This is an individual contributor position with the responsibility of maintaining company information security systems, processes, and procedures to protect and maintain the confidentiality, integrity, and availability of all data and information systems.
This position will also serve on a team which contributes technical expertise and analysis to various customers, including end users, IT professionals, and Management.
In addition, this position will drive support for security programs through a steering committee and be involved with other customer-facing engagements as needed.
Essential Duties and Responsibilities
The responsibilities of this position include, but are not limited to the following:
* SECURITY ARCHITECTURE DESIGN: Identifies appropriate security controls and network design to maximize efficiency and data integrity.
* STRATEGIC PLANNING: Assists in planning and design of enterprise information security topology. Assists in the design and continuous improvement of defense-in-depth architecture.
* PRODUCT MANAGEMENT: Provides technical expertise and assistance in the evaluation, configuration and maintenance of security systems such as firewalls, mail gateways, proxies, endpoint detection and protection, CASB, etc. Assists in defining high-availability architecture and disaster recovery planning, and maintains secure configuration controls. Has a high level of knowledge in defining strategic direction for security solutions.
* SECURITY INCIDENT MANAGEMENT: Investigates, analyzes, coordinates, and reports on all security events, incidents, and intrusions. Tracks incidents through analysis, diagnosis, correction, and resolution.
* RISK ASSESSMENTS: Performs various security assessments and review for evidence of vulnerability or non-compliance. Assists with or coordinates implementation of security solutions. Tracks resolution of findings and follows up to conclusion.
* RESEARCH: Assists in the study of vendors and products for the network and desktop security to determine those which best meet the needs of the company.
* CONSULTING: Serves as an expert technical resource, to advise and assist in security issues, both proactively and reactively. Assists with the creation, evaluation, and implementation of policies and procedures for monitoring standards, incident investigation procedures, and minimized security risks.
* PROTECTION: Ensures the integrity of the Company's data and systems, security of confidential information, and protection of physical property. Follows established security and disaster recovery procedures.
Knowledge, Skills and Qualifications
* Skills: Must have a working knowledge of ITIL and ISO 27001 requirements. Experience with FDA, SOX, HIPAA, and NIST requirements is preferred.
* Certifications: CISSP or other security focused certifications are desirable.
Education and Experience
* Education: Bachelor's degree from an accredited college or university in Computer Science, Information Security, or related equivalent IT field experience preferred
* Experience: A minimum of 5 years prior experience in secure systems architecture; defense-in-depth analysis; and configuring and managing security devices.
* Just be at least 18 years of age.
* Must pass pre-employment drug screen and background check.
* Typically requires travel 5-20% of the time
Physical Requirements and Work Environment
* This is largely a sedentary role.
* This job operates in a professional office environment and routinely uses standard office equipment.
We are an Equal Employment Opportunity Employer, Female/Minority/Veterans/Disabled/Sexual Orientation/Gender Identity.
About Icu Medical
ICU Medical is a medical device company that provides infusion therapy, oncology, and critical care products.