wage codes for the accurate application of employer and employee taxes and social security * Analysis of payroll tax notices * Preparation of Powers of Attorney * Liaison ...

Conduct risk assessments and gap analyses * Identify opportunities to improve security posture through automation and tooling * Maintain documentation to support audit readiness and operational ...

Conduct and oversee security risk assessments and vulnerability analyses. * Design and implement security systems and processes, including: * Access control and badging * Surveillance systems

... security practices and end-user experience. * Stay current with the latest industry trends, best ... Excellent analytical, problem-solving, and troubleshooting skills. * Strong written, oral ...

Security Guard

Royal Oak, MI · On-site

$15 - $18.25/hr

Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...

Security Guard

Royal Oak, MI · On-site

$15 - $18.25/hr

Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...

Security Guard

Royal Oak, MI

$15 - $18.25/hr

Security Guard GENERAL SUMMARY: To maintain activities that safeguard company assets, employees ... Strong analytical ability * Problem solving skill COMMENTS This position description is not all ...

next page

Showing results 1-20

Security Analyst information

See Rochester, MI salary details

$36.4K

$98.8K

$129.8K

How much do security analyst jobs pay per year?

As of Jul 5, 2026, the average yearly pay for security analyst in Rochester, MI is $98,796.00, according to ZipRecruiter salary data. Most workers in this role earn between $84,200.00 and $119,700.00 per year, depending on experience, location, and employer.

Is cybersecurity a dead-end job?

A security analyst role is a growing field with strong demand due to increasing cyber threats. The job requires continuous learning of new tools and certifications, and career advancement often involves specialization or moving into management positions, making it a viable long-term career option.

What are Security Analysts?

Security Analysts are professionals responsible for protecting an organization’s computer systems and networks from cyber threats. They monitor networks for security breaches, investigate suspicious activities, and implement security measures to prevent future attacks. Security Analysts also conduct vulnerability assessments, respond to incidents, and ensure compliance with security policies and regulations. Their work helps safeguard sensitive data and maintain the integrity of information systems.

What is the difference between Security Analyst vs Network Security Analyst?

AspectSecurity AnalystNetwork Security Analyst
CertificationsCompTIA Security+, CISSP, CEHCompTIA Security+, CISSP, Cisco CCNA Security
Work EnvironmentIT security teams, cybersecurity firms, corporate securityNetwork operations centers, IT departments, cybersecurity teams
ResponsibilitiesMonitor security systems, analyze threats, implement security measuresSecure network infrastructure, monitor network traffic, prevent intrusions

Security Analysts focus on overall cybersecurity, including threat detection and incident response, while Network Security Analysts specialize in protecting network infrastructure and traffic. Both roles require similar certifications and often work in overlapping environments, but their core responsibilities differ in scope and focus.

What Do Security Analysts Do?

Security analysts evaluate information systems and recommend security measures and protocols to protect a company’s sensitive data from security threats. Security administrators implement their recommendations and put suggested protocols into action. As a security analyst, your job duties include monitoring security access, performing audits of internal and external network security programs, analyzing breaches to inform future security system measures, and training colleagues in security awareness and proper procedures. You also collaborate with outside vendors on security plans, which may include website applications, container, or cloud-based solutions.

What are some common challenges Security Analysts face when responding to security incidents, and how can they effectively manage these situations?

Security Analysts often encounter challenges such as rapidly evolving threats, the need to analyze large volumes of data, and coordinating responses across different teams. Responding quickly while accurately diagnosing incidents requires excellent technical skills and clear communication. To manage these situations effectively, successful analysts prioritize continuous learning, use automation tools to streamline repetitive tasks, and establish well-defined incident response procedures. Collaborating with IT, legal, and management teams is also crucial for a coordinated and effective response.

Can you make $500,000 a year in cyber security?

Security analysts typically earn between $70,000 and $120,000 annually, depending on experience, certifications, and location. Reaching a salary of $500,000 usually requires advanced roles such as security architects, senior executives, or specialized consultants with extensive expertise and leadership responsibilities.

What are the key skills and qualifications needed to thrive as a Security Analyst, and why are they important?

