IT Security Analyst II_RepJKropa

Job Title:

Information Security Risk & IAM Specialist

Location: Detroit, MI (Hybrid)

Pay Rate: $30-36 per hour

Benefits: PTO Hours, Medical/Vision/Dental Insurance, 401k Matching, Short/Long Term Disability

This role is responsible for cross‑functional collaboration with members of the Information Security team, the EIT division, and business units to manage the identification, mitigation, resolution, and acceptance/deferral of information security risks within the BCBSM organization. The position provides guidance on mandatory and recommended security and Identity & Access Management (IAM) controls to ensure proper implementation. You will work closely with project teams to interpret security risks identified during certification processes, define mitigating controls, design remediation plans, or assist with exception processes.

Additionally, you will maintain continuity and consistency across all business unit‑level information protection programs and manage risk identification, mitigation, acceptance, monitoring, and reporting processes. Collaboration with the Governance, Risk, and Performance team on metrics and reporting is also a key responsibility. The role involves planning, executing, and managing multi‑faceted projects related to risk management, compliance, control assurance, and user awareness.

You will help develop and drive security strategies, policies, and standards, ensure solution effectiveness, and provide security‑focused consultative services across the organization.

• Collaborate across teams to manage information security risk processes.
• Provide guidance on IAM and security controls for compliance and implementation.
• Interpret and address security risks during certification processes.
• Assist with remediation plans or exception handling.
• Maintain consistency in information protection programs across business units.
• Partner with Governance, Risk, and Performance teams for metrics and reporting.
• Lead projects related to risk management, mitigation, compliance, and user awareness.
• Develop and enforce security strategies, policies, and standards.
• Deliver consultative security services to internal stakeholders.

• Proven Identity and Access Management (IAM) experience.
• Clear understanding of IT audit methodologies
  .
• Exceptional written and oral communication skills
  .

• Strong attention to detail with analytical and problem‑solving skills.
• Proficiency in Microsoft products, especially Excel
  .
• Familiarity with IAM tools.
• Knowledge of auditing, internal audit standards, fraud awareness, professional ethical standards, and enterprise risk management (risk analysis and control assessment).

• Project Management skills.
• Exceptional soft skills and ability to influence stakeholders.
• Strong critical thinking capabilities.

• Bachelor’s degree in a related field preferred.
• Minimum 3 years of combined IT audit and security experience, with broad exposure to systems analysis, application development, database design/administration, and at least 1 year of IT security experience
  .
• Desired professional certification in audit and/or technical security areas (e.g., CISA, CISSP, CISM).