Innovation starts from the heart. At Edwards Lifesciences, we’re dedicated to developing ground-breaking technologies with a genuine impact on patients’ lives. At the core of this commitment is our investment in cutting-edge information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success. As part of our IT team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions.
As an IR Analyst for Information Security at Edwards, you will contribute with protecting Edwards organization, applications and products by monitoring, hunting, and responding to security threats. Ideal candidates posses knowledge in information security incident response, analytical thinking and the ability to self-learn. This role is a vital part of our 24x7 Incident Detection and Response team to help protect Edwards.
How will you make an impact:
Serve as key first tier (level 1 analyst) on-call resource for security escalations based on shifts schedule
Perform complexed investigations and phishing analysis as a part of Edwards active security monitoring and threat hunting operations within SLAs
Drive response and remediation actions to protect against security threats in Edwards environments and products
Support data ingestion tuning and data correlation operations
Drive improvements of our Detection Engineering operations by providing tuning recommendations and baselining detection use cases
Work closely with the Detection Response and Automation team to provide valuable feedback to improve our Incident Response processes
Staying informed on the evolving cybersecurity threat landscape to drive innovative investigations and improvements to drive Edwards’ security posture
What you'll need (Required):
As needed, participate in CIRT team efforts
What else we look for (Preferred):
Participation in information security incident handling efforts
Provide and build detailed investigation summary including documentation and recommended action items
Experience with SIEM solutions (Google SecOps, Splunk, Qradar etc)
Experience with SOAR platforms operations (Torq, PaloAlto XSOAR etc)
Certifications in related discipline preferred (e.g., CEH, CISM, CISSP)
Expert of security IR concepts, data tuning, SIEM, log sources and security frameworks (e.g. MITRE)
Knowledge of common attack vectors and methods
Knowledge of cloud security concepts
Scripting experience
Moderate understanding of troubleshooting techniques with the ability to adapt and learn new technologies
Proficient analytical and problem-solving abilities to identify and mitigate potential security risks
Good organization and time management skills
Good verbal and written communication skills and customer focused skills
