Associate, Cybersecurity Analyst

The Associate Cybersecurity Analyst will be involved in multiple aspects of supporting and managing the cybersecurity program with the goals of reducing risk, driving continuous maturity, and attending to live cybersecurity incidents occurring within the company. This position will require conducting hands-on security incident response to stop active cybersecurity threats targeting the Insulet IT enterprise, including phishing attacks, account compromise, and advanced malware.

Responsibilities:

• Act as analyst for enterprise incident response, reporting all technical findings, indicators of compromise, and threat actor tactics to incident managers and security leadership.
• Monitor enterprise system security platforms responding to security incidents, providing recommendations for improvement of indicator identification and security architectures.
• Serve as technician performing security platform testing procedures, simulating exploitation tools and techniques. Identify, measure, and report findings on deficiencies in alerting capabilities.
• Evaluate and improve systems ensuring data integrity and confidentiality concerning data-at-rest and network transport mechanisms.
• Prevent and detect intrusions in cloud and on-premise enterprise architectures.
• Perform incident triage, containment, and recommend actions for remediation and prevention with business stakeholders.
• Perform security log aggregation and implement analysis techniques to better identify security misconfigurations.
• Act as threat hunter, neutralizing security threats prior to exploitation.
• Implement security orchestration, automation, and response tools to quickly gain control of identified threats.
• Monitor tech and cyber trends, news, and emerging threats and regularly update staff.

Education and Experience:

• Associate Degree or higher.
• CompTIA A+ and CompTIA Security+ certifications a plus.
• 1-year related work experience. Experience in a manufacturing environment is a plus.
• Willingness to pursue INFOSEC certifications and/or advanced education.
• Conceptual knowledge of penetration testing and red team attack tools.
• Must have strong ability to build trust and keep information confidential.
• Excellent organizational skills and the ability to follow incidents to their conclusion.
• Ability to react to high pressure, changing, and complex technical environments.
• Have the coping skills necessary to work through stressful situations.
• A high level of interest in information security and a desire to learn.
• Strong problem-solving and analytical skills.

Preferred Skills and Competencies:

• Experience with hands-on response tools like CrowdStrike, Carbon Black, and/or Microsoft Defender ATP.
• Intimate knowledge of security frameworks such as NIST, CIS, and ISO.
• Knowledge of security platforms such as firewalls, IPS/IDS, and Privileged Access Mechanisms.
• Hands-on experience responding to, stopping, and preventing phishing attacks, business email compromise, and compromised account credentials.
• Preference given to those with operational technology (OT) security experience, industrial control systems (ICS), or Supervisory Control And Data Acquisition (SCADA) or working in a manufacturing controls environment.
• Experience with technical assessment of IT related processes such as system and information security, system development, change management, computer operations, and data protection.
• Intermediate understanding and demonstrated proficiency with Windows and Linux operating system forensics, Python, PowerShell, cyber-criminal threat intelligence, and penetration testing techniques.
• Physical Requirements (if applicable):
• Preference given to those open to working a shift-based schedule/non-local business hours.
• Up to 10% Global travel possible.