SUMMARY
The Information Security Analyst role is to ensure the security, stability, and integrity of the in-house and cloud based Roechling Medical information systems. This is achieved by a combination of cyber security threat monitoring, data gathering, analysis, reporting, and testing. The Information Security Analyst collaborates with US and Global Roechling teams which manage information security, network and server administration, as well as endpoint device protection.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following:
- Analyze network traffic, intrusion events, activity logs, and system alerts to identify trends, identify anomalies, and investigate potential security incidents.
- Utilize vulnerability and patch management software to secure network resources.
- Deploy, maintain, and monitor firewall and routing access control lists and conditional access policies.
- Administer network and host intrusion detection/prevention tools.
- Contribute to the development, testing, and execution of incident response plans
- Conduct or coordinate testing and create summary reports of cybersecurity protocols, including vulnerability scanning, penetration testing, tabletop exercises, and audit compliance.
- Manage privileged access tools and password management.
- Manage the collection and system audit log management and auditing
- Remain up-to-date on the evolving cybersecurity landscape security and countermeasures.
- Develop procedures and tools to assess and automate monitoring processes.
- Assist with employee security awareness training and other communications designed to keep employees informed about cybersecurity threats/risk and internal policies.
- Adhere to and ensure compliance with all Company policies, rules, procedures, and housekeeping standards.
- Follow the official policy for Good Manufacturing Practices as required in the Medical Device Amendments to the Federal Food, Drug and Cosmetic Act.
- Provide feedback and pro-active communication to supervisor, management, and co-workers to ensure efficient and effective operations.
- Process administrative matters without problems to maintain up to date records.
- Other duties may be assigned.
EDUCATION and/or EXPERIENCE
- A Bachelor’s degree in Computer Science, Information Systems, Networking, Cybersecurity, or a related field is required or equivalent combination of education and experience.
- Minimum two years' work experience in IT Security, IT Operations, Compliance, Data Loss Prevention and/or a related field.
- Working knowledge of security risk oversight, CVSS (Common Vulnerability Scoring System), CVE (Common Vulnerabilities and Exposures), and technical security vulnerability remediation/mitigation
- Broad hands-on knowledge of firewalls, intrusion detection systems, anti-virus software, log aggregation, data encryption, and other industry-standard techniques and practices
Job Type: Full-time
Pay: $75,000.00 - $100,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Paid time off
- Tuition reimbursement
- Vision insurance
Compensation Package:
- Performance bonus
- Yearly pay
Schedule:
- 8 hour shift
- Monday to Friday
- Weekends as needed
Education:
Ability to Relocate:
- Rochester, NY 14615: Relocate before starting work (Required)
Work Location: Hybrid remote in Rochester, NY 14615
