Manager, IT Security Analyst

Job Description Summary:

The Manager, IT Security Analyst is responsible for maintaining the confidentiality, integrity, and availability of data and systems within PTC
The Manager, IT Security Analyst safeguard systems by monitoring Intrusion Detection, firewalls, anti-virus systems and other security components to detect breaches and other cybersecurity incidents.

The Manager, IT Security Analyst assists in the implementation of security controls, creation of security policies, vendor risk management, cyber security awareness, monitoring and responding to security events, data security, data classification, and compliance.

The role leverages a high level of technical expertise in multiple disciplines within Infrastructure and Information Security such as assessing threats, Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension with Metasploit and Nessus. He/she will also leverage his/her knowledge of Networking, Identity and Access Management (IAM), Lightweight Directory Access Protocol (LDAP) servers, Microsoft Azure, Oracle Cloud (OCI), Amazon Web Services (AWS) and Databases to develop solutions and mentor other staff and teams.

The incumbent works cross-functionally with internal departments and external resources on security and system architecture-related issues.

The Manager, IT Security Analyst ensures adherence to relevant regulatory requirements and company Standard Operating Procedures (SOPs) as appropriate

Job Description:

ESSENTIAL FUNCTIONS

Primary duties/responsibilities:

• Safeguard systems by monitoring Intrusion Detection, firewalls, anti-virus systems and other security components to detect breaches and other cybersecurity incidents
• Review, analyze, respond to, and report on violations/alerts
• Responsible for the tracking and monitoring of software viruses
• Plan, implement, and upgrade security measures and controls
• Fix detected vulnerabilities to maintain a high-security standard
• Perform security awareness training
• Assists in the development and implementation of security policies and procedures
• Provides direct support to the business and IT staff for security related issues.
• Enforce security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls.
• Keeps abreast of application security trends and the emerging threat landscape and actively engages with vendors, understanding architecture roadmaps, technology direction, and investment to improve security capabilities and deliver cost effective solutions.
• Reviews current system security measures, recommends and implements enhancements
• Conducts regular system tests and ensuring continuous monitoring of network security
• Ensures all personnel have access to the IT system limited by need and role
• Establishes disaster recovery procedures and conducts breach of security drills
• Develops and produces high quality documentation for strategic security architecture vision, including blueprints, standards and frameworks that are aligned with overall business strategy.
• Strategy, planning, and operational excellence through continuous improvement and automation.
• Manages service levels, control effectiveness, control failure remediation, operational automation and oversight of information security team.
• Performs initial and periodic information security risk assessment/analysis, mitigation and remediation.
• Assists in the development and knowledge transfer to IT team members, as well as other enterprise groups.
• Performs other tasks and assignments as needed and specified by management.  

KNOWLEDGE/SKILLS/ABILITIES REQUIRED

* Minimum level of education and years of relevant work experience.

• A Bachelor's degree in Computer Science, Information Systems or other related field and a minimum of 5 years of information security experience, preferably in a pharmaceutical, biotechnology or other regulated environment OR equivalent experience and/or education.

* Special knowledge or skills needed and/or licenses or certificates required.

• 5+ years of security analysis, design and service development.
• Advanced knowledge of infrastructure security assessments.
• Familiar with environmental pen testing and performing reviews of infrastructure for security vulnerabilities and threat modeling.
• Relevant experience designing, implementing, and supporting large scale solutions.
• Experience with drafting of standard, reference architecture, policies, procedures and implementation guidelines.
• Demonstrable, impeccable writing skills for technical, management, and executive audiences.
• Demonstrable communication capabilities including oral presentation and ability to present in front of executive leadership.
• Demonstrable experience coordinating multiple concurrent issues, in high‐pressure situations.
• High degree of understanding with Cryptographic Services.
• Experience with cloud solution environments such as Microsoft Azure, Oracle Cloud (OCI), and Amazon Web Services (AWS).
• One or more of the following certifications a plus: CISSP, CISM.
• Proficiency with Microsoft Office Suite.
• Excellent verbal and written communication and skills.
• Ability to work independently and collaboratively, as required, in a fast-paced, matrixed, team environment consisting of internal and external team members.
• Analytical thinker with excellent problem-solving skills and the ability to adapt to changing priorities and deadlines. 
• Excellent planning, organization and time management skills including the ability to support and prioritize multiple projects. 

* Travel requirements

• Up to 10% travel
• Office based position

#Li-NM1

EEO Statement:

PTC Therapeutics is an equal opportunity employer. We welcome applications from all individuals, regardless of race, color, national origin, gender, age, physical characteristics, social origin, disability, religion, family status, pregnancy, sexual orientation, gender identity, gender expression, disability, veteran status or any unlawful criterion under applicable law. We are committed to treating all applicants fairly and avoiding discrimination.

Click here to return to the careers page