Job Description

Description


Sr Information Security Analyst, Threat & Vulnerability


Syneos Health is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We translate unique clinical, medical affairs and commercial insights into outcomes to address modern market realities.


Every day we perform better because of how we work together, as one team, each the best at what we do. We bring a wide range of talented experts together across a wide range of business-critical services that support our business. Every role within Corporate is vital to furthering our vision of Shortening the Distance from Lab to Life.


Discover what our 29,000 employees, across 110 countries already know:


WORK HERE MATTERS EVERYWHERE

Why Syneos Health

• We are passionate about developing our people, through career development and progression; supportive and engaged line management; technical and therapeutic area training; peer recognition and total rewards program.
• We are committed to our Total Self culture - where you can authentically be yourself. Our Total Self culture is what unites us globally, and we are dedicated to taking care of our people.
• We are continuously building the company we all want to work for and our customers want to work with. Why? Because when we bring together diversity of thoughts, backgrounds, cultures, and perspectives - we're able to create a place where everyone feels like they belong.


The Information Security Analyst, for Threat & Vulnerability, will provide service and operational support for all Syneos Health assets. The Threat & Vulnerability Analyst will support project work upon request.



The Threat & Vulnerability Analyst will be responsible for consuming threat intelligence from internal and external sources and converting intelligence into actionable use cases and detection methodologies. The Threat & Vulnerability Analyst reviews security events and conducts additional analytics to determine if an event requires additional incident response actions by Syneos Health operational teams.



Responsibilities




Essential Functions:

• Correlate threat data from various internal and external sources. Conduct research and evaluate threat intelligence to develop in-depth analysis and assessment of threats to critical networks and infrastructure components.
• Conduct cyber intelligence analysis, coordination, and interaction across networks and infrastructure components.
• Support the identification and impact classification for new vulnerabilities identified in the environment.
• Execute and support vulnerability assessments, penetration testing and social engineering activities.
• Support the implementation, adoption, configuration, and maintenance of threat & exposure tools.
• Conduct periodic reviews of SOC security event activities to identify trends for potential efficiency and potential gaps with services.
• Provide Enterprise Leadership teams information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures.
• Incident and Problem management system support working with Security Operations Centers
• Develop and maintain analytical procedures to improve security incident identification and response efficiency.
• Support Information Security leadership and architecture teams to identify capability gaps in vulnerability management services and tools.
• Interact with business and service owners to understand information criticality and use cases for detection of threats targeting such data.
• Develop strong working relationships with counterparts within IT and OCISO.
• Conduct incident response actions from security incidents as directed by leadership team, including during off-hours as needed.
• Create and maintain threat and vulnerability metrics data.
• Continue self-development of knowledge, skills, and abilities to better support execution of the cybersecurity analyst function.

Qualifications





Qualifications




Minimum Education and/or Experience:

• Bachelor's degree in the field of MIS, Cybersecurity, computer science, information systems or computer engineering or equivalent experience.
• 5 to 7 years of experience with identifying, analyzing, and communicating cyber threat and vulnerability information.
• Experience applying threat and vulnerability analyses models, examples include the Lockheed Martin (LM) Cyber Kill Chain, the Diamond Model of Intrusion Analysis, the MITRE ATT&CK Framework, and the Common Vulnerability Scoring System (CVSS).
• Understanding of Agile and ITIL methodologies
• Ideal candidates will hold one or more of the following certifications:
+ CISSP, NET+, SEC+, SANS GIAC (GISF, GSEC or other)

Get to know Syneos Health

Over the past 5 years, we have worked with 94% of all Novel FDA Approved Drugs, 95% of EMA Authorized Products and over 200 Studies across 73,000 Sites and 675,000+ Trial patients.


No matter what your role is, you'll take the initiative and challenge the status quo with us in a highly competitive and ever-changing environment. Learn more about Syneos Health.