Senior Security Analyst (InfoSec)
Medidata: Conquering Diseases Together
Medidata is leading the digital transformation of life sciences, creating hope for millions of patients. Medidata helps generate the evidence and insights to help pharmaceutical, biotech, medical device and diagnostics companies, and academic researchers accelerate value, minimize risk, and optimize outcomes. More than one million registered users across 1,400 customers and partners access the world's most-used platform for clinical development, commercial, and real-world data. Medidata, a Dassault Systèmes company, is headquartered in New York City and has offices around the world to meet the needs of its customers. Discover more at www.medidata.com.
The Sr. InfoSec Engineer is focused on being the liaison between the information security, quality management and production support teams, and will be the primary support for information security incidents, vulnerabilities and threat advisories.
The Sr. InfoSec Engineer will be responsible for securing the clinical cloud and its data from hostile threats by ensuring the hosting environments are in compliance with industry and company security policies and standards.
- Log and track security incidents and alerts identified by security monitoring tools and third party services
- Assess the validity and impact of alerts
- Recommend remediation plan and risk acceptance to management teams
- Maintain third party portals and tools
- Investigate whether a breach of security occurred as a result of a security incident
- Provide detailed root cause analysis reports
- Provide primary support and analysis throughout the life cycle of a security incident.
- Continually assess and track industry security vulnerabilities and threat advisories
- Assess impact to production systems and create security impact reports
- Coordinate with multiple teams to remediate or accept potential vulnerabilities
- Maintain accurate inventory of security keys and certificates
- Manage the rotation of key and certificates
- Ensure PKI infrastructure complies with policies and standards
- Maintain audit records of access and changes to all security assets within Service Delivery
- Assist in the engineering, implementation and monitoring security control measures for the protection of computer systems, networks and information
- Solid understand of Cloud Infrastructure (AWS a plus)
- Deep understanding of Computer Forensics
- Working knowledge of Evidence Custodianship
- Good understanding of Cloud Infrastructure
Your Education & Experience:
- Bachelor's Degree or Equivalent Experience
- Security Certification (CISA, CISM, CRISC, CISSP) desired; and one will be required within one year of hire
- GCIH certification greatly desired
Medidata is making a real difference in the lives of patients everywhere by accelerating critical drug and medical device development, enabling life-saving drugs and medical devices to get to market faster. Our products sit at the convergence of the Technology and Life Sciences industries, one of most exciting areas for global innovation. Nine of the top 10 best-selling drugs in 2017 were developed on the Medidata platform.
Medidata Solutions have powered over 17,000+ clinical trials giving us the largest collection of clinical trial data in the world. With this asset, we pioneer innovative, advanced applications and intelligent data analytics, bringing an unmatched level of quality and efficiency to clinical trials enabling treatments to reach waiting patients sooner.
Medidata Solutions, Inc. is an Equal Opportunity Employer. Medidata Solutions provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability status, protected veteran status, or any other characteristic protected by the law. Medidata Solutions complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.