Innovation starts from the heart. At Edwards Lifesciences, we’re dedicated to developing ground-breaking technologies with a genuine impact on patients’ lives. At the core of this commitment is our investment in cutting-edge information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success. As part of our IT team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions.

As an IR Analyst for Information Security at Edwards, you will contribute with protecting Edwards organization, applications and products by monitoring, hunting, and responding to security threats. Ideal candidates posses knowledge in information security incident response, analytical thinking and the ability to self-learn. This role is a vital part of our 24x7 Incident Detection and Response team to help protect Edwards.

How will you make an impact:

• Serve as key first tier (level 1 analyst) on-call resource for security escalations based on shifts schedule

• Perform complexed investigations and phishing analysis as a part of Edwards active security monitoring and threat hunting operations within SLAs

• Drive response and remediation actions to protect against security threats in Edwards environments and products

• Support data ingestion tuning and data correlation operations

• Drive improvements of our Detection Engineering operations by providing tuning recommendations and baselining detection use cases

• Work closely with the Detection Response and Automation team to provide valuable feedback to improve our Incident Response processes

• Staying informed on the evolving cybersecurity threat landscape to drive innovative investigations and improvements to drive Edwards’ security posture

• As needed, participate in CIRT team efforts

What you'll need (Required):

• Bachelor's Degree in related field with 2 years of previous related experience, or equivalent work experience based on Edwards criteria

What else we look for (Preferred):

• Participation in information security incident handling efforts

• Provide and build detailed investigation summary including documentation and recommended action items

• Experience with SIEM solutions (Google SecOps, Splunk, Qradar etc)

• Experience with SOAR platforms operations (Torq, PaloAlto XSOAR etc)

• Certifications in related discipline preferred (e.g., CEH, CISM, CISSP)

• Expert of security IR concepts, data tuning, SIEM, log sources and security frameworks (e.g. MITRE)

• Knowledge of common attack vectors and methods

• Knowledge of cloud security concepts

• Scripting experience

• Moderate understanding of troubleshooting techniques with the ability to adapt and learn new technologies

• Proficient analytical and problem-solving abilities to identify and mitigate potential security risks

• Good organization and time management skills

• Good verbal and written communication skills and customer focused skills