To thrive as a Security Analyst, you need a solid understanding of cybersecurity principles, risk assessment, and network security, often backed by a degree in computer science or a related field. Familiarity with tools like SIEM platforms, intrusion detection systems, and certifications such as CompTIA Security+ or CISSP are commonly required. Analytical thinking, attention to detail, and strong problem-solving abilities help Security Analysts excel in identifying vulnerabilities and responding to threats. These skills are crucial for protecting organizational assets, ensuring compliance, and maintaining a robust security posture.

What exactly does a security analyst do?

A security analyst monitors and protects an organization’s computer systems and networks from cyber threats. They analyze security risks, investigate incidents, implement security measures, and use tools like firewalls and intrusion detection systems to prevent breaches. Strong knowledge of cybersecurity principles and certifications such as CISSP or CompTIA Security+ are often required.

How much can a security analyst make?

A security analyst's salary varies based on experience, location, and certifications, but the median annual salary in the industry typically ranges from $70,000 to $110,000. Entry-level analysts may earn around $60,000, while experienced professionals with specialized skills or certifications like CISSP can earn over $120,000 annually.
What are popular job titles related to Security Analyst jobs in Rochester, MI? For Security Analyst jobs in Rochester, MI, the most frequently searched job titles are:
What cities near Rochester, MI are hiring for Security Analyst jobs? Cities near Rochester, MI with the most Security Analyst job openings:
Infographic showing various Security Analyst job openings in Rochester, MI as of June 2026, with employment types broken down into 97% Full Time, 1% Part Time, and 2% Contract. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution, with an average salary of $98,796 per year, or $47.5 per hour.
Sr. Security Risk Management Consultant

