Sr. Information Security Analyst Abiomed
Danvers, MA

Job Description

Abiomed, an innovative medical device company, is focused on recovering hearts and saving lives. We have a single guiding mission: "Patients First." With corporate headquarters in Danvers, Massachusetts, offices in Aachen & Berlin, Germany and Tokyo, Japan, Abiomed's 1,300 employees form one of the fastest growing medical technology companies in the world. Abiomed attracts and retains exceptional talent with our collaborative culture, passion for our work, and a strong commitment to employee professional development.

ABIOMED, one of the world's fastest-growing med tech companies, has the immediate opportunity for an exceptional Information Security professional to join its growing and dynamic team! If you are analytical, technically-minded, and excited by the prospect of making an impact at one of the world's best-performing companies that is dedicated to recovering hearts and saving lives, this could be the perfect opportunity for you!

As the Sr. Information Security Analyst with ABIOMED, you will work to help protect corporate systems and data assets from internal and external threats. The mission is protecting and securing the confidentiality, integrity, and availability of corporate digital assets/systems from malicious intents or unauthorized use. To meet objectives, you will focus work activities on the protection, anomaly detection, and incident response to these risk areas. A blend of technical, security, and analytic skills are needed for the position. Leveraging internal and external security tools, systems & services, you will have the opportunity to showcase your cross-functional collaboration skills as you partner with IT colleagues and business users alike. As an information security subject matter expert, you will be expected to oversee vulnerability management, partner with security vendors/operations center, propose protective technological solutions and secure configurations within existing solutions. On a proactive basis, you will undertake regular testing, validate secure deployment configurations and compliance with established standards, guidelines and mandates. You will collect, report on, and respond to network and application security events with active management to resolution.

Other key responsibilities of the Sr. Information Security Analyst:

* In collaboration with IT Operations peers, establish standards and ensure systems adherence to secure configurations of on prem. and cloud-based systems
* Provide dashboard tracking of open issues in the Vulnerability Management Program and manage the remediation process through successful resolution
* Oversee security incident and event management alerting with team response while developing and maintaining a security reporting program that provides timely and consolidated metrics to the IT Management and internal audit and compliance functions
* Participate in the acquisition of system protection and threat intelligence platforms through both automated tools and services
* Model security best practices to achieve proper framework alignment and risk avoidance objectives; enforce policies, procedures, and controls through monitoring and auditing for potential violations while ensuring systems are compliant with IT standards and overall program security requirements, advise on risk assumptions for any deviations from standards, and provide alternatives to achieve desired end results.
* Provide security oversight for technical projects providing subject matter expertise as needed; valuate new systems and deployments for security risk prior to production release; monitor system changes for potential security impact
* Conduct vendor technical risk assessments to assure security compatibility with established organizational standards, providing feedback regarding security configurations or operational concerns
* Maintain proper documentation and configuration data for operating, regulatory, and audit purposes and adhere to proper process and change management requirements; support both internal and external audits related to access controls, security administration, events and response
* Promote security best practices through strong business collaboration and end user education programs
* Collaboratively work with the global IT team and partner with external vendors for support of the security program; coach and guide IT Operations team members in security practices and provide leadership during incident response events, appropriately escalating issues to senior management



Skills & qualifications required for success:

* Outstanding customer service orientation, passion for exceeding support expectations, and demonstrated patience when working with non-technical users!
* A Bachelor's degree in Information Technology/Security, or a directly-related field, from an accredited institution
* 3+ years' experience in Information Security
* Demonstrated working knowledge of a broad range of security tools/applications (SIEM, PAM, SOC, 2FA, NGFW, DLP, SDLC, access control/network segmentation, SSO, vulnerability scanning, and data classification tools)
* Ability to lead / contribute to multiple highly complex projects while meeting requirements, on time, and within budget
* Excellent ability to clearly & concisely present both verbal / written communication across all levels
* Exposure to operating in a regulated environment (Sarbanes Oxley, FDA, HIPAA, COBIT, ITIL)
* Ability to work a flexible schedule when required. (Occasional domestic & international travel is required, up to 10%.)
* Demonstrated analytical, problem identification, troubleshooting, and creative problem-solving abilities



Additional qualifications that will make you stand out:

* Industry-relevant professional certifications such as CISSP, CISM, or CISA
* Experience with NIST Cybersecurity or related frameworks
* Experience in developing or administering and information security program

Abiomed is an Equal Opportunity Employer committed to a diverse workforce. Abiomed will not discriminate against any worker or job applicant on the basis of race, color, religion, gender, gender identity, national origin, ancestry, age, sexual orientation, gender identity, marital or civil partnership status, pregnancy, gender reassignment, non-job related mental or physical disability, genetic information, veteran status, military service, application for military service, or membership in any other category protected under law.