IT Security Operations Analyst

Cognex is the largest, most successful and recognized global player in industrial machine vision! We are a financially strong, international company with no debt and have been in business for over 40 years. Using advanced optics, image sensors and artificial intelligence software Cognex vision and ID systems capture an image then analyze it to make sense of what's being seen. We are deeply committed to fostering an inclusive and equitable work environment, guided by our "Work Hard, Play Hard, Move Fast" culture, which celebrates employee innovation, determination, and dedication in a dynamic, fun, and distinctive atmosphere.

The Team: Information Security Operations, part of the IT Organization

The Information Security Operations Analyst is an integral member of the Information Security Operations Team (InfoSecOps) who are responsible for Incident Response, Security Information & Event Management, Threat & Vulnerability Management, Security Awareness & Training, and all of the associated security tools, systems and services that support these functions.

The Role

Your primary mission as an InfoSecOps Analyst, is to investigate and resolve security events and incidents within our environment. In addition to alert based incidents, you will be responsible to investigate and resolve Cognoid initiated inquiries and incidents that originate from end-users and functions from around the world. A very important part of your role, is your evaluation of incidents for impacts and risks to Cognex and to drive Cognex's Incident Response process commensurate with those impacts and risks.

InfoSecOps Analysts participate in a 24x7x365 monitoring and incident response process that includes Cognex's IT Global Operations Team around the world and a Managed Detection & Response service, that together provide our first line support and response.

As an InfoSecOps Analyst you will participate in all SecOps functions, leveraging a broad range of state of the art security and IT tools, products and services, with accountability for Key Performance Indicators (KPIs). You will also be designated a "Champion" for a specific SecOps functions with responsibility to serve as the Subject Matter Expert (SME) for that function, to manage the tools and vendors supporting that function, and to improve Cognex's capabilities and maturity in that function.

To be successful in this position, the candidate must be able to work independently and in project teams. The candidate will support multiple security-related platforms and technologies, interfacing with others within the IT organization, as well as other internal business units, external customers and partners. This role must display an in-depth understanding of new trends and technologies related to IT security and will contribute to the company's IT security strategy and roadmap. In addition, this role requires strong customer focus, with the ability to manage expectations appropriately, provide a superior customer experience and build long-term relationships.

This position is based in Natick, MA corporate HQ on a hybrid basis - 3 days in the office and 2 remote

Essential Functions

• Address security incidents, resolving or escalating as needed with department collaboration

• Monitor logs, SIEM, and network traffic for threats; analyze and recommend fixes

• Conduct incident response drills, setting benchmarks to highlight issues and solutions

• Administer system security per policies, standards, best practices, and vendor guidelines

• Install and configure security systems, ensuring policy compliance and network protection

• Assess and remediate threats to secure systems from vulnerabilities

• Apply patches and mitigate weaknesses to harden systems per policies and standards

• Report unresolved security risks, resource misuse, or noncompliance per escalation procedures

• Cross-train team on security tools, reporting, and issue resolution

• Develop and maintain documentation for security systems, policies and procedures

• Research, recommend, evaluate and implement security solutions that identify and/or protect against potential threats, and respond to security violations

• Automate repetitive tasks and drive efficiencies so analysts can work on more advanced tasks

• Support internal and external audits

Knowledge, Skills, and Abilities

• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management

• Technical proficiency with security-related systems and applications, such as security information and event management (SIEM) platforms, threat intelligence platforms, security automation and orchestration solutions, and other network and system monitoring tools

• Experience in developing, documenting and maintaining security procedures and processes

• Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts

• Working technical knowledge of current systems' software, protocols and standards

• Excellence in communicating business risk from cybersecurity issues

• Experience working with security frameworks, such as NIST CSF, NIST 800-53, CIS, or ISO 27001

• Experience driving measurable improvement in monitoring and response capabilities at scale

• Experience managing and configuration a range of inventory management and vulnerability scanning and penetration testing systems

• Experience working with and optimizing ticketing systems and process improvements

• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively

Education and work experience required

• 3 years of IT experience

• 2 years of Information Security monitoring and response, or similar experience

• Bachelor's Degree in Computer Science, Management Information Systems, Information Assurance; Information Security or a relevant field or equivalent experience

• Nice to have: Security+, SANS certification and an ambition to pursue additional relevant security certifications such as CISSP, CISM, and CCSP