Cyber Security Analyst MannKind Danbury, CT- Relocation Assistance Available - Possible for ideal candidate Office space available at location listed Monday to Thursday in office. Currently, Fridays are remote Position Summary: Located at our manufacturing facility in Danbury, CT and reporting to the Sr. Manager, Information Security & Infrastructure, the Information Security Analyst is a hands-on role responsible for the security of all MannKind data including on premise and cloud applications. Follows through on technical issues until closure. Your expertise with the Center for Internet Security (CIS) Controls framework and artificial intelligence (AI) will be crucial in identifying vulnerabilities and mitigating risks. Principal Responsibilities:
- Implement and maintain cybersecurity measures in accordance with the CIS Controls framework
- Conduct regular system audits to ensure compliance with security standards
- Utilize AI-driven security tools to detect and respond to threats in real-time
- Collaborate with IT teams to integrate security practices into the development lifecycle
- Provide training and guidance to IT staff on cybersecurity best practices
- Stay abreast of the latest cybersecurity trends and technologies
- ssist with updating and reviewing SSP (System Security Plan)
- Develop controls such as firewalls, business systems, data leakage protection systems, patching, encryption, vulnerability scanning, remediation as well as advises on configuration for a variety of security tools.
- Triage, evaluate, categorize, and resolve security events before they become security incidents
- Collaborating with and educating other teams on raising the bar for security across the organization
- Coordinating with outside vendors to ensure secure operations
- Identify security gaps discovered through ongoing monitoring of all information security controls and propose enhancements to security controls.
- Evaluate and/or propose cybersecurity solutions and controls to maintain confidentiality, integrity, and availability.
- Compile weekly, monthly and quarterly metrics and reporting with regard to the current state of information security program and specific projects/activities
- Participates in cybersecurity projects to ensure that the delivery is on-time and adopted to meet the company's information protection requirements
- Coordinate company's phishing campaign program
- Maintain relationship with Managed Security Services Provider
Education and Experience Qualifications:
- BA/BS degree relating to information technology, compliance, information management, and/or information security and a minimum of 5 to 7 year's work experience.
- Candidates must possess analytical skills, which evolved from training in Cybersecurity, Information Systems, Computer Science, or similar discipline.
- Experience managing Rapid7.
- Hands on experience running AI models.
- Experience with information security framework models such as CIS Framework, NIST, etc., implementing and auditing security measures, security response, and incident management.
- Working knowledge of network switches, routers, firewalls and VPN, network security, administration of DLP, antivirus, antimalware, IDSIPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs.
- Knowledgeable in security best practices such as encryption, hashing, vulnerability scans, event log monitoring, intrusion detection and prevention, eDiscovery, and content filtering.
- bility to oversee, resolve, and consistently enhance the vulnerability management program
- bility to propose solutions for closing identified vulnerabilities.
- Knowledge of cloud providers' security (AWS, Google Cloud Platform, or Azure).
- Prior experience managing DNS filtering technologies, EDR solutions
- Prior experience with SIEM, configuration management, hardening, and vulnerability scanning
- Experience with identity access management systems (IDaaS)
- Previous experience in a HIP nd FDA regulated environment preferred.
SKILLS AND CERTIFICATIONS [note: bold skills and certification are required] SIEM CIr Rapid7 cloud applications AI Vulnerabilities Security Clearance Required: No Visa Candidate Considered: No CANDIDATE DETAILS 5+ to 7 years experience Seniority Level - Mid-Senior Management Experience Required - No Minimum Education - Bachelor's Degree Willingness to Travel - Never WHY WE'RE A GREAT COMPANY wesome culture and fabulous benefits. 15 PTO days plus 18 paid holidays including 2 week-long plant shut-downs.