IT Security Analyst
Company: Vitalograph is the world's leading manufacturers of medical respiratory diagnostic devices and software, used in the diagnosis of respiratory disorders, and advanced high-reliability equipment and software systems used in respiratory end-point clinical drug trials. Based in Ennis, Co. Clare for over forty-five years, we now wish to recruit an experienced IT Security Analyst to join the Global IT Team, with immediate start.
Reporting to the CIO, the successful candidate will be responsible for providing IT Security services within the Global IT team by working on projects and initiatives to continually improve the cyber security posture of the organisation.
There are three main aspects to the role:
- Working closely with the CIO to maintain the existing Security Program based on ISO27001 and begin preparations for the new revision due in 2022, while also drawing up an alignment of our IT controls against the NIST Cybersecurity Framework - Identify, Detect, Protect, Respond and Recover.
- Vulnerability management program for corporate and clinical infrastructure, including remediation of open pen test items and driving security improvements in products and systems - such as data backup processes and 'encryption @ rest' technologies.
- Further development of Security Incident and Event Management (SIEM) tools including ingesting data from firewalls and data analytics to identify threats and patterns within the SIEM data. Identifying and evaluating new COTS and open-source tools to further strengthen our security posture.
The ideal candidate would have experience of the following:
- A degree or equivalent in Computer Science or 4+ years of relevant industry experience supported by industry certifications in IT security.
- Experience of working on your own initiative, self-starter, while being part of a larger IT team.
- Experience with ISO27001 and/or NIST Cyber Security Framework.
- Extensive experience in Information Security tool's, processes, and frameworks.
- Experience of Security Incident and Event Management (SIEM) tools (such as Splunk, Wazuh etc.) - ingesting data, troubleshooting, clustering and automated responses.
- Experience in developing content/reports in SIEM - searches, alerts (including POC and tuning), dashboards, Apps.
- Experience in Information Security analyses and understanding of the following:
- Email Security and running phishing campaigns (KnowBe4),
- Incident Management,
- System and network security,
- Experience in Network Penetration testing and remediation of issues.
- Hands-on experience with vulnerability management tools and strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, database, and application servers. Examples of these tools include Kali Linux, OpenVAS, Nessus etc.
- Effective communicator, both in verbal and written communications to business and technical audiences.
- Experience of security cloud-based services such as Office 365 and AWS.
- Experience in Security evaluation of third-party tools.
- While on essential, an understanding of VMware platforms including containerization would be useful.
If you are interested in the above position, please email a brief cover letter and CV to careers@vitalograph.ie
