CooperVision · 1 week ago
Senior Information Security Analyst
Victor, NY
Full-time
Onsite
Mid, Senior Level
$117K/yr - $156K/yr
5+ years expCooperVision is one of the world’s leading manufacturers of soft contact lenses, providing innovative products and support to solve vision challenges. The Senior Information Security Analyst is responsible for providing advanced security expertise to reduce risk across the enterprise, partnering with various stakeholders to maintain security architecture and improve security controls effectiveness.
Health CareManufacturingMedical Device
Responsibilities
Provide leadership and direction for the integration of security culture and design within business and IT strategy; work with the Engineering teams to ensure that security considerations are included in systems architecture and help to identify, evaluate, and select security solutions to meet information security/compliance needs
Mentor and coach junior team members to develop well-rounded information security skill sets; promote a strong security culture and awareness across the organization
Work with compliance teams to ensure solutions meet security policies and procedures
Support compliance with relevant regulations and frameworks (e.g., SOX, HIPAA, PCI, GDPR, GLBA) and privacy laws; prepare for and participate in audits and examinations
Administer and tune security tools (e.g., SIEM, NAC, firewalls, IDS/IPS, secure email gateway) to ensure effective monitoring and detection while enabling business operations
Partner with Security Engineers to ensure security-by-design in systems architecture and delivery of secure solutions; participate in change/project management to validate secure designs and implementations
Define and maintain enterprise security documents (policies, standards, baselines, guidelines, and procedures) and provide detailed hardening guidance to technical teams
Prioritize vulnerability assessment output based on exploitability, impact, and likelihood; coordinate remediation across infrastructure, endpoints, applications, and cloud services
Support compliance with relevant regulations and frameworks (e.g., SOX, HIPAA, PCI, GDPR, GLBA) and privacy laws; prepare for and participate in audits and examinations
Design, scope, and lead deep technical assessments on internal and external systems
Define incident response playbooks for IT and Information Security personnel to follow when responding to common issues (e.g., malware infection, phishing, etc.)
Act as a Subject Matter Expert within all Information Security disciplines
Coordinate and help implement significant security projects
Contribute to Business Continuity and Disaster Recovery planning and exercises in coordination with IT and continuity team
Influence and communicate business risk and recommended mitigations to technical and non-technical audiences; document clearly for management and stakeholders
Handle sensitive/confidential information, investigations, and incidents in a professional and confidential manner
Perform other duties as assigned
Qualification
Required
Expert knowledge of security frameworks and concepts such as NIST 800-53, ISO 27001, CIS Critical Controls, the Cyber Kill Chain, MITRE ATT&CK, and OWASP
In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls
Deep understanding of enterprise infrastructure and security technologies including network switches/routers, firewalls/VPN, DLP, anti-malware, IDS/IPS, SIEM, SMTP/email security, Active Directory/Group Policy, DNS, DHCP, VLANs, and content filtering
Experience with traditional and modern security controls such as SIEM, IDS/IPS, PKI, IAM, antivirus/firewalls, EDR, threat intelligence, security automation/orchestration, deception, and application controls
Ability to conduct vulnerability scanning and penetration testing; incident response and digital forensics
Experience developing policies, procedures, standards, and guidelines
Strong analytical, strategic, and tactical thinking; ability to communicate business risk effectively and drive nuanced solutions without impeding innovation
Understanding of common cloud platforms and how to secure them; experience with AWS and/or Azure is a plus
Ability to interact with Cooper personnel and build strong relationships at all levels, and across all business units and organizations, and to understand business imperatives
Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and to work with minimal supervision
Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management, and business personnel
5-10 years of professional IT experience; 3-6 years specifically in Information Security, including work with geographically dispersed teams
Experience supporting audits and meeting regulatory requirements (SOX, HIPAA, PCI, GDPR, GLBA)
Bachelor's degree in computer science, information assurance/cybersecurity, MIS, or equivalent experience
Preferred
Professional certifications such as GIAC (e.g., GSEC/GCIA), CISSP, CISM, Cisco Security or similar
Company
CooperVision
CooperVision is one of the world’s leading manufacturers of soft contact lenses and related products and services. It is a sub-organization of The Cooper Companies.
5001-10000 employees
H1B Sponsorship
CooperVision has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (9)
2024 (12)
2023 (14)
2022 (7)
2021 (13)
2020 (11)
Funding
Current Stage
Late StageLeadership Team
Michael Good
Divisional Chief Financial Officer
Recent News
2026-01-06
FierceBiotech
2025-09-28
Company data provided by crunchbase