Apply on Employer Site

STAAR Surgical · 5 hours ago

Information Security Analyst

Lake Forest, CA

Full-time

Hybrid

Mid, Senior Level

$100K/yr - $125K/yr

4+ years exp

STAAR Surgical is a company focused on delivering innovative solutions in the medical device industry, and they are seeking an Information Security Analyst to join their Information Technology team. This role involves defining, delivering, and supporting information security solutions while addressing complex security challenges and developing strategies to mitigate risks.

BiotechnologyHealth CareManufacturingMedical Device

H1B Sponsor Likely

Responsibilities

Defines and implements information security strategies and procedures

Works with engineering teams to define and refine information security and systems management policies and settings

Monitors and assesses vendor and 3rd party information security reports/lists

Evaluates new and emerging products, technologies and makes recommendations to leadership concerning introduction of new technologies

Coordinates, administers, manages and monitors the use of access control systems security tools and intrusion detection systems to identify anomalous events and security infractions that exploit system vulnerabilities

Integrates information security controls into an environment to identify risks and reduce their impact

Provides analysis of potential risk to information security and recommends solutions

Creates and maintains information security documentation

Communicates information security procedures to users

Reviews and recommends changes to information security policies, including STAAR Surgical IT use policies, Data Sensitivity and Personally Identifiable Information Security Policies and procedures

Knowledge of basic principles, methods, technologies and practices of a professional/technical field

Apply a basic understanding of the underlying principles of a professional discipline - typically obtained through formal study

General knowledge of procedures and activities within their own work area

Ability to relate actual day-to-day work to business priorities

Focused on learning the key aspects and duties of the job being performed

Oversees the activities of the assigned team within a functional area

Sets direction for the team and prioritizes workload

Ensures that organizational and process changes are implemented by the team

Brings team members together to resolve issues and achieve operational strategic goals

Performs other duties as assigned

Qualification

Security certificationsKnowledgeable in cybersecurity threatsKnowledgeable in incident handlingKnowledgeable in vulnerability managementKnowledgeable in identityAccess managementKnowledgeable in security best practicesKnowledgeable in automation scriptingKnowledgeable in endpoint protectionKnowledgeable in firewalls configurationCommunication skills

Required

Defines and implements information security strategies and procedures

Works with engineering teams to define and refine information security and systems management policies and settings

Monitors and assesses vendor and 3rd party information security reports/lists

Evaluates new and emerging products, technologies and makes recommendations to leadership concerning introduction of new technologies

Integrates information security controls into an environment to identify risks and reduce their impact

Provides analysis of potential risk to information security and recommends solutions

Creates and maintains information security documentation

Communicates information security procedures to users

Reviews and recommends changes to information security policies, including STAAR Surgical IT use policies, Data Sensitivity and Personally Identifiable Information Security Policies and procedures

Knowledge of basic principles, methods, technologies and practices of a professional/technical field

Apply a basic understanding of the underlying principles of a professional discipline - typically obtained through formal study

General knowledge of procedures and activities within their own work area

Ability to relate actual day-to-day work to business priorities

Focused on learning the key aspects and duties of the job being performed

Oversees the activities of the assigned team within a functional area

Sets direction for the team and prioritizes workload

Ensures that organizational and process changes are implemented by the team

Brings team members together to resolve issues and achieve operational strategic goals

Performs other duties as assigned

Applies research, information gathering and analytical skills

Selects appropriate alternatives from defined options

Collects required documentation; verifies conformance of documents with standards

Assesses accuracy of detailed information

Tracks, maintains and produces regular and ad hoc reports

Handles detailed, structured problems

Identifies roadblocks to task completion and effectively brings them to management for resolution

Generally uses existing procedures to resolve standard problems

Works on assignments where judgment is required a majority of the time

Knowledgeable in security best practices and defense in depth strategies for multiple platforms (i.e. Linux/Unix, Windows, Mac)

Knowledgeable in common cybersecurity threats, attacks, and TTPs

Knowledgeable in intrusion detection and investigations

Knowledgeable in incident handling and reporting

Knowledgeable in analyzing host-based and network logs

Knowledgeable in firewalls rules and configuration

Knowledgeable in public cloud computing platforms

Knowledgeable in standard cybersecurity frameworks and implementing security controls

Knowledgeable in privileged account management (PAM)

Knowledgeable in vulnerability management

Knowledgeable in methods of data protection, types of encryption, and data loss prevention (DLP) solutions

Knowledgeable in identity and access management methodology

Knowledgeable in automation scripting languages (i.e. PowerShell, Python, Bash)

Knowledgeable in security awareness training

Knowledgeable in endpoint protection solutions (EDR/XDR)

Knowledgeable in multifactor authentication (MFA) technologies

Knowledgeable in email security gateway solutions

Good understanding of networking technologies

Contributes to cost- benefit analysis to justify investment in security controls to mitigate risks

Knowledge of the Globally Accepted Information Security Principles

Must possess strong verbal and written communication skills and be able to adapt to the level and nature of their audience

Preferred

Undergraduate degree and 0-2 years relevant experience

Security certifications such as GCIH, GSEC, Security+

4-6 years of relevant experience or equivalent combination of education and work experience

Company

STAAR Surgical

STAAR, which has been dedicated solely to ophthalmic surgery for over 40 years, designs, develops, manufactures and markets implantable lenses for the eye.

Founded in 1982

Lake Forest, California, USA

501-1000 employees

http://staar.com/

H1B Sponsorship

STAAR Surgical has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (11)

2024 (8)

2023 (6)

2022 (10)

2021 (2)

2020 (3)

Funding

Current Stage

Public Company

Total Funding

unknown

2025-08-05Acquired

1990-11-02IPO

Leadership Team

Keith Holliday

Chief Technology Officer

Recent News

Business Wire

STAAR Surgical and Broadwood Partners Enter Into Cooperation Agreement

2026-01-16

GlobeNewswire

Intraocular Lens Market Size to Reach USD 9.85 Billion by 2033, Growing at a CAGR of 6.48% - SNS Insider

2026-01-09

Business Wire

Alcon Terminates Agreement to Acquire STAAR Surgical

2026-01-07

Company data provided by crunchbase