Senior Cybersecurity Analyst

Bausch Health is a global company that develops, manufactures, and markets a differentiated product portfolio across multiple high-growth therapeutic areas including Gastroenterology, Generics, Neurology, Ortho Dermatologics, Medical Aesthetics and Dentistry.  We are delivering on our commitments as we build an innovative company dedicated to advancing global health.  Each day, Bausch Health products are used by over 150 million people around the world.

Our approximately 7,000 employees are united around our mission of improving people’s lives with our health care products.

As a Sr Cybersecurity Analyst, you will help secure Bausch Health infrastructure against both inside and outside threats. You will help manage our state-of-the-art security tools to correlate threats, respond to incidents, and protect our global assets. Additionally, you will work collaboratively with other members of our Global Security team and IT to investigate incidents, analyze attack methods, research new defense techniques and tools, develop security policy, and document procedures for the Global Security Operations Center. This role will report to the Incident Response manager.

Responsibilities

• Develop strong working relationships with support teams, management, and cross functional working groups.
• Leverage advanced information security, operations, cyber defense, and incident response experience to drive change and transformation within the Global Security Operations Team.
• Analyze security system logs, security tools, and available data sources on a regular basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning.
• Assist in triage activities for Security Incident Response, Security Resilience and Vulnerability Management including performing networking and agent scanning for resolving vulnerabilities with downstream Global IT team members
• Ensure that proper protection or corrective measures have been taken when an incident has been discovered.
• Respond to threats by acting as an escalation point to the 24x7x365 Security Operations Center (SOC) and Security working teams to support security monitoring, protection, and delivery of security services for the organization.
• Responsible for assessing systems, processes, and projects against compliance requirements, control objectives, and security best practices; interacts with internal and external technical staff and consults with project teams at various stages of project cycles.
• Provide appropriate inputs to the problem management process while supporting other team members in processes and techniques used to manage significant incidents.
• Be an active member of the Security Incident Response Team (SIRT) by responding to critical security incidents and leading escalation teams with response, containment, and remediation.
• Responsible for developing, maintaining, and promoting a set of security operations playbooks with internal IT teams and external working groups to effectively trigger and execute the security incident response process. Working with Security Architecture to operationalize new deployments.
• Report status on activities, issues, and projects to management, including the effectiveness and efficiency of security activities.
• Propose new standards, tools, policies, and procedures to improve security, compliance and risk management activities based on security operations findings, or security events or incidents.
• Collaborate with IT teams and security colleagues to ensure audit readiness, and to prepare for internal and external audits.

Qualifications/Skills

• Minimum three to five years of security monitoring experience and incident response activates.
• Hands on-management of security tools and devices with EDR/AV, Vulnerability Management, Database Security, Cyber Intelligence, Case management and SIEM-like tools.
• Experience in building security processes, documenting run books and important security tasks, and onboarding new operational processes.
• Knowledgeable about data confidentiality and compliance with regulatory requirements (HIPAA, FERPA, PCI, etc.).
• Ability to quickly and effectively investigate security incidents, perform root cause analysis, and document findings.
• Understanding of cyber-security principles such as encryption, ports, protocols & services, policies, procedures, physical security, risk management, configuration management, ethics, access control, security architecture, continuity of operations, contingency planning, and application security.
• Advanced understanding of the information security threat landscape.  Should be up to date on current attacker tools, techniques, and procedures.
• Demonstrates knowledge in network access control, intrusion prevention and detection systems, firewalls, routers, incident response, information security methods, and risk management.
• Minimum basic understanding of scripting languages, such as PowerShell and python
• Understanding of existing and emerging technologies.
• Experience of being a member of Security Incident Response teams, using Key Performance Indicators (KPIs), Service Level Agreements (SLAs) and tracking against other operational requirements.

Additional Education and Experience

• Bachelor's Degree in Information Technology, Computer Science, or Security is required.
• Security certifications such as CISSP, CISM, GIAC, CEH, Security+ or equivalent certifications is a plus.

Benefits package includes a Comprehensive Medical (includes Prescription Drug), Dental, Vision, Health Savings Account with company contribution, Flexible Spending Accounts, 401(k) matching, discretionary time off, paid sick time, tuition reimbursement, parental leave, short-term disability, long-term disability, life insurance, accidental death & dismemberment insurance, paid holidays, Employee Assistance Plan, commuter benefit, recognition awards, voluntary benefits (including Identity Theft, Student Loan and Breast Milk Shipping), employee referral bonuses and employee discounts.

#LI-hybrid

This position may be available in the following location(s): US - Bridgewater, NJ

Bausch Health Companies Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, marital or veteran status, disability, or any other legally protected status. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates collaboration.

If a candidate needs a reasonable accommodation/adjustment due to physical or mental health impairment for any part of the application process, they are encouraged to send their request to humanresources@bauschhealth.com  or call 908-927-1400 and let us know the nature of the request and their contact information. Please be sure to include the job requisition number.

Job Applicants should be aware of job offer scams perpetrated through the use of the Internet and social media platforms.
 

To learn more please read Bausch Health's Job Offer Fraud Statement.