Cyber Security Analyst-- GOEDC

The role will be part Biomedical’s Digital Department, supporting the organization by identifying and delivering operational improvements using (new) technology and data. This in the context of our niche and highly regulated quality and operational environment.

In the role, you are a subject matter expert for GXP guidelines and corporate cybersecurity requirements for operations technologies (CSOT) and R&D technologies (CSRD). You will partner with the functional stakeholders to ensure understanding and ownership of their roles to uphold cybersecurity standards and mitigate risk.

• Verify, record, and correct account access on digital assets
• Update digital asset management inventories based on investigation results
• Engage with the business to define digital asset requirements
• Facilitate or participate in impact assessments for OT, IT, and R&D digital assets and solutions
• Develop plans and execute on the following:
• Assessing site(s) antivirus installation for digital assets or recording justifications after collaborating with area/system owners
• Install antivirus, pending Window patches, or OS security updates as needed; develop process for routine management
• Implement secure network practices by replacing insecure protocols, disabling or securing vulnerable services (Telnet, VNC), and managing Wi‑Fi security in compliance with change management processes
• Establish and maintain OT cybersecurity governance by developing a RASCI matrix, assigning event notification responsibilities, and ensuring VLAN cleanup
• Manage and reconcile IT/OT asset inventories and CSOT network diagrams, ensuring accuracy, completeness, and timely updates for system changes or decommissioning
• Implement formal processes for asset lifecycle communication and conduct periodic reviews to maintain integrity of all Systems Under Consideration (SUC)

• You are responsible for maintaining and contributing to the cybersecurity program ensuring that it aligns with corporate and regulatory requirements, defining procedures for cybersecurity, and driving decisions around the direction of the company on the subject matter.
• Assist QA management in response to Customer or Regulated Body Audits in all findings related to software security.
• Contributes to the assessment of requirements and documentation of software solutions
• Act as an individual contributor and trusted advisor to functional stakeholders in matters related to cybersecurity
• Advise in application development and acquisitions to assess security requirements and controls; ensures security controls are implemented and periodically monitored.
• Collaborate with corporate cybersecurity leadership to keep abreast of changing standards or new/emerging cybersecurity risks or threats.
• Manage the cybersecurity aspects related to the change control of technology within Biomedical

• AA/AS Degree in Cybersecurity, Systems Engineering, Controls Engineering, or Computer Science;
  Preferred minimum of 5 years of experience in related field
• Engineering or Cybersecurity related experience within an FDA-Regulated, Medical Device, Pharmaceutical, Biotech, or other regulated industry
• Solid understanding of cybersecurity protection best practices and methods
• Certifications in cybersecurity methods and standards such as CompTIA Security+ or Risk and Information Systems Control (CRISC) preferred.
• Knowledge of computer system validation is a plus.

• Deep understanding of risk-management
• Understanding of industry accepted software life cycle programs and relevant IT/OT and cybersecurity controls
• Fluid collaboration skills across business, digital, and external vendors
• Very good knowledge of IT/OT systems, preferably in a Medical Manufacturing, Pharmaceutical, or Engineering Environment
• Demonstrated ability to evaluate, develop and implement procedures following Change Control practices
• Experience with ISO 9001, ISO 13485, and 21 CFR parts 11, 211, and 820 is a plus
• Familiarity with emerging trends like Cloud Computing, Software Assurance and Data Analytics is a plus
• Well-developed interpersonal and teamwork skills to communicate and resolve cybersecurity issues with all departments in a global, multicultural, and virtual context
• Demonstrated ability to multi-task resulting in positive outcomes for each task assigned
• Proven experience with business process analysis