Zimmer Biomet is a global medical technology leader. Our team members are part of a company with a heritage of leadership, a focus on shaping the future, and a mission dedicated to alleviating pain and improving the quality of life for people around the world.
As a member of our Information Security team, the Senior Threat and Vulnerability Analyst plays an important role in helping to define the direction for the security operations analysts and managing threat and vulnerability activities.
The Senior Threat and Vulnerability Analyst will identify, test, validate, track, research, and provide corrective consultation for threat intelligence and technical vulnerabilities in applications or infrastructure assets. The Senior Threat and Vulnerability Analyst will drive, implement, and manage procedure using a variety of tools and technologies in order to rapidly identify and respond to threats.
Principal Duties and Responsibilities
Identify, investigate, and drive remediation of vulnerabilities across on-prem and cloud environments.
Provides technical support for a comprehensive risk management program identifying mission critical processes and systems; current and projected threats; and system vulnerabilities.
Provide recommendations and technical guidance on the lifecycle of vulnerability management.
Drive reduction in attack surface across on-prem and cloud (Azure, O365, AWS) environments.
Research and report on the latest information technology (IT) security trends especially as related to IOC’s, threat mitigation and vulnerability management.
Use automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet our rapidly changing needs.
Perform ad-hoc data manipulations, normalizing, and reporting using large complex data sets for rapid security responses.
Develop reports using data that is hosted in multiple sources/tools (e.g. spreadsheets, databases) and communicate clearly to leadership and other cyber teams.
Recommend security enhancements to management.
Might coach or review the work of junior level professionals.
Expected Areas of Competence
Able to quickly shift gears from responding to tickets to presenting to management.
Able to managing projects / processes, working independently with limited supervision.
Able to solve problems of difficult and sometimes complexity
Ability to review logs and perform in-depth analysis.
Strong understanding of information security, IT in general and IT Infrastructure.
Strong understanding of threat and vulnerability management.
Strong understanding of on-prem and cloud security controls and threat/vulnerability mitigation in those areas.
Strong analytical, communication and interpersonal skills.
Ability to collaborate and build positive relationships across multiple stakeholders.
Agile thinking and analysis that leads to win-win and innovative solutions.
Ability to rapidly learn new technologies.
Ability to work well in a team and make positive contributions towards achieving team goals.
Foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems.
An ability to work extremely well under pressure while maintaining a professional image and approach
Decision-making skills, with an ability to weigh the relative costs and benefits of potential risks and identify the most appropriate course of action
Education/Experience Requirements
Bachelor’s degree in information technology or cybersecurity related field with at least 4+ years of information technology and/or cybersecurity experience, OR Bachelor's and Master's degree in information technology or cybersecurity related field with at least 3+ years of information technology and/or cybersecurity experience required
2+ years' experience with relevant security technologies and processes (i.e., vulnerability scanning, penetration testing, system hardening, threat intelligence) preferred
1+ years' experience working with coding/scripting languages and API integration preferred.
One or more relevant certifications such as: GCIH, CISSP, CEH, CHFI, Security+ preferred
Travel Requirements
Minimal travel required
Additional Information
At Zimmer Biomet, we believe in The Power of Us, which means that we are stronger together. We are committed to creating an environment where every team member feels included, respected, empowered, and celebrated.
As a Zimmer Biomet team member, you will share in our commitment to providing mobility and renewed life to people around the world. This is why we offer you a competitive rewards package that includes medical, dental, vision, life and disability insurance, wellness incentives, employee assistance programs as well as paid time off for vacation and holidays.