Cybersecurity Specialist

Under the direct oversight of the Information Technology Director, this role is pivotal in safeguarding the organization's digital assets.

As a member of the Corporate Information Security Team, you will be responsible for monitoring the organization's networks for potential security threats and conducting thorough investigations when incidents arise.

Prepare comprehensive reports detailing security breaches and assessing the impact of such incidents.

Stay abreast of the latest trends in information technology (IT) security and contribute to the development of security standards and best practices for the organization.

Assist in responding to security-related inquiries from clients regarding the organization and its medical instruments. Propose enhancements to security measures to senior management or IT leadership.

Key Responsibilities:

Engage in proactive threat hunting by analyzing events within the current Security Information and Event Management (SIEM) system and other Security Operations Center (SOC) tools to identify malicious activities and security events that automated systems may overlook.

Address client security inquiries and provide insights into the organization's security framework and medical instruments.
Regularly audit logs and reports from critical information systems. Detect potential security incidents and offer expert analysis on noteworthy events.
Respond to security incidents, including conducting post-event evaluations and formulating procedures for future incident responses.
Conduct routine audits to ensure systems are adequately protected and data is secure. Identify vulnerabilities and implement strategies to mitigate security risks.
Provide daily operational support to users with Information Security concerns or questions.
Assist in the formulation of security policies, standards, and procedures, ensuring adherence across the organization.

Safeguard information systems assets and prevent unauthorized access by performing access reviews for internal applications and cloud services, documenting findings as necessary.

Monitor and react to alerts and notifications from security systems.
Investigate and escalate security incidents as required.

Conduct information security risk assessments on products, processes, vendors, and systems, aligning with established security best practices and the organization's risk tolerance.

Document and manage security exceptions, violations, incidents, and other risk-related issues until resolution.
Develop content and action requests to enhance alert accuracy and minimize false positives.
Participate in security awareness training initiatives for the organization.
Maintain the database for security questionnaires.
Analyze existing IT systems, architectures, and processes to identify risks, opportunities, faults, and areas for improvement.
Education & Requirements
A minimum of an Associate's or Bachelor's degree in Computer Science, Information Technology, or a related field is required. A minimum of 2 years of experience in an IT security role is essential. Security certifications such as CISSP are preferred.
Strong comprehension of security principles, including attack frameworks, threat landscapes, and attacker methodologies.
Demonstrated experience as a Security Analyst or in a similar capacity.
Familiarity with various security methodologies, processes, and technical security solutions, including firewalls and intrusion detection systems.
Knowledge of TCP/IP protocols, network analysis, and network/security applications.
Understanding of industry standards, guidelines, and regulatory compliance requirements pertaining to information security and cloud computing.
Experience in a Security Operations Center (SOC) environment is advantageous.
Prior experience with network monitoring platforms is beneficial.
Knowledge of industry best practices and experience with both hardware and software systems is essential.
In-depth knowledge of Windows operating systems; familiarity with Linux is a plus.
Proficiency in MS Office tools, Visio, and Teams is required.
Certifications such as CISSP, ISACA, CompTIA Security, or Microsoft security are advantageous.
Experience in an ISO certification environment is a plus.
Exceptional analytical and problem-solving skills.
Strong interpersonal skills with the ability to positively influence others.
Ability to collaborate effectively within a team environment.
Capacity to perform under pressure in a fast-paced setting.
Willingness to travel up to 10% may be required.
Fluency in French is a plus.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or discriminate against employees or applicants based on inquiries about, discussions of, or disclosures regarding their own pay or the pay of another employee or applicant.

However, employees with access to compensation information as part of their essential job functions cannot disclose the pay of other employees or applicants to individuals without access to that information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.

41 CFR c)
Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity

---