Sr. Cybersecurity Specialist II - Aliso Viejo, CA
Listed on 2026-06-20
-
IT/Tech
Cybersecurity, Systems Engineer
What You’ll Do
Senior Cybersecurity Engineer is a broad‑scope, hands‑on technical role responsible for engineering, operating and maturing cybersecurity capabilities across the enterprise. Glaukos manages cybersecurity across several distinct security domains; this role will own primary accountability for several of these domains based on organizational need, team structure, and the candidate's areas of expertise. Candidates are expected to bring deep proficiency in at least one domain, a working knowledge of adjacent areas, and a curiosity to grow.
This position partners closely with IT, Quality, Legal and Privacy to protect Glaukos products, systems, and data while enabling innovation in a highly regulated medical device environment. The Senior Cybersecurity Engineer works independently within their domain(s), contributes to cross‑domain initiatives, and mentors junior team members.
Based on domain assignment, the Senior Cybersecurity Engineer will own the following responsibilities. Engineers assigned to multiple domains will be supported with appropriate resourcing and prioritization guidance from leadership.
Supply Chain Security- Lead third‑party and supplier cybersecurity assessments integrated into the procurement lifecycle.
- Govern Software Bill of Materials (SBOM) accuracy, update cadence, and traceability from component to product.
- Track and remediate supply chain vulnerabilities through coordinated processes with Engineering and suppliers.
- Develop and maintain supply chain security standards, questionnaires, and contractual security requirements.
- Own and operate the enterprise vulnerability management program, including scanning cadence, triage, prioritization, and SLA tracking.
- Manage patch tracking and exception handling processes, including compensating controls and escalation of overdue items.
- Coordinate vulnerability disclosure (CVD) processes and customer notification workflows in partnership with product security and regulatory teams.
- Maintain dashboards and metrics to communicate vulnerability posture to leadership.
- Play a key role in the design of network security architecture including firewalls, segmentation, zero trust principles, and secure remote access.
- Conduct network traffic analysis and manage intrusion detection/prevention systems (IDS/IPS).
- Confirm/audit the hardening of network infrastructure supporting both corporate IT and device‑connected environments.
- Partner with IT and engineering on secure network design for manufacturing‑support and product‑connected systems.
- Audit cloud security controls across IaaS, PaaS, and SaaS platforms (AWS, Azure, GCP, and applicable SaaS tools).
- Perform cloud security posture management (CSPM), identity hygiene reviews, and misconfiguration remediation.
- Develop and enforce cloud security standards, guardrails, and architecture review processes.
- Ensure cloud‑hosted workloads supporting medical devices and manufacturing meet applicable regulatory and security requirements.
- Support and mature Security Operations Center (SOC) capabilities, including alert triage, use case development, and SIEM/SOAR tuning.
- Manage security monitoring for device‑supporting environments, including backup, restore, and attestation activities.
- Manage a third‑party MSSP/MXDR that provides detection logic, playbooks, and runbooks to improve response fidelity and speed.
- Provide KPIs and operational reporting for security operations activities to the CISO and stakeholders.
- Lead and coordinate cybersecurity incident response activities, including containment, eradication, recovery, and post‑incident reviews.
- Maintain and test the incident response plan (IRP), including tabletop exercises and scenario‑based drills.
- Serve as a technical escalation point for security incidents impacting corporate, OT, and product environments.
- Coordinate with Legal, Regulatory Affairs, and Communications teams on disclosure obligations and customer notification.
- Own and mature IAM controls including role‑based access control (RBAC), privileged access management (PAM), and multi‑factor…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).