Cybersecurity Analyst

Paragon 28's growth continues and we're looking for more great employees! Now is your chance to join this public company dedicated to improving a patient's quality of life with the treatment of the most challenging foot and ankle conditions! We are currently looking to fill the position of Cybersecurity Analyst with a starting range of $85,000 - $109,000/year, dependent upon experience, education, and skills. This position may have the opportunity for occasional work from home.

The Cybersecurity Analyst is responsible for safeguarding Paragon28's digital assets by ensuring the integrity, confidentiality, and availability of sensitive data. This role will work closely with cross-functional teams to assess security risks, develop and implement security measures, and respond to security incidents. This role requires an understanding of cybersecurity principles, a record of accomplishment, strong analytical skills, and the ability to navigate complex security challenges in a hybrid environment.

Responsible for the execution of the Information Security program, including participating in its design, actively identifying vulnerabilities and monitoring mitigation, leading incident response, performing security reviews, and educating the user community on information security matters.

Key Responsibilities

• Execute the defined NIST-CSF strategy.

• Investigate escalated incidents from Managed Security Services Provider (Level 1) and perform second level analysis to assess risk.

• Respond immediately to security incidents, assess the impact of threats as well as coordinate strategies for containing, mitigating, and eradicating them.

• Responsible for escalation support, security tickets, and security incident response.

• Execute the incident response plan to quickly identify and respond to security incidents, minimizing potential damage.

• Collaborate with incident response teams to contain, mitigate, and recover from security incidents. Document incident details and lessons learned.

• Maintain regular vulnerability assessments and penetration tests to identify and mitigate potential security weaknesses in IT infrastructure and applications.

• Ensure the security of all server and endpoint devices connected to the business network through endpoint protection solutions and regular patch management.

• Train employees to recognize and mitigate phishing attacks and social engineering threats that could compromise data or systems.

• Administer cybersecurity training and awareness programs to employees to promote a culture of security within the organization.

• Perform analysis of user reported or automatically detected phishing email messages.

• Assist in the development, implementation, and enforcement of cybersecurity policies, procedures, and standards.

• Maintain up-to-date documentation of security configurations, procedures, and incident reports.

• Provide guidance, and outreach to help teams improve their security posture.

• Maintain the cyber risk registry and report on continual improvement efforts.

• Stay informed about the latest cybersecurity threats, trends, and vulnerabilities in the medical device and healthcare sectors.

• Understand industry-specific regulations (e.g., HIPAA, GDPR, FDA) and ensure the company's cybersecurity practices align with these requirements.

Work Environment

• Work to be conducted in an office environment.

• Must be able to sit for extended periods of time.

Physical Demands

• Frequent use of computer with repetitive use of keyboard, mouse, and manual dexterity.

• Ability to lift 25 lbs.

Travel

Less than 10% of overnight travel required.

Qualifications

• Candidate must work onsite in our Centennial, CO office.

• Associate's Degree in Computer Science, Information Technology, Management Information Systems, or related field OR a minimum of 2 years relevant experience

• Professional certifications such as CISSP, SSCP, CCSP, or CompTIA Security+, preferred

• 2-3 years of experience as a Cyber Security Analyst or in a similar role.

• Familiarity with security frameworks and standards (e.g., NIST-CSF, HIPAA, ISO 27001).

• Hands-on experience with security architecture, technologies, and solutions.

• Experience detecting, analyzing, and responding to security events.

• Experience in system and/or application vulnerability management.

• Ability to apply security principles and oversight based on best practices and industry standards.

• Microsoft 365 Security and Purview (Compliance) controls experience desired.

• Experience with security information and event management (SIEM) systems.

• Excellent analytical and problem-solving skills.

• Effective communication and teamwork abilities.

• Ethical and proactive mindset with a commitment to confidentiality.

• Knowledge of security related technologies such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners and forensics tools

• Understanding of infrastructure such as network switches, routers, firewalls and VPN, network security, administration of DLP, NGAV, IDS/IPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs.

• Motivated and curious, willing to ask questions, willingness to learn in a hands-on learning environment, research issues, and take on challenging projects/assignments; creative, brings new ideas to the table, exhibits self-confidence. Has strong achievement motivation and tenacity.

P28 is a leader in the development and distribution of medical solutions for the foot and ankle industry. Established in 2010,every member of our inspired and dedicated team serves a vital role in the achievement of our mission: to strategically build a company around the core principles that drive innovation and quality. We're located at 14445 Grasslands Dr., just off E-470 and Peoria St. on the east side of Englewood, CO.

We offer comprehensive medical coverage with generously subsidized premiums for both employees only and coverage with dependents. Plans include prescription drug and behavioral health coverage as well as telemedicine services. Additional options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness), pet insurance and more. Free counseling services and resources are offered for emotional, physical, and financial wellbeing through our Employee Assistance Program. A safe harbor 401(k) Plan with 3% match and an Employee Stock Purchase Plan, which allows purchase of P28 stock at a discounted rate. You are able to accrue 19 days of PTO over 12 months to maintain a fulfilling work/life balance. Our working environment is considered Colorado Casual. Onsite we have a fresh food kiosk, free parking and will have a new, expanded fitness center!

Paragon 28 is an equal opportunity employer and values diversity. All employment decisions are decided on the basis of qualifications, merit and business need.

Notice to Recruiters and Staffing Agencies: to protect the interests of all parties, Paragon 28, Inc. will not accept unsolicited resumes or referrals from any source other than directly from a candidate or an approved vendor that has a written and signed agreement in place through the Paragon 28, Inc. HR department. Please do not contact or forward resumes or referrals to our company employees. Any unsolicited resumes will be considered Paragon 28, Inc. property. Paragon 28, Inc. is not responsible for any charges or fees related to unsolicited resumes or referrals.