Security Analyst II

GROW WITH US:

Tandem Diabetes Care creates new possibilities for people living with diabetes, their loved ones, and their healthcare providers through a positively different experience. We’d love for you to team up with us to “innovate every day,” put “people first,” and take a “no-shortcuts” approach that has propelled us to become a leader in the diabetes technology industry.

STAY AWESOME:

Tandem Diabetes Care is proud to manufacture and sell the t:slim X2 insulin pump with Control-IQ technology. We’re also so much more than that. Our company’s human-centered approach to design, development, and support delivers innovative products and services for people who use insulin. Since many of our own team members live with type 1 diabetes, or have a loved one impacted by diabetes, the work is personal, and we are committed to the cause. Learn more at tandemdiabetes.com.

A DAY IN THE LIFE:

The Security Analyst II plays a crucial role in protecting Tandem's digital assets from internal and external cyber threats. This position involves leading incident response initiatives, developing and fine-tuning security detection controls, and ensuring the confidentiality, integrity, and availability of our data. The ideal candidate will have a strong background in cybersecurity, with a proven track record in security analysis, incident response, and security detection engineering.

• Acting as a lead analyst in developing processes to proactively monitor, detect, and respond to security threats, including the ongoing refinement and enhancements of security controls and configurations for security monitoring systems.
• Monitor information security systems, alerts and indicators of compromise used to protect the network from attacks and identify compromised systems
• Work proactively to identify, develop, and implement incident response processes and procedures to mitigate security risks.
• Work with a Managed Detection and Response (MDR) vendor to respond to escalated security incidents.
• Provide level 1 and level 2 security incident support, analyze incidents, conduct investigations and determine proper remediation and response actions.
• Identifies, advises, and contributes to system and alert tuning to ensure security related events are properly prioritized and addressed.
• Contributes to the execution activities in the areas of incident response, risk identification, analysis, classification, and mitigation strategies.
• Assists in the ongoing development and enhancement of the incident response plan and associated incident response playbooks.
• Keeps abreast of security industry advancements and incorporates that knowledge into daily work activities.
• Utilize security tools, endpoint detection systems, Security Information and Event Management (SIEM), vulnerability management, email security platforms and response technologies to analyze and respond to potential security threats.
• Collaborate with the security engineering team to design, implement and enhance robust security controls and solutions.
• Contribute to the continuous improvement of security posture by integrating latest cybersecurity technologies and practices.
• Assist in conducting risk assessments, compliance audits, and security reviews in accordance with healthcare industry standards and regulations (e.g., HIPAA, HITECH).
• Work closely with IT, engineering, and other departments to ensure security measures are integrated into all facets of the technology environment.
• Research security enhancements and make recommendations to management, including development of reports and analysis of trends/metrics.
• Ensures work is performed in compliance with company policies including Privacy/HIPAA and other regulatory, legal, and safety requirements.
• Research and stay abreast of emerging technologies, new vulnerabilities and exploits that may compromise internal systems.
• Contribute to the evaluation, testing and implementation of new security systems and processes.
• Required to perform duties outside of normal work hours based on business needs.
• Other duties as assigned.

YOU’RE AWESOME AT:

• B.S. degree in Computer Science, Information Security, or related field or equivalent combination of education and applicable job experience.
• 3+ years in information security experience
• 1+ years of consecutive hands-on experience working in a SOC environment, utilizing industry leading network security monitoring technologies, application, web, database and Security Event and Information Management (SIEM), IDS/IPS, EDR endpoint, email security gateways and DLP technologies
• 3+ years in an IT or technology role outside of the cybersecurity field.
• In-depth understanding of cybersecurity fundamentals, including risk management, security protocols, and incident response frameworks.
• Familiarity with healthcare regulations and standards related to data privacy and security, such as HIPAA, HITECH, and GDPR (if applicable), and their implications on cybersecurity strategies.
• Comprehensive knowledge of incident response processes and procedures, including identification, analysis, containment, eradication, and post-incident recovery.
• Expertise in the use of security information and event management (SIEM) systems, intrusion detection and prevention systems (IDPS), firewall technologies, endpoint detection and response (EDR) solutions, vulnerability management and other cybersecurity tools.
• Must have hands-on knowledge of UNIX/AIX, Microsoft Windows Servers and Workstations, knowledge of Firewalls, WANs, LANs, the Internet, Intranets, network protocols and network services (i.e., telnet, ftp, etc.), Intrusion detection systems, Virtual Private Network (VPN), two factor authentication systems.
• Familiar working in a Security Operations Center (SOC) environment, using and analyzing alerts from various systems such as SIEM, Cloud Services, Email Security Gateways, Endpoint Security.
• Understanding of threat intelligence platforms and the ability to leverage threat intelligence to enhance security posture and incident response capabilities.
• Ability to analyze complex data from various sources to identify trends, patterns, and indicators of compromise.
• Proficient in configuring and using cybersecurity tools and technologies.
• Strong written and verbal communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
• Excellent problem-solving abilities to quickly address security incidents and vulnerabilities with effective solutions.
• Willingness and ability to stay updated with the latest cybersecurity trends, threats, and technologies.
• Ability to work collaboratively with IT, engineering, and other departments to integrate security measures across the organization.

EXTRA AWESOME:

• One or more of the following certifications preferred: CISSP, GSEC or relevant SANS GIAC Certs, CompTIA Security+, CEH.

WHAT’S IN IT FOR YOU?

In addition to innovative technology, we have a culture that fosters the idea that the happiest people are the most productive people. Not only do we hire forward-thinking achievers to join our workforce; we reward, develop, and retain them too. Just one of the many reasons of how we #StayAwesome! To learn more about our culture and benefits please visit https://www.tandemdiabetes.com/careers.

BE YOU, WITH US!

Tandem is firmly committed to being an equal opportunity employer and maintaining a diverse and inclusive environment. We value and embrace that every single one of us brings value to the table. But sometimes we forget that when we don’t meet 100% of a job description’s criteria – maybe you’re feeling that way right now? We encourage you to apply anyway. Because we want you to be you, with us.

COMPENSATION & BENEFITS:

The starting base pay range for this position is $88K - $105K annually. Base pay will vary based on job-related knowledge, skills, experience and may also fluctuate depending on candidate’s location and the overall job market. In addition to base pay, Tandem offers a competitive compensation package that includes bonus, equity, and a robust benefits package.

Tandem offers health care benefits such as medical, dental, vision, health savings accounts and flexible saving accounts.  You’ll also receive 11 paid holidays per year, a minimum of 20 days of paid time off (starting in year 1) and have access to a 401k plan with company match.  Learn more about Tandem’s benefits here!

YOU SHOULD KNOW:

Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable state and local Fair Chance laws and regulations. A conditional offer of employment from Tandem is contingent upon successful completion of a thorough screening process comprised of a drug test (excluding Marijuana) and background check, which includes a review of criminal history information.

Tandem has good cause to conduct a review of criminal history information of candidates for this position, as this role may involve access to proprietary, sensitive and/or confidential information, including customer protected health information. This review is required to ensure that individuals in such roles uphold high standards of trust and integrity so as to protect the interests of our customers, employees, and stakeholders.

REFERRALS:

We love a good referral! If you know someone that would be a great fit for this position, please share!

If you are applying for this job and live in California, please read Tandem’s CCPA Notice: https://www.tandemdiabetes.com/careers/california-consumer-privacy-act-notice-for-job-applicants.

APPLICATION DEADLINE:

The position will be posted until a final candidate is selected for the requisition or the requisition has a sufficient number of applications.

#LI-Remote #LI-KL1

SPONSORSHIP:

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.