• Information Security Analyst III

    Universal Instruments Corporation (Conklin, NY)


    Information Security Analyst III

     

    Universal Instruments is a global leader in the design and manufacture of advanced automation assembly equipment. Our solutions are used to build some of today's most advanced electronic products. Universal Instruments is a cost effective enabler of the fast-moving electronics industry road map. From cell phones, tablets or advanced computing platforms, 5G infrastructure, internet of things, cloud computing and storage as well as wearable’s, sensors, MEMS, industrial, automotive, military and medical applications, our innovative solutions play an integral role in driving the future of technology!

    Summary:

    This role will be responsible for addressing customer compliance inquiries, ensuring adherence to corporate information security policies, and leading incident response notifications in collaboration with the Security Operations Center (SOC) team.

    Principle Accountabilities (Functional):

    Customer Compliance Support

     

    + Respond to and resolve customer inquiries regarding information security compliance.

    + Provide relevant documentation and reports to meet compliance standards such as ISO 27001, NIST, or other relevant industry standards.

    + Regularly review and update compliance documents to ensure accuracy and relevance.

     

    Policy Enforcement

     

    + Ensure information security policies and procedures comply with regulatory requirements and industry standards.

    + Collaborate cross-functionally to promote understanding and implementation of security policies.

    + Participate in periodic security audits and follow up on corrective actions.

     

    Incident Management and Notification

     

    + Work closely with the SOC team to lead incident response notifications and actions.

    + Analyze root causes of security incidents, develop remediation plans, and implement measures to prevent recurrence.

    + Prepare detailed incident reports, including technical analysis, impact assessment, and mitigation.

     

    Training and Awareness

     

    + Conduct information security awareness training for employees to promote a security-conscious culture.

    + Act as an internal security advisor to guide other departments on security-related matters.

     

    Security Architecture & Design

     

    + Lead the design, implementation, and maintenance of secure network architectures

     

    Vulnerability Management

     

    + Lead vulnerability scanning and remediation efforts.

    + Conduct penetration testing to identify weaknesses in the system and applications.

     

    Security Monitoring & Risk Management

     

    + Oversee and fine-tune security monitoring tools and SIEM (Security Information and Event Management) systems for proactive detection of suspicious activities.

    Minimum Requirements:

    + BS degree in Information Security, Computer Science or related field.

    + 5+ years of experience working in the IT Security arena

    + CompTIA Security+ certification is preferred

    + CISSP and/or CISM certifications are a plus

    + Strong knowledge of information security standards and compliance (e.g., ISO 27001, NIST, GDPR, CMMC).

    + Information security risk assessment, audit, and analysis experience.

    + General knowledge of IT systems, databases, operating systems, networks.

    + Hands-on experience with vulnerability assessment tools and techniques (e.g., Nessus, OpenVAS, Nexpose).

    + Proficiency with security monitoring tools. (e.g., SIEM platforms like Splunk, QRadar, or ArcSight).

    + Experience in incident response, digital forensics, and malware analysis.

    Responsibility for Quality Procedures or Direct Product Quality:

    + Adheres to Universal Quality System policies and procedures and uses Total Cycle Time principles and standard problem solving tools to continuously improve work processes.

    Physical Demands:

    + Clear communication with colleagues, and in giving presentations.

    + Willingness to travel to customer sites or technical conferences may occasionally be required (<5%).

     

    This position requires use of information which is subject to the International Traffic in Arms Regulations (ITAR). All applicants must be U.S. persons within the meaning of ITAR. ITAR defines a U.S. person as a U.S. Citizen, U.S. Permanent Resident (i.e. "Green Card Holder"), Political Asylee, or Refugee.

     

    Universal Instruments is an EOE/M/F/Vet/Disabled employer.

     

    Target Annual Base Pay Rate: $100,000 - $115,000 + Robust Benefits