About UFP Technologies:
UFP Technologies is an innovative designer and custom manufacturer of components, subassemblies, products, and packaging primarily for the medical market. Utilizing highly specialized foams, films and plastics, UFP converts raw materials through laminating, molding, radio frequency welding, and fabricating techniques. The Company is diversified by also providing highly engineered solutions to customers in the aerospace & defense, automotive, consumer, electronics and industrial markets.
UFP Technologies offers a competitive benefits package, including but not limited to medical, dental, vision, life, disability, 401K with a matching contribution, paid time off, paid holidays, employee discounts and much more!
The Cyber Security Analyst / Information Security Analyst is responsible for assisting with the day-to-day operations of securing the firm’s various information systems. The Cyber Security Analyst / Information Security Analyst is tasked with providing technical expertise in all areas of network, system, and application security. The Cyber Security Analyst / Information Security Analyst works closely with the various team members in the Information Technology department to ensure that systems and networks are always designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls. The Cyber Security Analyst / Information Security Analyst leads the firm's vulnerability management program, manages the annual cybersecurity assessments and penetration tests, and researches and reports on emerging threats to help the firm take pre-emptive risk mitigation steps. The Cyber Security Analyst / Information Security Analyst effectively correlates and analyzes security events within UFP’s systems environment to proactively detect threats and mitigate attacks before they occur.
Location: This position is based on-site in Newburyport, MA. The position holder will need to be within commuting distance (within 45 min). We are not offering relocation assistance at this time. The position will be on-site full time to train with potential to work from home part-time.
Essential Duties and Responsibilities:
- Studies evolving threats and other industry developments related to cyber security.
- Researches / evaluates emerging cyber security threats and ways to manage them.
- Plans for disaster recovery and creates contingency plans in the event of any security breaches.
- Monitors for attacks, intrusions and unusual, unauthorized or illegal activity.
- Tests and evaluates security products.
- Designs new security systems or upgrades existing ones.
- Uses advanced analytic tools to determine emerging threat patterns and vulnerabilities.
- Runs internal security scans, coordinates mitigation and tracks results.
- Investigates security alerts and is a part of the incident response team.
- Monitors identity and access management, including monitoring for abuse of permissions by authorized system users.
- Liaises with stakeholders in relation to cyber security issues and provides future recommendations.
- Generates reports for both technical and non-technical staff and stakeholders.
- Maintains an information security risk register and assists with internal and external audits relating to information security.
- Creates and conducts employee training programs related to cyber security.
- Monitors and mitigates 'phishing' emails and 'pharming' activity including conducting employee training and re-training.
- Assists with the creation, maintenance and delivery of cyber security awareness training for colleagues.
- Coordinates the creation and maintenance of cyber security policies and standards.
- Responds and manages helpdesk tickets related to cyber security.
- Coordinates projects related to cyber security such as CMMC certification.
- Bachelors in Cyber Security or related discipline.
- Hands-on experience.
- 2+ years of systems administration in an active directory environment.
- 2+ years of cyber security experience.
- Security+ certification.
- Experience / familiarity with the following :
- IT Security Frameworks (NIST, GDPR, PCI, ISO 27001, CMMC, etc.)
- IT Security Tools (Nessus, Kali Linux, Metaspolit, Wireshark, etc.)
- Azure / Office 365
- Endpoint, server and network malware detection
- SQL Server
- ERP systems
- Scripting language (Powershell, Python, etc.)
Please apply here.
UFP Technologies, Inc. is an Equal Opportunity/Affirmative Action employer Minorities/Women/Veterans/Disabled.