Information Security Analyst

Responsibilities:

• The Information Security Analyst will be a member of the Threat & Vulnerability team within Security Operations. General responsibilities focus on the identification and proactive mitigation of cyber threats which could impact BD, while collaborating with various teams within Information Security to support the company's strategic goals.
• The following duties and responsibilities are intended to be representative of the work performed by the incumbent(s) in this position and are not all-inclusive. The omission of a specific duty or responsibility will not preclude it from the position.
• Under direction, report and communicate vulnerabilities to determine objectives, scope, analysis, and the proper actions, needed to respond to security vulnerabilities that may impact BD
• Partner with stakeholders to document lifecycle of vulnerabilities and provide recommendations for mitigation strategies.
• Collaborate on patch validation and reporting of remediation planning and compensating controls of mitigation to address open vulnerabilities
• Monitors, tracks, responds, investigates, and reports in compliance to security requirements, and partners with the responsible parties to drive timely results and remediation
• Perform analysis of cyber threats and process timely tasks to help mitigate the risk of exposure.
• This includes reviewing daily intelligence feeds, working with different Security Operations teams to apply technical controls to detect and protect BD systems.
• Experience recognizing threats and conducting analysis on emerging threats and how they relate specifically to BD
• Provide written reports and analysis of findings to communicate potential risks and impact, with a focus on business impact
• Support risk reporting and escalation to cross-functional teams in a cooperative manner
• Communicate incidents and vulnerabilities to BD stakeholders in a timely manner following BD internal policies and procedures; Follow-up to ensure teams carry-out short-term and long-term remediation.
• Organizes and maintains documentation for internal process and procedures
• Participation in after-hours incidents when required
• Assist with additional projects as needed

Requirements:

• Strong communication and project management skills
• Requires a highly motivated, dynamic, and customer-centric associate who thrives in a challenging and changing environment
• Working knowledge of crisis management communication, incident response and handling methodologies, NIST cybersecurity standards and FDA cybersecurity guidance
• Effective meeting management and group facilitation skills
• Experience with reviewing intrusion detection systems and identifying host and network-based intrusions via intrusion detection technologies