ProductSecuritySr.Analyst-CybersecuritySr.Analyst

We have Contract role Product Security Sr. Analyst - Cybersecurity Sr. Analyst for our client at St. Paul, MN. Please let me know if you or any of your friends would be interested in this position.

Position Details:

Product Security Sr. Analyst - Cybersecurity Sr. Analyst- St. Paul, MN

Location : St. Paul, MN 55117

Project Duration : Initial contract duration is 6 months with a strong possibility of extension. The role is expected to be long-term depending on performance.

Shift : Flexible working hours (start times between 6:30 AM and 9:30 AM)

Job Description:

The position is focused on vulnerability risk management within the cybersecurity space. The candidate will work with Rapid7 tools, primarily Insight VM, and manage the scanning environment. The role is on-premises at the St. Paul campus and requires in-person attendance.

Responsibilities

- Assess and rebuild the Rapid7 Insight VM environment

- Perform vulnerability scanning (scheduled and ad hoc)

- Collaborate with internal teams and manage stakeholder priorities

- Potential to engage in web application scanning, threat intelligence, and continuous monitoring

Required Skills

- Experience in vulnerability risk management

- Familiarity with Rapid7 toolsets (Insight VM preferred)

- Ability to work independently and manage tasks without micromanagement

Preferred Experience

- Container scanning experience

- Cybersecurity certifications (CISSP, Security+, CEH)

- Bachelor's degree preferred; associate degree required

Job Summary:

The Product Security Sr. Analyst is a high caliber performer responsible for identifying security risks of developed, marketed, and fielded products, including, but not limited to, patient safety and data protection risks. The Product Security Sr. Analyst will help build and maintain a product security program that offers services such as: product security risk assessment, security testing, security event handling, metrics & monitoring, external communications and staffing, education and training.

This is an on-premises position, attendance in person is required.

Job Duties:

Participate in company-wide product security initiatives as necessary

Develop and maintain technical documentation for internal and external use and effectively transfer knowledge to business and IT team members.

Develop and effectively execute project plans, work breakdown, structure, and task dependencies, communication plans, etc. as needed.

Maintain positive and cooperative communications and collaboration with all levels of employees, customers, contractors, and vendors.

Proactive monitoring and handling of product vulnerabilities in accordance with FDA post-market guidance.

Perform all procedures necessary to ensure the safety of information systems and to protect systems from intentional or inadvertent access or destruction.

Must be able to weigh business needs against security concerns and articulate issues to management.

May coach or provide guidance to lower-level security professionals

Communicate product security messaging throughout the organization.

Perform other related duties and responsibilities, on occasion, as assigned

Equipment:

Works with standard office equipment such as telephone, cellular phone, fax/copier, and a personal computer with standard office software.

Working Conditions:

Work environment varies from well lighted office/cubicle, low to moderate noise level, to a variety of conditions caused by travel requirements such as customer offices, research labs, hospitals, hotels, use of automobiles, commercial travel, weather, etc.

Physical Demands:

Activities require a significant amount of sitting in front of a computer monitor, some standing and walking. Significant use of hands and arms, plus finger dexterity to reach, point, write, type, operate a computer and other office equipment. Performs tasks that regularly require good correctable vision and hand/eye coordination. Activities also require significant use of voice and hearing for discussions with other employees.

General Qualifications

• Experience working with industry standard toolsets such as Rapid7, Tenable, and similar tools.
• Certifications such as CISA, CISM, CRISC, CISSP, CPP or CFE are preferred
• History of completing successful cross-functional projects and driving positive compliance outcomes.
• Knowledge of national and international regulatory compliances and frameworks such as NIST Cybersecurity Framework, ISO 27001, EU DPD, HIPAA/HITECH
• Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner, and be able to meet assigned deadlines and service levels.
• Must have strong time management skills and an ability to thrive in a high cadence operation
• Must work well within a tight-knit team environment and be able to work with peers, customers, and partners to support the mission.
• Excellent communication skills with demonstrated ability to write clear, concise business communication for multiple levels (management, technical, user).
• Able to understand and leverage the IT and business vision and strategy to support solution definition
• Able to professionally represent the Security function to key business stakeholders
• Ability to work in a highly matrixed and geographically diverse business environment.
• Ability to work within a team and as an individual contributor in a fast-paced, changing environment.
• Ability to leverage and/or engage others to accomplish projects.
• Ability to maintain regular and predictable attendance.