Cyber Security Analyst III

I. Job Purpose

The Cyber Security Analyst has the responsibility to contribute to the security of KARL STORZ Information systems in line with KARL STORZ’s policies, procedures, standards, and guidelines. The Cyber Security Analyst helps detect and respond to cyber threats in the organization, drive out weaknesses in our infrastructure (software, hardware and networks), and finds creative ways to protect our company.

II. Job Duties

  • Proactively monitor and analyze events, alerts, and from our SIEM, NDR, EDR, and ITDR to detect and respond to complex and sophisticated threats, with a focus on identifying new attack vectors.
  • Conduct advanced monitoring and analysis of computer networks, utilizing advanced tools and techniques to detect and respond to security issues.
  • Lead the analysis of malware, phishing, application, and network-based attacks, identifying new patterns and trends, and developing proactive mitigation strategies.
  • Take a lead role in responding to and investigating advanced/targeted attacks, coordinating efforts with incident response teams and senior management.
  • Lead the documentation of all actions, decisions, and outcomes throughout the duration of a cybersecurity incident, ensuring comprehensive reporting and knowledge sharing.
  • Drive the development and improvement of cyber security incident playbooks, incorporating best practices and lessons learned from previous incidents and industry standards.
  • Lead Blue/Red Team exercises, designing and executing advanced attack simulations to identify and address critical vulnerabilities and weaknesses in IT infrastructure.
  • Develop and maintain robust incident response management plans and processes, regularly reviewing and updating them to align with industry standards and evolving threats.
  • Take ownership of monitoring relevant security bulletins and security forums, providing timely updates and recommendations to the team and stakeholders.
  • Conduct in-depth analysis of emerging threats and their potential impacts to the environment and systems, working closely with other teams to implement proactive security measures.
  • Perform other duties as assigned, demonstrating leadership skills and contributing to the strategic direction of the cybersecurity function.

III. Minimum Knowledge, Education and Skill Requirements

Required

Minimum years of relevant work experience: 4+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team

Minimum education, certifications and/or credentials: Bachelor’s degree in cybersecurity, computer science, or equivalent technical discipline and one of the following certifications: SANS Sec 4xx (e.g. GIAC Security Essentials (GSEC) or other equivalent Cyber Security certifications is desirable

Minimum hard skill requirements (including computer and application proficiency):

  • Intermediate knowledge of malware families and network attack vectors.
  • Intermediate knowledge of operating system internals and security mechanisms.
  • Intermediate knowledge of web applications and APIs
  • Intermediate knowledge in system security architecture and security solutions
  • Intermediate understanding of attack activities such as network scanning, DDOS, malicious code activity, etc.
  • Intermediate understanding of network infrastructure devices such as routers and switches
  • Intermediate understanding of networking protocols such as TCP/IP, DNS, HTTP/S

Minimum soft skill requirements: Limited scope problem-solving. Follows standard practices. Information readily obtainable.

Preferred

Preferred years of relevant work experience: 5 – 6 years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team

Preferred education, certifications and/or credentials: Master’s degree in cybersecurity, computer science, or a equivalent technical discipline and one of the following certifications: and one of the following certifications: CISSP or other equivalent Cyber Security certifications is desirable

Preferred hard skill requirements:

  • Intermediate knowledge in scripting, Python, YARA, and RegEx experience is desirable
  • Intermediate knowledge in working with large data sets, using tools such as: Excel, SQL, Splunk, and PowerBI.
  • Intermediate knowledge with, forensics tools and malware analysis
  • Intermediate knowledge in security technologies such as: SIEM, IDS/IPS, DLP, WAF, NDR, EDR, ITDR, SOAR
  • Familiar with ITIL processes and framework

Preferred soft skill requirements: Moderate scope problem-solving. Exercises judgement within defined procedures. Overall, is expected to be curious, creative thinker who is deeply interested in the latest security developments and tools.

IV. Essential Function

Must be able to maintain productive working relationships and treat fellow employees with respect.

Has contact with: This person will work closely with all members of the Global IT and Information Security teams. Externally, this person will work closely with vendors and other solution providers Physical requirement/Demands: Must be able to travel, both domestically and internationally, as needed. Must be able to drive safely for business travel. Mental requirements/ Emotional Demands:
Interpersonal and communication skills: Excellent spoken and written communication skills. Mission-oriented with an emphasis on making the team successful

V. Core Requirements

Degree of accountability: Demonstrated ability to self-direct, to achieve assigned goals Degree of decision making: Power to shut down up to all infrastructure
Financial/Budgetary: Minimal Safety: Compliance with company policies for occupational health and safety to prevent accidents. Quality: Compliance with company policies, standard operating procedures, instructions and relevant work regulations. Supervision: Little instructions on routine work, general instructions on new assignments

Authority to Sign (not applicable for North America):

Travel: 10%

Your Benefits

  • Medical / Dental / Vision including a state-of-the-art wellness program and pet insurance, too!*
  • 3 weeks vacation, 11 holidays plus paid sick time*
  • Up to 8 weeks of 100% paid company parental leave**
  • 401(k) retirement savings plan providing a match of 60% of the employee’s first 6% contribution (up to IRS limits)
  • Section 125 Flexible Spending Accounts
  • Life, STD, LTD & LTC Insurance
  • We prepay your tuition up to $5,250 per year! – Tuition pre-imbursement
  • Fitness reimbursement of up to $200 annually
  • Employee referral program of up to $2,000 per hire
  • And much more!

*Field sales, internships, and part-time employees are not eligible except where required by state law.
Non-employees, including temporary workers and consultants, are not eligible to participate in the KARL STORZ benefits program.
**To include, maternal/paternal leave, adoption, and fostering of a child.

KARL STORZ reserves the right to change or modify the employee’s job description whether orally or in writing, at any time during the employment relationship. Additionally, KARL STORZ, through its supervisors, may require an employee to perform duties outside their normal description within the sole discretion of the supervisor. Employees must comply will all applicable KARL STORZ policies and procedures.

Credentialing requirements at KARL STORZ

KARL STORZ is committed to maintaining a safe work environment for our employees and customers. Most field-based roles at KARL STORZ require hospital credentialing/health screens as a condition of employment. Credentialing can include required vaccinations, health screens & other requirements as outlined by our customers. During the interview process, we encourage you to ask how credentialing/health screens may impact the role you are seeking and if you require any reasonable accommodations regarding these requirements.

Pay Transparency

The pay range and/or hourly pay rate listed is a good faith determination of potential base compensation that may be offered to a successful applicant for this position at the time of this job posting and may be modified in the future. When determining a specific team member’s base salary and/or hourly pay rate, several factors will be considered including such things as location, specialty, service line, years of relevant experience, education, professional credentials, internal equity, and the amount budgeted for the role.

Equal Employment Opportunity & Reasonable Accommodation Statement

KARL STORZ is committed to creating an inclusive space where employees are valued for their skills and unique experiences. To achieve this goal, we are committed to diverse voices, and all applicants will receive consideration without regard to race, color, sex, national origin, disability, veteran status, or any other protected characteristic. KARL STORZ is also committed to providing reasonable accommodations during our recruitment process. Should you need assistance or accommodation please email us at taoperations@karlstorz.com.

Get in Contact

Name:

Contact Details:

Related Post

BDC AssistantBDC Assistant

Senior Administrative Analyst (Department of Medicine Administration/Finance Office) You can make a difference in people’s lives every day. When you join UCLA Health, you’ll be working at an institution that