Information Security Analyst Threat & Vulnerability

Job Title

Information Security Analyst [Threat & Vulnerability]

Franklin Lakes, NJ

12+ Months

8am-5pm, 40 hours/week

Medical Device Company

Contract on W2 (Need US Citizens Or GC Holders Only)

The Information Security Analyst will be a member of the Threat & Vulnerability team within Security Operations. General responsibilities focus on the identification and proactive mitigation of cyber threats which could impact Client, while collaborating with various teams within Information Security to support the company’s strategic goals.

The following duties and responsibilities are intended to be representative of the work performed by the incumbent(s) in this position and are not all-inclusive. The omission of a specific duty or responsibility will not preclude it from the position.

• Under direction, report and communicate vulnerabilities to determine objectives, scope, analysis, and the proper actions, needed to respond to security vulnerabilities that may impact Client
• Partner with stakeholders to document lifecycle of vulnerabilities and provide recommendations for mitigation strategies.
• Collaborate on patch validation and reporting of remediation planning and compensating controls of mitigation to address open vulnerabilities
• Monitors, tracks, responds, investigates, and reports in compliance to security requirements, and partners with the responsible parties to drive timely results and remediation
• Perform analysis of cyber threats and process timely tasks to help mitigate the risk of exposure.
• This includes reviewing daily intelligence feeds, working with different Security Operations teams to apply technical controls to detect and protect BD systems.
• Experience recognizing threats and conducting analysis on emerging threats and how they relate specifically to Client
• Provide written reports and analysis of findings to communicate potential risks and impact, with a focus on business impact
• Support risk reporting and escalation to cross-functional teams in a cooperative manner
• Communicate incidents and vulnerabilities to BD stakeholders in a timely manner following Client internal policies and procedures;
  Follow-up to ensure teams carry-out short-term and long-term remediation.
• Organizes and maintains documentation for internal process and procedures
• Participation in after-hours incidents when required
• Assist with additional projects as needed

• Strong communication and project management skills
• Requires a highly motivated, dynamic and customer-centric associate who thrives in a challenging and changing environment
• Working knowledge of crisis management communication, incident response and handling methodologies, NIST cybersecurity standards and FDA cybersecurity guidance
• Effective meeting management and group facilitation skills
• Experience with reviewing intrusion detection systems and identifying host and network-based intrusions via intrusion detection technologies