SIGNUP
Back to Jobs
XX
Information Security AnalystSTAAR SurgicalUnited States
Apply Now
XX

Information Security Analyst

STAAR Surgical
  • US
    United States
  • US
    United States
Apply Now

About

MAIN JOB RESPONSIBILITIES / COMPETENCIES As an Information Security Analyst within STAAR Surgical's Information Technology team, this individual plays a critical role working closely with the business and across the Information Technology organization defining, delivering and supporting information security solutions and supporting roadmaps. In summary this position: works on information security problems that are diverse and highly complex; selects methods and techniques for identifying and advocating effective security solutions; develops approaches to address critical information security issues; and develops and administers schedules and performance requirements. • Defines and implements information security strategies and procedures. • Works with engineering teams to define and refine information security and systems management policies and settings. • Monitors and assesses vendor and 3rd party information security reports/lists. • Evaluates new and emerging products, technologies and makes recommendations to leadership concerning introduction of new technologies. • Coordinates, administers, manages and monitors the use of access control systems security tools and intrusion detection systems to identify anomalous events and security infractions that exploit system vulnerabilities. • Integrates information security controls into an environment to identify risks and reduce their impact. • Provides analysis of potential risk to information security and recommends solutions. • Creates and maintains information security documentation. • Communicates information security procedures to users. • Reviews and recommends changes to information security policies, including STAAR Surgical IT use policies, Data Sensitivity and Personally Identifiable Information Security Policies and procedures. • Knowledge of basic principles, methods, technologies and practices of a professional/technical field. • Apply a basic understanding of the underlying principles of a professional discipline - typically obtained through formal study. • General knowledge of procedures and activities within their own work area. • Ability to relate actual day-to-day work to business priorities. • Focused on learning the key aspects and duties of the job being performed. • Oversees the activities of the assigned team within a functional area. • Sets direction for the team and prioritizes workload. • Ensures that organizational and process changes are implemented by the team. • Brings team members together to resolve issues and achieve operational strategic goals. • Performs other duties as assigned.
REQUIREMENTS
EDUCATION & TRAINING • Preferred: Undergraduate degree and 0-2 years relevant experience. • Highly desirable: Security certifications such as GCIH, GSEC, Security+
EXPERIENCE • Preferred: 4-6 years of relevant experience or equivalent combination of education and work experience.
SKILLS • Applies research, information gathering and analytical skills. • Selects appropriate alternatives from defined options. • Collects required documentation; verifies conformance of documents with standards. • Assesses accuracy of detailed information. • Tracks, maintains and produces regular and ad hoc reports. • Handles detailed, structured problems. • Identifies roadblocks to task completion and effectively brings them to management for resolution. • Generally uses existing procedures to resolve standard problems. • Works on assignments where judgment is required a majority of the time. • Knowledgeable in security best practices and defense in depth strategies for multiple platforms (i.e. Linux/Unix, Windows, Mac). • Knowledgeable in common cybersecurity threats, attacks, and TTPs. • Knowledgeable in intrusion detection and investigations. • Knowledgeable in incident handling and reporting. • Knowledgeable in analyzing host-based and network logs. • Knowledgeable in firewalls rules and configuration. • Knowledgeable in public cloud computing platforms. • Knowledgeable in standard cybersecurity frameworks and implementing security controls. • Knowledgeable in privileged account management (PAM). • Knowledgeable in vulnerability management. • Knowledgeable in methods of data protection, types of encryption, and data loss prevention (DLP) solutions. • Knowledgeable in identity and access management methodology. • Knowledgeable in automation scripting languages (i.e. PowerShell, Python, Bash). • Knowledgeable in security awareness training. • Knowledgeable in endpoint protection solutions (EDR/XDR). • Knowledgeable in multifactor authentication (MFA) technologies. • Knowledgeable in email security gateway solutions. • Good understanding of networking technologies. • Contributes to cost- benefit analysis to justify investment in security controls to mitigate risks. • Knowledge of the Globally Accepted Information Security Principles. • Must possess strong verbal and written communication skills and be able to adapt to the level and nature of their audience.
Pay range: $100K - $125K - Final compensation will depend on experience.
STAAR Surgical is an Equal Opportunity/Affirmative Action employer and all qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran or disability status, or any other characteristic protected by law.
  • United States

Languages

  • English
Notice for Users

This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.

Apply Now