×
Register Here to Apply for Jobs or Post Jobs. X

Sr. Cybersecurity Specialist II - Aliso Viejo, CA

Job in Aliso Viejo, Orange County, California, 92656, USA
Listing for: Glaukos Corporation
Full Time position
Listed on 2026-06-20
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

What You’ll Do

Senior Cybersecurity Engineer is a broad‑scope, hands‑on technical role responsible for engineering, operating and maturing cybersecurity capabilities across the enterprise. Glaukos manages cybersecurity across several distinct security domains; this role will own primary accountability for several of these domains based on organizational need, team structure, and the candidate's areas of expertise. Candidates are expected to bring deep proficiency in at least one domain, a working knowledge of adjacent areas, and a curiosity to grow.

This position partners closely with IT, Quality, Legal and Privacy to protect Glaukos products, systems, and data while enabling innovation in a highly regulated medical device environment. The Senior Cybersecurity Engineer works independently within their domain(s), contributes to cross‑domain initiatives, and mentors junior team members.

Based on domain assignment, the Senior Cybersecurity Engineer will own the following responsibilities. Engineers assigned to multiple domains will be supported with appropriate resourcing and prioritization guidance from leadership.

Supply Chain Security
  • Lead third‑party and supplier cybersecurity assessments integrated into the procurement lifecycle.
  • Govern Software Bill of Materials (SBOM) accuracy, update cadence, and traceability from component to product.
  • Track and remediate supply chain vulnerabilities through coordinated processes with Engineering and suppliers.
  • Develop and maintain supply chain security standards, questionnaires, and contractual security requirements.
Vulnerability Management
  • Own and operate the enterprise vulnerability management program, including scanning cadence, triage, prioritization, and SLA tracking.
  • Manage patch tracking and exception handling processes, including compensating controls and escalation of overdue items.
  • Coordinate vulnerability disclosure (CVD) processes and customer notification workflows in partnership with product security and regulatory teams.
  • Maintain dashboards and metrics to communicate vulnerability posture to leadership.
Network Security
  • Play a key role in the design of network security architecture including firewalls, segmentation, zero trust principles, and secure remote access.
  • Conduct network traffic analysis and manage intrusion detection/prevention systems (IDS/IPS).
  • Confirm/audit the hardening of network infrastructure supporting both corporate IT and device‑connected environments.
  • Partner with IT and engineering on secure network design for manufacturing‑support and product‑connected systems.
Cloud Security
  • Audit cloud security controls across IaaS, PaaS, and SaaS platforms (AWS, Azure, GCP, and applicable SaaS tools).
  • Perform cloud security posture management (CSPM), identity hygiene reviews, and misconfiguration remediation.
  • Develop and enforce cloud security standards, guardrails, and architecture review processes.
  • Ensure cloud‑hosted workloads supporting medical devices and manufacturing meet applicable regulatory and security requirements.
Security Operations
  • Support and mature Security Operations Center (SOC) capabilities, including alert triage, use case development, and SIEM/SOAR tuning.
  • Manage security monitoring for device‑supporting environments, including backup, restore, and attestation activities.
  • Manage a third‑party MSSP/MXDR that provides detection logic, playbooks, and runbooks to improve response fidelity and speed.
  • Provide KPIs and operational reporting for security operations activities to the CISO and stakeholders.
Incident Response
  • Lead and coordinate cybersecurity incident response activities, including containment, eradication, recovery, and post‑incident reviews.
  • Maintain and test the incident response plan (IRP), including tabletop exercises and scenario‑based drills.
  • Serve as a technical escalation point for security incidents impacting corporate, OT, and product environments.
  • Coordinate with Legal, Regulatory Affairs, and Communications teams on disclosure obligations and customer notification.
Identity & Access Management
  • Own and mature IAM controls including role‑based access control (RBAC), privileged access management (PAM), and multi‑factor…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary