Position: Information Security Analyst
Location:Danbury, CT
Job Id: 111134
# of Openings: 1At MannKind our employees are our number one asset, and we continue to be a tight-knit community where each of us has a critical role in our success. Committed to diversity, at MannKind we depend on a rich blend of ideas, backgrounds, and working styles in our quest to change the world for the better.
Position Summary: The Information Security Analyst is a pivotal, hands-on role at MannKind's Danbury facility. This position is dedicated to ensuring the
integrity and security of all MannKind data across both on-premises and cloud-based applications. As an on-premises role, the analyst will be actively engaged in resolving technical issues from inception to resolution. A strong technical /infrastructure background is required. This is not a remote or hybrid position. We require onsite presence Monday to Thursday. Fridays are currently remote. LOCATION: DANBURY, CT or BEDFORD, MA
Principal Responsibilities: - Implement and maintain the Center for Internet Security (CIS) Controls framework to maintain robust security protocols and procedures.
- Implement and manage security measures for information systems to prevent breaches, detect vulnerabilities, and manage risk.
- Conduct regular system audits to ensure compliance with security standards.
- Proficiency in AI and its application in data security and protection strategies
- Collaborate with IT teams to integrate security practices into the development lifecycle.
- Provide training and guidance to IT staff on cybersecurity best practices.
- Stay abreast of the latest cybersecurity trends and technologies.
- Assist with updating and reviewing SSP (System Security Plan)
- Develop controls such as firewalls, business systems, data leakage protection systems, patching, encryption, vulnerability scanning, remediation as well as advises and implements configurations for a variety of security tools.
- Evaluate, categorize, and remediate security events and vulnerabilities before they become security incidents.
- Identify security gaps discovered through ongoing monitoring of all information security controls and propose enhancements to security controls and implement them fully.
- Participates in cybersecurity projects to ensure that the delivery is on-time and adopted to meet the company's information protection requirements.
- Maintain relationship with Managed Security Services Provider
- Own vulnerability management with categorizing, evaluating risk and implementing the remediation steps to closure.
- Patch management for servers and endpoints.
- On call rotation for emergency related events due to outages, cyber events, etc.
- This is a hands-on, technical role that requires a robust background in infrastructure technologies to assess and deploy solutions.
Education and Experience Qualifications: - BA/BS degree relating to information technology, compliance, information management, infrastructure and/or information security and a minimum of 5 to 7 year's work experience.
- Candidates must possess analytical skills, which evolved from training in Cybersecurity, Information Systems, Computer Science, helpdesk/infrastructure, or similar discipline.
- Experience managing Rapid7.
- Experience managing NextGen AV systems.
- Hands on experience running AI models.
- Experience with information security framework models such as CIS Framework, NIST, etc., implementing and auditing security measures, security response, and incident management.
- Working knowledge of network switches, routers, firewalls and VPN, network security, administration of DLP, antivirus, antimalware, IDSIPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs.
- Knowledgeable in security best practices such as encryption, hashing, vulnerability scans, event log monitoring, intrusion detection and prevention, eDiscovery, and content filtering.
- Ability to oversee, resolve, and consistently enhance the vulnerability management program.
- Ability to propose and implement solutions for closing identified vulnerabilities.
- Knowledge of cloud providers' security (AWS, Google Cloud Platform, or Azure).
- Prior experience managing EDR solutions.
- Prior experience with SIEM, configuration management, hardening, and vulnerability scanning
- Experience with identity access management systems (IAM)
- Previous experience in a HIPAA and FDA regulated environment preferred.
Pay Range: $109,600 - $164,400 per yearApply for this Position