Número de empleados
Sitio Web corporativo
Descripción y detalle de las actividades
• Safeguarding of data and information, focused on the tenets of security that include Confidentiality, Integrity and Availability • Provide comprehensive support to protect and defend networks and all attached systems by validating configurations and ensuring regulatory compliance with HIPAA, NIST, FISMA/FedRAMP, FIPS and Corporate directives. • Supports the Outset Cybersecurity training and refresh training program. • Provide security reviews for configuration change requests and update appropriate certification and accreditation artifacts as applicable. • Utilize automated tools to identify critical flaws in connected devices and corporate systems. • Work with the business to determine high value assets. • Determine priority and criticality of vulnerability remediation based on analysis. • Work with business partners to make recommendations and provide guidance for remediation. • Compile and track vulnerabilities over time for metrics purposes. • Follow established process and procedure in use and support of operational software tools, hardware and system software. • Be willing and capable of learning new tools and processes. • Monitor SIEM, conduct data analysis, and evaluate logs for security events. • Support management of firewall, proxy, IDS/IPS, DLP, and Vulnerability Scanners. • Evaluate health and management of Anti-Virus, Anti-Malware, and other Advanced Threat agents in a global deployment • Create reports and enhance metrics based on data analysis. • Participate in threat hunting, threat modeling, and threat intel activities • Adhere to all corporate security policies and standards as they relate to job duties. • Provide on-call support on-site and after-hour support on an emergency basis, 24x7x365. • Influence technology decisions as a member of our engineering and cybersecurity leadership team • Participate in Scrum ceremonies and keep task notes and daily update progress in our ticketing systems.
Experiencia y requisitos
• 10+ years of information security and/or cybersecurity experience • Must have experience with automated vulnerability scanning tools. (Network, System, Static/Dynamic code analysis.) • Must understand the OWASP Top 10 and NIST CSF/RMF security controls. • Must demonstrate the ability to professionally communicate in verbal and writing skills. • Must understand basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security. • Must understand core networking (TCP/IP, routing, switching, wireless) and the OSI model. • Must have scripting skills (Powershell/Bash/Python) and an interest in data analysis. • Must understand basic cloud technologies and operating systems including Azure, AWS and Linux, including console level commands. • Must demonstrate skills and interest in supporting a variety of security systems such as IAM, SIEM, IDS/IPS, firewalls, proxies, host security software, and vulnerability scanners. • Analytical, innovative, creative, and disruptive. • Conceive and initiate projects; improvise and invent solutions in new, non-standard and unstructured situations • Must be able to work well through ambiguity; with confidences in making tough calls and leading through adversity with a sharp focus on the eventual right outcomes. • Medical device experience is a plus. • Must have a proven portfolio of successful projects in areas mentioned above. • Bachelor’s degree or higher from an accredited university or college with course work in Information Security, Cybersecurity, Information Management Systems, or Networking. • One or more of the following or higher certifications (CISSP, CAP, CND, Cloud+ GSLC, Security+, CEH, CASP+ CE, CISM, CCISO)
Número de vacantes