CyberSecurity

Responsibilities

Engage in day-to-day tasks of the Vulnerability and Threat Management Service Team including, but not limited to the following:

• Interface with external clients and prospects
• Assist in provisioning / architecture / configuration of client deployments
• Configure / schedule vulnerability / compliance scans
• Review scan data
• Basic Boolean search operators and query modifiers
• Provide remediation consultation
• Provide solution training to clients for all supported platforms / components (Qualys, DDI, Tenable)
• Understand latest threats and vulnerabilities affecting clients
• Assist clients with API integrations
• Strong understanding of security principles
• Strong hands-on cross platform technical skills across multiple platforms (Windows, Linux a must).
• Experience in understanding and assessing business processes, analyzing and assessing business process controls, identifying risks and linking business risks to the relevant IT application controls and audit procedures.
• Experience with security monitoring controls, methodology, and event remediation/resolution.
• Proven experience and working knowledge of Identity and Access Management standard methodologies
• Experience in agile methodology to deliver results
• Scripting experience (Python, Bash)
• Experienced with packet capture review and diagnosis
• Knowledge of major web server software (IIS, Apache, Web Sphere, Tomcat, Web Logic)
• CISSP, ASV, CISM, CISAM
• Bilingual candidates highly desirable
• Experience with Customer Support and Development Tools (Salesforce, Service Now, Jira, etc.)
• Define specific hardware and software architectures for our medical devices to reduce or eliminate cyber vulnerabilities
• Alignment of division R&D Product Cybersecurity Risk Management processes with R&D Safety Risk Management processes for medical devices
• Build a metrics program that leverages assessment data, internal and external vulnerability & threat intelligence sources, supplier data, and product profiles to provide insight into future trends.
• Collaborate with product R&D teams across division to create and maintain a Secure Product Development Lifecycle process to ensure that cybersecurity requirements/controls can be embedded within the product development process
• Develop and employ an ongoing product cybersecurity communications, training and awareness program tailored to the evolving needs of the business and specific requirements of various user groups through change management
• Build and maintain executive relationships necessary for the successful execution of the division product cybersecurity program.