The Celito Team architects the buildout of simplified, integrated, and compliant technology stacks. With both consulting and products, our expertise can help our customers save time and money as they move from strategic Clinical & Quality management all the way to widespread and profitable commercialization.
Job Overview
As an Infrastructure & Cybersecurity Operations analyst, your primary responsibility will be to execute and manage the day-to-day operations and the periodic infrastructure and cybersecurity processes of our clients and organization. You will ensure that operational practices, controls, and standards are effectively implemented to mitigate risks and enhance operational efficiency. Your role will involve hands-on management of infrastructure resources, proactive monitoring, and swift response to security incidents. Additionally, you will spearhead operational initiatives aimed at improving the overall security posture while aligning with regulatory requirements and company standards. Collaboration with cross-functional teams will be essential to seamlessly integrate security into on-going operational processes, ultimately safeguarding assets and enhancing business continuity.
Responsibilities and Duties
Cybersecurity Standards and Processes:
Develop, implement, and manage operational processes and standards, enforce policies, and ensure the effectiveness of implemented cybersecurity controls for clients and the organization.
Continuously assess and enhance security practices.
Align security operations with overall cybersecurity strategy and business objectives.
Act as a technical subject matter expert, collaborating with other organizational stake holders to advance cybersecurity processes.
Ensure operational activities are conducted in compliance with regulatory and company standards.
Collaborate with and support the engineering team on project execution to implement new processes for clients as projects move from an implementation to an operational state.
Cybersecurity Operations:
Execute the daily and periodic operational activities such as patching, vulnerability reporting and remediation, privileged access reviews, delivering security awareness trainings, and others as required for clients.
Report on operational metrics to measure the effectiveness of operational processes and to ensure defined SLAs are met.
Maintain security tools and technologies and ensure any issues are addressed to prevent gaps in protection and visibility.
Monitoring and Incident Response:
Conduct and oversee cybersecurity monitoring activities including the defining of alerts from security technologies and alert handling for clients.
Perform in depth investigations, log analysis, and determine root cause of incidents.
Prepare incident reports and present findings in an organized manner.
Assess gaps in visibility, make recommendations, and assist in improving monitoring operations.
Provide expertise in incident response and investigations related to policy violations, security breaches, threats, and attacks.
Perform threat hunting activities as required to identify potential compromise or strengthen detection and prevention capabilities.
Infrastructure Operations:
Continuously monitor and help manage client infrastructure, including tools, technologies, and services.
Maintain and optimize the technology infrastructure to ensure operational efficiency.
Ensure data backups are executing daily and errors are resolved in a timely manner.
Qualifications
Minimum of 4+ years of experience in cybersecurity and infrastructure operations.
Strong background in cybersecurity operations, performing investigations and analytics.
Experience working with Security Incident and Event Management (SIEM) tools, endpoint detection and response tools, vulnerability management suites, and various security solutions.
Knowledge of information security frameworks, best practices, standards, and administrative, physical, and technical safeguards (experience with common security frameworks such as NIST, MITRE preferred)
Strong technical background and knowledge of network and systems security, system and network configuration, and application security.
Experience with incident response management, next gen firewalls, web application firewalls, multi-factor authentication, data loss prevention, disaster recovery.
Ability to collaborate with other team members to integrate security into operational processes.
Excellent communication and interpersonal skills.
Knowledge of regulatory requirements such as California Consumer Privacy Act (CCPA), Sarbanes-Oxley (SOX), and quality guidelines (GxP) a plus.
Compensation
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Celito, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $90,000 to $120,000 per annum.