Sr. Security Risk Management Consultant

Conexess

Livonia, MI • On-site

Other

Posted 3 days ago


Job description

Purpose
The Senior Security Risk Management Consultant serves as a strategic advisor, liaison, and subject matter expert, driving enterprise-wide security risk management strategies that support our mission and operational excellence. This role partners with senior leadership, security, IT, and business stakeholders to identify, assess, and mitigate cybersecurity risks while ensuring alignment with organizational priorities and regulatory requirements. Responsibilities include leading complex risk assessments, guiding risk treatment strategies, influencing enterprise decision-making, and strengthening overall risk posture through governance, metrics, and continuous improvement.
Program and Regulatory Compliance
  • Supports the development and execution of our Information Security Third Party Risk and Integrated Risk Management Program, contributing to definition of team goals, scope of work, and deliverables aligned to Enterprise Information Security (EIS) priorities.
  • Serves as a trusted advisor and liaison to stakeholders, ensuring initiatives align with organizational mission, values, operational goals, and applicable regulatory, legal, and contractual requirements.
  • Leads and coordinates team participation in regulatory audits and investigations, including the preparation, validation, and delivery of required evidence, while supporting overall audit readiness and response efforts.
People Leadership (Mentorship/Advisory)
  • Contributes to a high-performing team of security risk professionals by providing guidance and support in third-party and integrated risk management, risk-based prioritization, and enterprise risk remediation coordination.
  • Serves as a mentor and trusted resource to team members, offering subject matter expertise and helping to drive consistency, accountability, and quality in work delivery.
  • Supports the development and refinement of team practices, including role clarity, competencies, and growth pathways aligned to organizational expectations.
  • Provides ongoing coaching, knowledge sharing, and development support to colleagues, fostering professional growth and preparing team members for expanded responsibilities.
  • Promotes a collaborative and inclusive team environment, encouraging open communication, psychological safety, and data-informed decision-making.
  • Demonstrates authentic and professional influence, building trust through clear communication, partnership, and effective engagement with peers, leadership, and stakeholders.
Information Security Governance,Risk & Compliance (GRC)
  • Supports and contributes to third-party and integrated risk management activities within our GRC platforms, identifying opportunities for process improvement and adapting to evolving control frameworks and risk requirements.
  • Performs and reviews vendor tiering and risk assessments, partnering with team members and providing guidance on complex or higher-risk cases as needed.
  • Contributes to the execution and ongoing refinement of the third-party cyber risk lifecycle, including intake, due diligence, control assessment, remediation tracking, and ongoing monitoring.
  • Evaluates vendor security controls across multiple domains (e.g., identity and access management, network and cloud security, data protection, incident response, and business continuity), applying risk-based judgment.
  • Reviews and provides input on security-related contractual requirements, supporting alignment with organizational standards and regulatory expectations.
  • Participates in coordination of offshore security risk compliance activities, helping to ensure consistency, quality, and timeliness of deliverables.
  • Translates technical findings into clear business risk insights to support decision-making by stakeholders and business partners.
  • Prepares and supports materials for audits, regulatory inquiries, and internal governance reviews.
  • Documents and tracks risks, supports remediation efforts, and facilitates security policy exception (risk acceptance) processes in alignment with established standards.
  • Identifies security risks and manages issues by working with stakeholders to develop corrective action plans, including cost and timeline analysis, and partners with leadership to present temporary risk acceptance plans in accordance with organizational security policies, procedures, and standards. Provides guidance on governance processes and collaborates with stakeholders to embed security and compliance into operational and strategic initiatives.
  • Maintains active involvement in day-to-day assessments to ensure quality, consistency, and timely delivery.
  • Escalates risks and concerns through appropriate channels to support effective resolution and visibility.
Metrics and Reporting
  • Partners with Strategy and Planning and Enterprise Information Security leadership to develop and report on key risk indicators (KRIs) and key performance indicators (KPIs), delivering clear, actionable insights that support informed decision-making and effective governance.
  • Design, develop, and monitor robust data analysis and reporting systems, along with communication tools, to ensure accurate and timely insights.
Information Security Risk Management (Advisory & Enablement)
  • Coordinates and supports assignment of assessment work, partnering with team members and stakeholders to ensure alignment with established standards and effective intake processes.
  • Reviews and provides guidance on risk assessments to promote consistency, quality, and alignment with our information security requirements.
  • Contributes to workload balancing through collaboration and knowledge sharing, supporting team readiness and capability to deliver departmental services effectively.
Executive & Stakeholder Engagement
  • Cultivates and maintains effective relationships with executives and key stakeholders through clear, authentic, and risk-informed communication; supports alignment, enables informed decision-making, and promotes shared accountability for managing security risk.
Enterprise Risk Communication & Decision Support
  • Synthesizes and communicates enterprise security risk insights to executives and stakeholders in a clear, actionable manner, operating within established leadership direction and communication protocols; translates complex risk data into meaningful narratives that support informed decision-making, drive prioritization, and strengthen governance in alignment with organizational objectives.
Information Security Leadership Support
  • Serves as a representative of the Manager and/or Director as directed. Supports Information Security leadership by providing risk-informed insights, actionable recommendations, and clear communication to enable strategic decision-making, program prioritization, and alignment with organizational objectives.
Security Leadership & Coordination
  • Partners with Enterprise Information Security leadership to support aligned execution of security and risk management activities, including policy and standards development, control assessments, and risk management education; promotes collaboration, consistency, and integration of security practices across the organization.
Regulatory & Standards Monitoring
  • Maintains a working knowledge of applicable Federal, State, and local laws and regulations, our Integrity and Compliance Program and Code of Conduct, and relevant policies and procedures, while staying current with industry developments and regulatory changes to ensure updates are reflected and adherence is upheld with honest, ethical, and professional behavior.
