The Cybersecurity Analyst will take a lead role in day-to-day security operations, identifying threats and vulnerabilities, containing, and recommending corrective actions for eradication. This role will test and ensure compliance of internal and commercial offerings with security policies and standards, as well as with applicable regulations and laws. You will also perform assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. The output will measure effectiveness of defense-in-depth architecture against known vulnerabilities. As a member of the Cyber Security Incident Response Team (CSIRT), you will be the front-line responder, combating cybersecurity threats against our Information Technology Environments/Services. You will conduct incident response activities, including advanced investigation, response, and remediation. Each member of the team will play a role in Incident Response, Forensics, Threat Hunting and Cyber Threat Intelligence.

• Conduct monitoring and detection analysis using cybersecurity defense tools.
• Correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity.
• Build and manage relationships with 3rd party SOC providers.
• Review and assess alerts to contain any intrusions or threats.
• Provide reports on events that occur within the environment.
• Communicate at every level of the organization in a way that is effective for that level.
• Test systems to understand compliance with cybersecurity policies and drive remediation, as required.
• Stay abreast of emerging threats and vulnerabilities to assist in identifications of incidents.
• Preserve all records indicating changes made to access control lists to facilitate audits and other investigations.
• Maintain detailed program metrics around initiative goals.
• Participate in an on-call rotation.
• Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
• Support and comply with the company’s Quality Management System policies and procedures.
• Maintain regular and reliable attendance.
• Ability to act with an inclusion mindset and model these behaviors for the organization.

• Bachelor’s degree in computer science, engineering, or related field as outlined in the essential duties; or Associates Degree and 2 years of relevant experience as outlined in the essential duties in lieu of a Bachelor’s degree; or High School Diploma/General Education Degree and 4 years of relevant experience as outlined in the essential duties in lieu of Bachelor’s Degree.
• 3+ years relevant work experience in incident response, digital forensics, infrastructure security in a regulated environment.
• Strong customer focus with a track record for driving delivery and operational performance improvements across an organization.
• Demonstrated track record of rapidly responding to alerts, threating hunting, digital forensics, threat mitigation and remediation.
• Excellent change management and issue resolution skills with the ability to deliver results.
• Excellent verbal and written communication skills as well as customer service and organizational skills.
• Demonstrated ability to perform the essential duties of the position with or without accommodation.
• Obtained or working towards industry certification/s relating to incident response/digital forensics (CISSP, GCFE, GCIH, CEH, etc.).
• Experience in healthcare or biotech industries.
• Proven record of taking initiative, continued growth, and high desire to support the business and ensure we're protected
• Experience in tools like MS Sentinel, Crowdstrike, MS Defender for Endpoint, MS Defender for Outlook, MS Azure (cloud), Cribl, KnowBe4, ServiceNow.

Important: On Call rotation.