Cybersecurity Analyst

We are currently seeking an Cybersecurity Analyst to join our team. This individual will manage and participate in the design and development of security measures for software applications and hardware devices while collaborating with cross-functional teams, including Research & Development, Quality and Regulatory affairs. The individual will integrate security measures into the NeuroPace design and development processes.

Key Responsibilities

• Security Solution Development:
• Participate in the design and develop security measures for software applications and hardware devices.
• Assist with the security by design principles for enhancements and development of NeuroPace products.
• Collaborate with cross-functional teams, including Research & Development, Quality and Regulatory affairs to integrate security measures into the design and development processes.
• Works with the IT Operations, and the Research & Development teams to help cybersecurity strategy for enterprise security architecture and the implementation of appropriate safeguards and controls.
• Integrate security tools and frameworks into the development lifecycle.
• Security Monitoring:
• Regularly monitor official CVE databases and Microsoft security advisories for new vulnerabilities related to Windows operating systems.
• Analyze CVE reports to assess the severity and potential impact on the organization's IT infrastructure.
• Prioritize CVEs based on risk, exposure, and relevance to the organization's environment.
• Coordinate with IT and Research & Development teams to schedule and deploy Windows updates and patches that address identified CVEs.
• Ensure timely application of security patches to mitigate vulnerabilities in the Windows ecosystem.
• Maintain detailed records of identified CVEs, remediation actions, and patch deployment activities. 
• Threat Analysis & Mitigation:
• Perform regular security assessments and vulnerability testing.
• Assist with comprehensive threat modeling and cybersecurity risk assessment for medical devices in alignment with FDA guidelines and best practices.
• Identify and recommend remediations for security vulnerabilities in systems and applications.
• Performs risk assessments of internal and external applications/solutions to determine their adherence to security controls, NeuroPace’s policies, standards and industry best practices, and maintain ongoing safeguards and controls.
• Stay updated with the latest security threats and develop strategies to counteract them.
• Incident Response:
• Monitor security alerts with AWS Security Hub and other software, conduct thorough investigations, and respond to alerts in a timely manner.
• Conduct root cause analysis of security incidents and provide comprehensive reports.
• Develop and maintain incident response plans and procedures.
• Collaboration & Training:
• Work closely with IT, development teams, and other stakeholders to ensure security best practices are followed.
• Provide training and guidance on security protocols and procedures.
• Assist in the development of security policies and compliance initiatives.
• Support the advancement of NeuroPace’s Cybersecurity program to ensure consistent detection, analysis, response, and monitoring of cybersecurity threats.
• Documentation & Reporting:
• Maintain detailed documentation of security measures, incidents, and solutions.
• Generate regular reports on security status, vulnerabilities, and remediation efforts.

Requirements

• Education:
• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.
• Experience:
• Minimum of 2-4 years of experience in information security or related field.
• Knowledge of security tools and platforms (AWS Security Hub, Microsoft Purview).
• Proven experience with security tools and technologies (e.g., IDS/IPS, SIEM).
• Understanding of information security regulatory requirements (e.g., HIPAA, FDA, CISA)
• Skills:
• Strong understanding of encryption methods, authentication, and access control.
• Experience with cloud security solutions (e.g., AWS, Azure).
• Familiarity with security frameworks (e.g., NIST, ISO 27001).
• Understanding of security certifications (e.g., HITRUST, SOC 2).
• Excellent analytical and problem-solving abilities.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.