Project Management
  • Leads and supports security risk initiatives and annual program activities, ensuring successful delivery aligned with organizational standards and risk management objectives.
  • Provides guidance and mentorship to team members managing projects, promoting consistency, accountability, and high-quality outcomes without direct supervisory responsibility.
  • Partners with stakeholders and leadership to align priorities, communicate status, and support achievement of strategic outcomes.
  • Proactively identifies risks and supports mitigation efforts to keep initiatives on track and aligned with organizational expectations.
Relationship Management
  • Builds and maintains effective relationships to support stakeholder engagement throughout the project, program, or initiative lifecycle.
  • Partners with stakeholders to support development and alignment of business process workflows, as well as training and communication plans.
  • Provides guidance, tools, and resources to help stakeholders address challenges, mitigate risks, and sustain engagement, promoting risk-aware decision-making and adoption of information security best practices across the organization.
Minimum Qualifications
  • Bachelor's degree or an equivalent combination of education and experience.
  • One or more security certifications: Certified Information Systems Security Professional (CISSP), International Social Security Association (ISSA), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) Certified in Governance, Risk and Compliance (GRCP) or equivalent.
  • Minimum of seven (7) years of progressive experience in information services including three (3) years working in cybersecurity governance, risk, and compliance (GRC).
  • Minimum of three (3) years of progressively responsible experience in healthcare and/or other regulated industries.
  • Strong knowledge of the HIPAA Security Rule and applicable industry security regulations, with the ability to rapidly build and sustain expertise; working understanding of broader HIPAA requirements, including Privacy and Breach Notification Rules.
  • Proven knowledge of enterprise security principles and practices, with hands-on experience or demonstrated capability in implementing, integrating, and managing security solutions across enterprise environments.
  • Working knowledge of one or more information security regulations and/or frameworks - HIPAA, ISO 27001/2, FISMA, FIPS, HITRUST and NIST security.
  • Experience with GRC platforms (e.g., ServiceNow GRC, RSA Archer, OneTrust, or similar) supporting risk and compliance programs. Demonstrated ability to leverage tooling to improve process efficiency, enable reporting, and support scalable risk management practices.
  • Ability to serve as a leadership representative of the Manager and/or Director, interfacing with a variety of Health Ministry and System Office Executive leaders, team members and end users, exercising effective facilitation skills, judgment, and decision-making in providing problem resolution and in meeting established goals and expectations. Ability to shape results, garner support and successfully manage complex relationships.
  • Actively building skills in courageous, authentic leadership through clear, human-centered communication with senior leaders and stakeholders; builds trust through empathy and vulnerability while skillfully navigating complex conversations, influencing decisions, and delivering compelling, accessible messages in both formal and informal settings.
  • Excellent oral and written communication skills. Facilitates meetings between diverse groups and interests and prepare communications that includes independent advisory recommendations. Ability to communicate with non-technical leaders and business owners providing a clear understanding of appropriate technology solutions to support and enhance business needs.
  • Proficiency in performing third-party risk assessments and negotiating contractual security language
  • Proficiency in performing third-party risk assessments and negotiating contractual security language
  • Proven ability to apply appropriate project management methodology. Excellent project leadership, organization, integration, and execution skills required.
  • Knowledge of and experience with change control, risk management, project planning, relationship management, budgeting, and scheduling.
  • Ability to operate in an ambiguous and highly matrix organizational structure. Ability to manage multiple and ever-changing priorities in a highly autonomous self-directed manner.
  • Some knowledge of and experience with clinical application systems (i.e., hospital work environment, technical terminology, etc.).
  • Considerable knowledge of multiple technologies and experience with enterprise-wide applications and systems in an integrated work environment.
  • Proven ability to operate with speed and focus, driving measurable value through high-quality delivery of time-sensitive initiatives.
  • Must demonstrate a strong commitment to continuous personal and professional growth, maintain a proactive mindset, and consistently go above and beyond to deliver exceptional value with acceptable security controls.
  • Ability to work independently, manage multiple priorities, and effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and workload.
Preferred Qualifications
  • Master's degree from an accredited college/university
  • One or more enterprise technology vendor certifications (e.g. PMP, Six Sigma, ITIL)
  • Experience with risk quantification models (e.g. FAIR) or building custom risk scoring approaches.
  • Familiarity with data visualization tools (e.g., Tableau, Power BI) for building risk dashboards
  • Experience working cross-functionally to evaluate security controls and business processes, translating findings into meaningful risk insights
  • Experience in managing risk in a healthcare environment
  • Experience with Artificial Intelligence (AI) as a strategic tool to enhance efficiency in day-to-day business processes and strengthen risk assessment capabilities through automation, predictive analytics, and intelligent decision support.
  • Demonstrated proficiency in executive-level communication and presence, including emotional intelligence, negotiation skills, and the ability to deliver compelling presentations to senior leadership and stakeholde...

Conexess logo

About Conexess

Sourced by ZipRecruiter

One size does not fit all. That’s why we work with you to design a strategy that fits your organizations, coupled with a responsive relationship that ensures we get the job done right. We accomplish this using a very practical strategy built on 3 steps: Understand. Identify. Deliver. Our professionals place a high value on building a relationship with you and your organization, taking time to know the intricacies, nuances and desired skill set of what you’re looking for. With a vast knowledge and understanding of the staffing industry, we have built a network of highly-talented individuals and fantastic organization just waiting to be matched. And we’re not stopping. We will work to find exactly the right fit for you that not only solves your present challenge, but also sets you up for future success. We are committed to-yes, in fact, passionate about-creating a strategy that brings the right talent in the door today and for years to come.

Company size

51 - 200 Employees

Headquarters location

Nashville, TN, US

Year founded

2009

Social media