Boston Scientific Cybersecurity Analyst III 

United States, Massachusetts, Marlborough 

716901103

Your responsibilities will include:

• Analyze security alerts and events from multiple sources, including Splunk, SIEM, EDR platforms, and user activity logs, to identify and mitigate threats in real-time.
• Detect, investigate, and respond to cybersecurity incidents across enterprise systems using EDR, SIEM, and SOAR tools.
• Conduct investigations into insider threat activities, utilizing behavioral analytics, data loss prevention (DLP) tools, and other monitoring solutions to detect anomalies and assess risks.
• Conduct endpoint and network forensic investigations to determine the root cause, impact, and remediation steps for cybersecurity incidents.
• Document and report findings from security incidents, insider threat investigations, and threat intelligence to key stakeholders, including technical and executive summaries.
• Work closely with other cybersecurity teams, HR, legal, and business units to manage insider threat investigations and overall security posture.
• Utilize threat intelligence feeds and platforms to identify potential risks, correlate data with incidents, and provide actionable insights.
• Proactively hunt for threats within the environment by analyzing logs, traffic, anomalous activity, and user behavior patterns.
• Leverage Security Orchestration, Automation, and Response (SOAR) platforms to automate workflows, improve incident response times, and reduce manual effort.
• Assist in developing and refining incident response playbooks, SOAR automation workflows, and insider threat response procedures.

Required qualifications:

• 3+ years of experience in cybersecurity, with a strong emphasis on incident response
• Technical Expertise: Proficiency with EDR tools and Splunk for log analysis and event correlation.
• SIEM Proficiency: Hands-on experience with a SIEM solution for alerting, monitoring, and investigative analysis.
• Incident Response: Demonstrated ability to manage and respond to complex cybersecurity incidents.
• Networking: Strong understanding of TCP/IP, firewalls, VPNs, IDS/IPS, and common attack vectors.
• Malware Analysis: Basic understanding of malware behavior and analysis techniques.
• Communication Skills: Ability to translate technical findings into business-relevant recommendations.

Preferred qualifications:

• Certifications such as GCIH, GCIA, GCTI, GCFE/A, CEH, or equivalent are preferred but not required.
• The ability to perform thorough investigative analysis of potentially compromised assets in a forensically sound manner.
• Basic understanding of cloud & container security architecture
• Familiarity with investigative analysis and incident response, as they pertain to cloud environments
• Hands-on experience with SOAR tools to automate incident response processes.
• Experience working with threat intelligence platforms and feeds.
• Experience in threat hunting methodologies.
• Knowledge of scripting (Python, PowerShell) for automation and analysis.
• Familiarity with MITRE ATT&CK and other threat models.
• Familiar with DLP toolsets and best practices, from an Incident Response perspective
• Strong analytical and critical thinking skills.
• Excellent communication skills, capable of conveying complex security topics to technical and non-technical audiences.
• Ability to work both independently and as part of a team in high-pressure situations.
• A growth mindset oriented towards positivity, personal accountability, and excellence
  

Compensation fornon-exempt (hourly), non-sales rolesmay also include variable compensation from time to time (e.g., any overtime and shift differential) and annual bonus target (subject to plan eligibility and other requirements).

Compensation forexempt, non-sales rolesmay also include variable compensation, i.e., annual bonus target and long-term incentives (subject to plan eligibility and other requirements).

For MA positions:It is unlawful to require or administer a lie detector test for employment. Violators are subject to criminal penalties and civil liability.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status. Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment. Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements. As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.