Information Security Analyst [Vulnerability Management]

Job Title - Information Security Analyst Vulnerability Management

Location - San Diego, CA or Franklin Lakes, NJ Remote OK

Duration 12+ Months

Work hours : 8am-5pm, 40 hours / week

Client : Medical Device Company

Employment Type : Contract on W2 (Need US Citizens Or GC Holders Only)

Remote OK, would prefer NJ or San Diego

Description :

3 must have’s on the resume Vulnerability Management, Threat Intel and Good Communication Skills

The Information Security Analyst will support the Threat & Vulnerability team within Security Operations. General responsibilities focus on the identification and proactive mitigation of cyber threats which could impact BD, while collaborating with various teams within Information Security to support the company’s strategic goals.

This person has experience in risk prioritization, navigating sources for identification and assessment of threats, and conducting cross-functional awareness for addressing risk.

They will have experience assisting with vulnerability analysis and working across a matrixed environment to assess indicators and triage risk for the enterprise, manufacturing and product environments.

You are comfortable providing fact-based reports to various levels of the organization within a fast-paced environment. You have previous tactical intelligence or vulnerability management experience, understand the fundamentals of reducing attack surfaces, and possess effective analytical skills.

You will be accountable for setting your own work direction and completing tasks.

Essential Job Functions :

The following duties and responsibilities are intended to be representative of the work performed by the incumbent(s) in this position and are not all-inclusive.

The omission of a specific duty or responsibility will not preclude it from the position.

• Under direction, report and communicate vulnerabilities to determine objectives, scope, analysis, and the proper actions, needed to respond to security vulnerabilities that may impact BD
• Partner with stakeholders to document lifecycle of vulnerabilities and provide recommendations for mitigation strategies.
• Collaborate on patch validation and reporting of remediation planning and compensating controls of mitigation to address open vulnerabilities
• Monitors, tracks, responds, investigates, and reports in compliance to security requirements, and partners with the responsible parties to drive timely results and remediation
• Perform analysis of cyber threats and process timely tasks to help mitigate the risk of exposure.

o This includes reviewing daily intelligence feeds, working with different Security Operations teams to apply technical controls to detect and protect BD systems.

• Experience recognizing threats and conducting analysis on emerging threats and how they relate specifically to BD
• Provide written reports and analysis of findings to communicate potential risks and impact, with a focus on business impact
• Support risk reporting and escalation to cross-functional teams in a cooperative manner
• Communicate incidents and vulnerabilities to BD stakeholders in a timely manner following BD internal policies and procedures;

Follow-up to ensure teams carry-out short-term and long-term remediation.

• Organizes and maintains documentation for internal process and procedures
• Participation in after-hours incidents when required
• Assist with additional projects as needed

Basic Qualifications :

• Strong communication and project management skills
• Requires a highly motivated, dynamic and customer-centric associate who thrives in a challenging and changing environment
• Working knowledge of crisis management communication, incident response and handling methodologies, NIST cybersecurity standards and FDA cybersecurity guidance
• Effective meeting management and group facilitation skills
• Experience with reviewing intrusion detection systems and identifying host and network-based intrusions via intrusion detection technologies

Education and / or Experience :

• A minimum of a bachelor’s degree required. Ideal candidate will have a degree in computer science or other technical discipline.
• A minimum of 2 years of experience in incident response, monitoring / detection, vulnerability management, threat intel or proven ability to operate cross functionally to execute on business wide initiatives.
• Preferred Certifications : CERT-Certified Computer Security Incident Handler Certification, CISSP, HCISSP
• In-depth knowledge of computer operating systems, including Windows, IoS and Linux a plus
• Detail-oriented with the ability to promptly assess documents for accuracy as well as consistency
• Strong interpersonal skills with the ability to influence others in a positive and effective manner
• Knowledge of Healthcare rubrics for vulnerability scoring and threat modelling
• Experience with intelligence tools and applications
• Ability to work in a team environment
• Excellent communication skills; both oral and written

Physical Demands :

Use of computer, phone, ability to travel globally.

Work Environment :

Office and remote locations

Keywrods : Vulnerability Management, Threat Intel, Security , Security Operations, cyber threats, incident response, detection