Security Technical Analyst

Consumers Energy•Jackson, MI

4d•Hybrid

About The Position

The role of the Security Technical Analyst – Governance, Risk, and Compliance (GRC) requires strong technical proficiency, exceptional customer service, and excellent written and verbal communication skills. The analyst demonstrates the ability to gather and analyze key details and is adept at sound decision-making. This role encompasses a foundational understanding of technology governance, risk management, controls, and compliance, along with modern cybersecurity issues, asset management lifecycles, and data management practices. The position contributes to the development of roadmaps and standards, helping to ensure they remain current and effective. The Security Technical Analyst plays a key role on the Risk Management team within the Governance, Risk, and Compliance (GRC) program, acting as a liaison between security, technology, and business stakeholders. This role ensures that security standards are effectively embedded into projects and operations while identifying and addressing control gaps and emerging risks. The analyst leverages cybersecurity and risk management expertise to support audits, strengthen compliance, and improve processes—ultimately enhancing risk visibility, control effectiveness, and organizational resilience.

Requirements

Bachelor’s degree in Computer Science, Information Systems, or a related field, with two (2) or more years of combined IT or Security experience. Experience should include broad exposure to business and financial management, along with hands-on experience in areas such as governance, risk, compliance, and/or technology-related controls, asset management programs, and data management, including database work and methods to track, analyze, and validate data accuracy.
Associate degree in Computer Science, Information Systems, or a related field, with four (4) or more years of combined IT or Security experience, including similar exposure and hands-on experience as noted above.
High school diploma or GED, with six (6) or more years of combined IT or Security experience, including similar exposure and hands-on experience as noted above.
Demonstrated ability to work both independently and collaboratively, with strong organizational skills and the ability to help guide program direction alongside leadership and key stakeholders.
Applies strategic thinking to identify, assess, and prioritize technology and cybersecurity risks, aligning mitigation efforts with organizational objectives.
Foundational knowledge of developing and optimizing data management processes and producing reports that support data-driven decision-making.
Strong motivation to develop the ability to manage work from initiation through completion, consistently deliver high-quality results on time, and make sound independent decisions while recognizing when to escalate issues.
Demonstrates strong teamwork and embodies the qualities of being humble, driven, and people-focused.
Basic understanding of IT and cybersecurity concepts, with an awareness of how technology, systems, and configurations influence risk exposure and mitigation strategies.
Excellent communication, interpersonal, and listening skills, with the ability to clearly convey risk implications to technical and non-technical stakeholders and support informed decision-making.
Fundamental understanding of technology tools, data management techniques, and core technical concepts.

Responsibilities

Supports senior staff in areas such as controls, risk mitigation and management, compliance, audit administration and support, and hardware/software/OT asset management operations.
Participates in team collaboration efforts, including annual goal setting, planning activities, process improvement initiatives, waste elimination efforts, and daily or weekly operational reviews.
Takes an active role in maintaining internal processes, conducting gap analyses, and supporting resolution efforts.
Adheres to company quality systems and methodologies.
Develops and maintains visual dashboards and produces high-quality reports and documentation.
Ensures accuracy and clarity through thorough proofreading and provides recommendations to Senior Principal(s), Principal(s), and leadership.
Contributes as a resource on the IT & Security Governance, Risk, and Compliance team, working independently with company stakeholders while keeping leadership appropriately informed.
May interact with vendors, publishers, governmental agencies, and other organizations.
Ensures timely completion of deliverables; participates in meetings and review boards; acts as a backup for team members; and supports daily operations, including validation of objectives and KPIs.
Takes corrective action when needed and collaborates cross-functionally to achieve goals.
Continually develops knowledge to support senior staff and leadership in making informed decisions.
Demonstrates structured, thoughtful approaches and strong situational awareness.
Regularly engages with stakeholders to address questions, ensuring decisions and action items are documented and executed.
Exhibits subject matter awareness and a proactive approach in all interactions.
Performs additional duties as assigned or as necessary.
Supports analysis and implementation of operational, regulatory, and business mandates, as well as legal requirements.
Identifies and analyzes complex or ambiguous business process and technology issues and assists managers with development, enhancement, and maintenance activities.
Assists with research related to new and existing technologies, architectures, and products.
May collaborate with Supply Chain to provide subject matter expertise for contracts.
Translates technical standards into language accessible to non-technical stakeholders and clearly articulates gaps.
Works cross-functionally to ensure standards and policy documents are clear and concise.
Supports monitoring of adherence and addresses compliance issues as needed.