Information Security Analyst

Medpace is one of the leading Clinical Research Organizations companies in Healthcare. We are hiring a full-time talented Information Security Engineer who is technical, dedicated to learning new things, security-minded, strong initiative, and able to manage projects autonomously. The Information Security team defends the company’s digital infrastructure by designing, implementing, and improving the company’s cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. If you’re excited to be part of a fast-growing winning team, then Medpace is a great place to grow your career.

• Engineer security solutions without oversight while collaborating with multiple internal departments and vendors;
• Analyze security systems and seek continuous improvements;
• Research vulnerabilities, perform vulnerability scanning and alleviate threats;
• Mature security best practices and policies internal to the organization;
• Develop new processes while cross-training coworkers and assisting employees on security-related matters;
• Provide security awareness training and testing for employees to verify proper security protocols are being adhered to;
• Performing cyber security incident triage, reviewing logs, and performing remediation activities; and
• Review and reduce inappropriate/overprovisioned access to drive least privileged access.

• • • Minimum of bachelor's degree, preferably in Information Technology;
    • Prior Internship/co-op experience within Information Security;
    • Understanding of security best practices and how to implement them at a business-wide level;
    • Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following:
      • SIEM
      • Privileged Access Management/Identity Access
      • Endpoint Detection & Response
      • Cloud based architecture such as Azure/AWS
      • Active Directory
    • Soft skills including exceptional communication skills, and analytical thinking with the ability to solve complications;
    • The ability to prioritize projects; and
    • Fundamental scripting skills, such as PowerShell/Python.

Nice to have:

• Experience with vulnerability assessment tools such as Nessus and Tenable;
• Experience with enterprise web proxy solutions, web filters, and VPN such as Zscaler;
• Experience with governing Windows environment including GPO;
• Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPPA, and/or SOC2; and
• Auditing and policy-writing experience.