Security Analyst - Varian - Palo Alto, CA

Together, we can make a life-long impact on our customers, each other, and millions of lives.

At Varian, you’ll find yourself surrounded by the world’s best and most innovative talent, working together with a singular focus – our mission to save lives. Our technology works to help cure cancer and protects the safety of nations, and you can impact all of it. Joining our Corporate Services team means you’ll help create an environment that encourages innovation and that what you do will mean something. Legal, Human Resources, Government Affairs, Finance and IT professionals work together to help innovate life- saving solutions relied on by millions of people across the globe.

Security Analyst – Palo Alto, CA

Under the direction of the Security Program Manager, the Security Analyst will develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. In collaboration with the Security Governance team and the IT Infrastructure Security Team they will actively participate in the management and execution of the Information Security Program, including Intrusion Detection and Log Monitoring, the Vulnerability Assessment Program, Information Security Process & Reporting and implement a comprehensive approach to the management of security risks.

The Security Analyst works in tandem with the Security Operation Center and Europe based Security Analysts to manage the response to security threats and incidents. This role is responsible for developing the processes, best practices and standard operating procedures to respond to security incidents. Additionally the analyst will be responsible to manage the vulnerability scanning program and reporting.

Essential Duties and Responsibilities:

  • Assists in the development and maintenance of IT Security standards and procedures.
  • Performs security assessments of current and proposed IT systems and the modification of those systems, reporting noted security issues to management.
  • Monitors security systems maintained by Varian IT.
  • As an active member of the Change Review Board (CRB), ensures that IT Security Policy, procedures and guidelines are followed prior to changes being introduced to production.
  • Researches attempted efforts to compromise security protocols.
  • Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
  • Provides support for regulatory compliance activities pertaining to VIT.
  • Lead investigations into information security incidents.
  • Drive efforts towards containment of threats and remediation of environment during or after an incident.
  • Review and analyze security logs from routers, firewall, IDS/IPS, web proxies, Windows, Linux/Unix, anti-virus, anti-malware and other security tools.
  • Perform complex security investigation and root cause analysis.
  • Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.
  • Ensure that all incidents are recorded and tracked to meet audit and legal requirements where necessary.
  • Manage vulnerability Scanning program and perform vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls.
  • Produce Information Security related dashboards, reports and provide analysis of the results to management.
  • On call rotation duties in relation to being a member of the incident response team.

 

Desired Skills and Experience

Education/Licensing/Certification:

  • Bachelor’s degree in information systems or relevant field of study
  • Minimum of 4 years work experience in Information Security
  • Minimum of 2 years work experience with audits as either an auditor or with direct responsibilities for audit results.
  • CISSP, PCIP, CISA or other relevant designation preferred, will consider individuals currently working to attain such certifications

 

Experience:

  • Experience with Information Security Audits – PCI, SSAE16, SOX, ISO, etc.
  • Strong understanding of internal control concepts and policies
  • Deep understanding of network devices and architecture, TCP/IP, network protocols, server operating systems, vulnerability scanning.

 

Knowledge and Skills:

  • Ability to analyze large data sets and unstructured data for the purpose of identifying trends and anomalies indicative of malicious activity, as well as demonstrated capability to learn and develop new techniques.
  • Strong knowledge of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current information security landscape
  • Ability to research, develop, and keep abreast of tools, techniques, and process improvements in support of security detection and analysis in accordance with current and emerging threat and attack vectors.
  • Ability to gather and respond to all audit and legal information requests.
  • Ability to take on additional tasks as defined by the Information Security Management Team, including taking part in the on call rotation.
  • Experience with Cisco network devices, firewalls, anti-virus, proxy systems, and intrusion detection systems.
  • Good scripting knowledge in perl, vbs, bash, power shell.
  • Knowledge of Windows, Linux/Unix, Vmware, IDS/IP, forensic discovery.
  • Excellent communications skills (verbal and written) are required.
  • Excellent problem solving skills and troubleshooting skills with a strong attention to detail.
  • Ability to interact with personnel at all levels across the organization and to comprehend business imperatives.

 

When you join Varian, you’re joining an organization with nearly $3 billion in annual revenue, and more than 6,500 team members across more than 30 countries. You’ll be backed by a culture that is centered on fostering your creative potential, and experience the full support of an organization and leadership committed to inspiring you to do your best work. You’ll also enjoy an array of benefits that give you security, including: 401K plan with a generous 6% match, employee stock purchase program, wellness programs and facilities, comprehensive insurance plans, flexible paid time off, and so much more.

You’re just one click away from the most impactful work you’ll ever do. Apply now. Someone, somewhere, will be glad you did.

Please click here to apply directly online >>>

http://jobs.brassring.com/1033/ASP/TG/cim_jobdetail.asp?partnerid=25044&siteid=5224&AReq=7803BR

 

EEO Policy: All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, national origin, protected veteran status, or on the basis of disability.