Opko Health
Systems Analyst
Opko Health, Miami, Florida, us, 33222
Company Overview:
OPKO Health is a multi-national and diversified life science corporation that owns and operates a set of businesses offering biopharmaceutical, genetic testing, laboratory diagnostics, medical device, contract manufacturing, animal, supplement and nutritional health products and services in 60 plus countries with 5,000 employees.External Description:The Systems Analyst will be a team player, dynamic and motivated with an understanding of cybersecurity risks, threats, vulnerabilities, and attack vectors. They will continuously assess the evolving threat landscape (malware, Advanced Persistent Threat, etc.) and new technologies, solutions and services to stay ahead of them, monitor security events via SIEM, perform vulnerability and incident response functions. Business acumen in healthcare and pharmaceutical industry, highly focused on business benefit, business writing capability along with the capability to work with all areas and levels are some of the essential non-technical parts of this position.Responsibilities:Participate in technical design reviews, integration, testing, and documentation.Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cyber security reports, and provide support to the operations staff for resolving cyber security issues.Assist in configuring Windows and Linux host-based security as well as network and cloud-based security systems.Support installation and configuration of network security architectures, including firewalls, switches , router ACLs, web content filters and DMZ.Applying security patches to Windows Server , Workstation , Linux ServerConduct application and vendor risk assessments following HIPAA, SOX, etc.Maintain, configure and run pen testing and vulnerability scanning.Perform root cause analysis on failed scans and security incidents.Monitor external vulnerabilities and interface with vendors to resolve identified vulnerabilities.Prepare Threat Profiles/Risk Assessments for vulnerabilities based on internal testing, CVE #, SANS, CIS, etc. as required. A write-up of a given vulnerability describing the technical details and severity of the issue in the context of business risks and benefits.Assess vulnerability assessment results, audit findings and configure cybersecurity tools for remediation and ongoing compliance.Document security reports and work with other IT teams for effective resolution.
Experience, Skills and Education:1 to 5 years experience.Must Have experience with Active Directory domains, groups, organizational units, security permissions and capabilities.Experience with as many of these as possible: (1) Microsoft WSUS (2) MS Exchange and Outlook security, (3) Mobile Device security (4) firewall, DMZ and router configurations, (5) Web services and application API security, (6) Linux configuration and security, (7) Database security configurations, (8) workstation and server security, (9) security patch management, (10) access controls, segregation of duties and conflict of interest, (11) user provisioning and controls.Networking experience with the TCP/IP stack, OSI model.Experience with Azure Security or Azure InfrastructureWorking knowledge of pen testing and vulnerability assessment tools, power shell, Java, .Net.Experience with HIPAA and SOX.Fast learner, quick thinker, multi-tasking with an excellent communication Skills oral as well as written, and ability to work independently, time pressured environment.Must be hungry to learn, plan and execute.CISSP, CISA or other security certification is a plus.Bachelors degree. Computer science or related area is a plus
OPKO Health is a multi-national and diversified life science corporation that owns and operates a set of businesses offering biopharmaceutical, genetic testing, laboratory diagnostics, medical device, contract manufacturing, animal, supplement and nutritional health products and services in 60 plus countries with 5,000 employees.External Description:The Systems Analyst will be a team player, dynamic and motivated with an understanding of cybersecurity risks, threats, vulnerabilities, and attack vectors. They will continuously assess the evolving threat landscape (malware, Advanced Persistent Threat, etc.) and new technologies, solutions and services to stay ahead of them, monitor security events via SIEM, perform vulnerability and incident response functions. Business acumen in healthcare and pharmaceutical industry, highly focused on business benefit, business writing capability along with the capability to work with all areas and levels are some of the essential non-technical parts of this position.Responsibilities:Participate in technical design reviews, integration, testing, and documentation.Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cyber security reports, and provide support to the operations staff for resolving cyber security issues.Assist in configuring Windows and Linux host-based security as well as network and cloud-based security systems.Support installation and configuration of network security architectures, including firewalls, switches , router ACLs, web content filters and DMZ.Applying security patches to Windows Server , Workstation , Linux ServerConduct application and vendor risk assessments following HIPAA, SOX, etc.Maintain, configure and run pen testing and vulnerability scanning.Perform root cause analysis on failed scans and security incidents.Monitor external vulnerabilities and interface with vendors to resolve identified vulnerabilities.Prepare Threat Profiles/Risk Assessments for vulnerabilities based on internal testing, CVE #, SANS, CIS, etc. as required. A write-up of a given vulnerability describing the technical details and severity of the issue in the context of business risks and benefits.Assess vulnerability assessment results, audit findings and configure cybersecurity tools for remediation and ongoing compliance.Document security reports and work with other IT teams for effective resolution.
Experience, Skills and Education:1 to 5 years experience.Must Have experience with Active Directory domains, groups, organizational units, security permissions and capabilities.Experience with as many of these as possible: (1) Microsoft WSUS (2) MS Exchange and Outlook security, (3) Mobile Device security (4) firewall, DMZ and router configurations, (5) Web services and application API security, (6) Linux configuration and security, (7) Database security configurations, (8) workstation and server security, (9) security patch management, (10) access controls, segregation of duties and conflict of interest, (11) user provisioning and controls.Networking experience with the TCP/IP stack, OSI model.Experience with Azure Security or Azure InfrastructureWorking knowledge of pen testing and vulnerability assessment tools, power shell, Java, .Net.Experience with HIPAA and SOX.Fast learner, quick thinker, multi-tasking with an excellent communication Skills oral as well as written, and ability to work independently, time pressured environment.Must be hungry to learn, plan and execute.CISSP, CISA or other security certification is a plus.Bachelors degree. Computer science or related area is a plus