Information Security Analyst
: Job Details :

At MannKind our employees are our number one asset, and we continue to be a tight-knit community where each of us has a critical role in our success. Committed to diversity, at MannKind we depend on a rich blend of ideas, backgrounds, and working styles in our quest to change the world for the better.Position Summary: The Information Security Analyst is a pivotal, hands-on role at MannKind's Danbury facility. This position is dedicated to ensuring the integrity and security of all MannKind data across both on-premises and cloud-based applications. As an on-premises role, the analyst will be actively engaged in resolving technical issues from inception to resolution. A strong technical /infrastructure background is required. This is not a remote or hybrid position. We require onsite presence Monday to Thursday. Fridays are currently remote. LOCATION: DANBURY, CT or BEDFORD, MAPrincipal Responsibilities:

• Implement and maintain the Center for Internet Security (CIS) Controls framework to maintain robust security protocols and procedures.
• Implement and manage security measures for information systems to prevent breaches, detect vulnerabilities, and manage risk.
• Conduct regular system audits to ensure compliance with security standards.
• Proficiency in AI and its application in data security and protection strategies
• Collaborate with IT teams to integrate security practices into the development lifecycle.
• Provide training and guidance to IT staff on cybersecurity best practices.
• Stay abreast of the latest cybersecurity trends and technologies.
• Assist with updating and reviewing SSP (System Security Plan)
• Develop controls such as firewalls, business systems, data leakage protection systems, patching, encryption, vulnerability scanning, remediation as well as advises and implements configurations for a variety of security tools.
• Evaluate, categorize, and remediate security events and vulnerabilities before they become security incidents.
• Identify security gaps discovered through ongoing monitoring of all information security controls and propose enhancements to security controls and implement them fully.
• Participates in cybersecurity projects to ensure that the delivery is on-time and adopted to meet the company's information protection requirements.
• Maintain relationship with Managed Security Services Provider
• Own vulnerability management with categorizing, evaluating risk and implementing the remediation steps to closure.
• Patch management for servers and endpoints.
• On call rotation for emergency related events due to outages, cyber events, etc.
• This is a hands-on, technical role that requires a robust background in infrastructure technologies to assess and deploy solutions.

Education and Experience Qualifications:

• BA/BS degree relating to information technology, compliance, information management, infrastructure and/or information security and a minimum of 5 to 7 year's work experience.
• Candidates must possess analytical skills, which evolved from training in Cybersecurity, Information Systems, Computer Science, helpdesk/infrastructure, or similar discipline.
• Experience managing Rapid7.
• Experience managing NextGen AV systems.
• Hands on experience running AI models.
• Experience with information security framework models such as CIS Framework, NIST, etc., implementing and auditing security measures, security response, and incident management.
• Working knowledge of network switches, routers, firewalls and VPN, network security, administration of DLP, antivirus, antimalware, IDSIPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs.
• Knowledgeable in security best practices such as encryption, hashing, vulnerability scans, event log monitoring, intrusion detection and prevention, eDiscovery, and content filtering.
• Ability to oversee, resolve, and consistently enhance the vulnerability management program.
• Ability to propose and implement solutions for closing identified vulnerabilities.
• Knowledge of cloud providers' security (AWS, Google Cloud Platform, or Azure).
• Prior experience managing EDR solutions.
• Prior experience with SIEM, configuration management, hardening, and vulnerability scanning
• Experience with identity access management systems (IAM)
• Previous experience in a HIPAA and FDA regulated environment preferred.

Pay Range: $109,600 - $164,400 per year