Information Security Analyst

Information Security Analyst Job Classification: Full-time/Exempt Department: Information Technology Reports To: Cybersecurity Director Location: Audubon, PA About Us: At Client, we move with a sense of urgency to deliver innovations that improve the quality of life of patients with musculoskeletal disorders. Our team is inspired by the needs of these patients, and the surgeons and healthcare providers who treat them. We embrace a culture of exceptional response by partnering with researchers and educators to transform clinical insights into tangible solutions. Our solutions improve the techniques and outcomes of surgery so patients can resume their lives as quickly as possible. Position Summary: We are seeking an Information Security Engineer with solid hands-on experience supporting enterprise security operations, improving security tooling, and strengthening our cloud and on-prem environments. This mid-level role focuses on implementing security controls, responding to security events, and supporting ongoing improvements across identity, infrastructure, and endpoint security. The ideal candidate is curious, adaptable, and comfortable owning technical tasks while contributing to broader cybersecurity initiatives Essential Functions: Implement and maintain security controls across cloud and on-prem infrastructure. Monitor SIEM and endpoint security tools; investigate alerts and assist in incident response. Support vulnerability management activities, including scanning, triage, tracking, and assisting IT teams with remediation. Develop and maintain basic automation scripts and documentation to improve repeatability and efficiency. Collaborate with Infrastructure, Network, DevOps, and IT teams to ensure secure configurations and adherence to best practices. Participate in security assessments, patching cycles, and configuration reviews. Help evaluate security tools and support integration efforts under senior team guidance. Support compliance and audit preparation for standards such as ISO 27001, NIST, and SOC Contribute to reporting on risk trends, metrics, and overall security posture. Qualifications: Education: Bachelor's degree in computer science, Information Security, or related field. Industry certifications such as Security+, Microsoft Security certifications, or GIAC associate-level certs are a plus Technical Skills: Experience with SIEM, EDR, vulnerability management, and security monitoring tools. Working knowledge of cloud security concepts (Azure, AWS, or GCP). Scripting familiarity (PowerShell, Python, Bash) for basic automation and tool integration. Understanding of identity and access security, zero-trust principles, and secure configuration management Competencies: Action Oriented: Tackles challenges with energy; takes quick, decisive action and seizes opportunities. Problem Solving: Applies strong analytical skills to proactively identify and resolve issues. Approachability: Builds rapport easily; listens well, puts others at ease, and addresses concerns early. Composure: Stays calm under pressure, handles stress effectively, and remains steady during crises. Technical Learning: Quickly learns emerging technologies and independently develops new skills through strong internal drive.