Information Security Analyst

The Information Security Analyst will be a member of the Threat & Vulnerability team within Security Operations. General responsibilities focus on the identification and proactive mitigation of cyber threats, while collaborating with various teams within Information Security to support the company's strategic goals.

Essential Job Functions : The following duties and responsibilities are intended to be representative of the work performed by the incumbent(s) in this position and are not all-inclusive. The omission of a specific duty or responsibility will not preclude it from the position.

Under direction, report and communicate vulnerabilities to determine objectives, scope, analysis, and the proper actions, needed to respond to security vulnerabilities

Partner with stakeholders to document the lifecycle of vulnerabilities and provide recommendations for mitigation strategies.

Collaborate on patch validation and reporting of remediation planning and compensating controls of mitigation to address open vulnerabilities

Monitors, tracks, responds, investigates, and reports in compliance to security requirements, and partners with the responsible parties to drive timely results and remediation

Perform analysis of cyber threats and process timely tasks to help mitigate the risk of exposure.

This includes reviewing daily intelligence feeds, working with different Security Operations teams to apply technical controls to detect and protect systems.

Experience recognizing threats and conducting analysis on emerging threats.

Provide written reports and analysis of findings to communicate potential risks and impact, with a focus on business impact

Support risk reporting and escalation to cross-functional teams in a cooperative manner

Communicate incidents and vulnerabilities to stakeholders in a timely manner following internal policies and procedures; Follow-up to ensure teams carry-out short-term and long-term remediation.

Organizes and maintains documentation for internal process and procedures

Participation in after-hours incidents when required

Assist with additional projects as needed

Basic Qualifications :

Strong communication and project management skills

Requires a highly motivated, dynamic and customer-centric associate who thrives in a challenging and changing environment

Working knowledge of crisis management communication, incident response and handling methodologies, NIST cybersecurity standards and FDA cybersecurity guidance

Effective meeting management and group facilitation skills

Experience with reviewing intrusion detection systems and identifying host and network-based intrusions via intrusion detection technologies