• Plan and implement security measures to meet federal compliance and protect computer systems, networks, and data. • Analyze and document security risks, breaches, and cyber security incidents to understand their impact and improve security measures. • Develop and implement network disaster recovery plans to ensure business continuity. • Oversee the monitoring of computer networks for security issues and take proactive measures to address potential threats. • Install and operate security software and measures, including firewalls and data encryption programs, to protect systems and information infrastructure. • Stay informed about the latest security trends and guidelines, especially those relevant to federal contracts, and make recommendations to enhance security posture.

Role Description We're looking for a Security Analyst to become an integral member of our Security Team. In this high-impact role, you will be responsible for maintaining patient safety through managing our security tools to improve security outcomes in the domains of Data Loss Prevention, Zero Trust, and Endpoint Security. This role will also have exposure and responsibilities in our Incident investigations and in the subsequent Response lifecycle. This is a hands-on role, and our ideal candidate will maintain high standards, is passionate about delivery of care to patients, and wants to play an impactful role in the development of our innovative medical devices. This is an excellent opportunity for someone eager to learn and grow. Responsibilities - Own our endpoint security solution and be the primary/secondary go-to person to triage the alerts. - Help improve our Data Loss Prevention tooling by creating baselines and tuning based on false positives and usage. - Work off of our SIEM tool and be an all-rounded resource who can create dashboards, trendlines, and can detect anomalous events that can be investigated on a daily basis. - Understand Imagen's technical footprint, identify possible threat entry-points, and come up with high-quality, efficient ways to safeguard against them. - Play a key role in our Incident Response lifecycle. - Partner with key internal stakeholders to improve and maintain the security of Imagen’s medical devices. - Be responsible for maintaining our security awareness training tool and triage our phishing alerts and tests. - Create detailed documentation for investigations and troubleshooting. Qualifications - At least 2 years experience as a security analyst, incident analyst, working in a Security Operations Center (SOC), or equivalent education. - Knowledge of working with a SIEM. - Experience with modern endpoint security solutions. - High standards and the ability to plan, prioritize, and manage competing priorities to ensure deadlines are met. - Have (at least minimal) knowledge of Digital Forensics. - Enjoys working with technical and non-technical stakeholders. Preferred Qualifications - Understand a coding or a scripting language (Python, Bash, Powershell, etc). - Comfortable with working inside CLI interfaces. - Compliance experience (e.g., HIPAA, HITRUST, or SOC2). - Security certification such as an OSCP, GCIH, GCFA, or similar. - Own our security tools (e.g., SIEM, endpoint security solutions, vulnerability scanners, compliance managers, password managers, etc.) with the goal of creating and fulfilling effective baselines. - Proactively identify tools and perform projects across the cybersecurity and compliance domains as necessary to improve Imagen’s systems and operations. Compensation The base salary for the position is between $80,000 - $90,000, plus equity and benefits. Please note that the range is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. Equal Employment Opportunity Imagen is committed to the principle of equal employment opportunity for all employees and applicants for employment and prohibits discrimination and harassment of any kind without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Imagen will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Substance Abuse Policy Imagen Technologies maintains a Substance Abuse and Testing policy. Being under the influence of alcohol or controlled substances while on the job or while conducting business on Imagen’s behalf is prohibited. Imagen reserves the right to test any applicant or employee for alcohol and/or drug use, subject to compliance with any applicable state and/or federal laws.

Role Description We are seeking a full-time Mid-Level Digital Forensics Analyst who supports and conducts digital forensic investigations related to cybersecurity incidents, insider threats, data loss, and policy or regulatory inquiries. This role performs hands-on forensic analysis under established methodologies while working closely with senior forensics staff, incident response teams, and legal or compliance stakeholders. - Conduct forensic analysis on endpoints, servers, and removable media. - Acquire, preserve, and analyze digital evidence in accordance with forensic best practices. - Perform disk, memory, and artifact analysis to identify user activity, malware, or unauthorized access. - Support investigations involving security incidents, insider activity, and data exfiltration. - Assist incident response teams with forensic scoping, timeline creation, and root cause analysis. - Analyze forensic artifacts to determine attack vectors, persistence mechanisms, and impact. - Identify indicators of compromise (IOCs) and support remediation efforts. - Maintain proper evidence handling and chain-of-custody documentation. - Produce clear forensic notes, findings, and supporting artifacts. - Contribute to forensic and incident reports used by technical, legal, or leadership teams. - Utilize forensic tools for data acquisition, analysis, and reporting. - Perform artifact validation and cross-verification to ensure analytical accuracy. - Support improvements to forensic workflows and repeatable procedures. - Work closely with senior forensic analysts and incident responders. - Participate in tabletop exercises, incident reviews, and training activities. - Continue skill development in forensic techniques, tools, and emerging technologies. Qualifications - 3–5 years of experience in digital forensics, incident response, or cybersecurity analysis. - Hands-on experience performing forensic acquisitions and analysis. - Solid understanding of: - Windows and Linux operating systems - File systems, logs, and system artifacts - Common attacker behaviors and malware indicators - Strong documentation and written communication skills. - Ability to follow evidence handling and legal defensibility requirements. Requirements - Experience with memory forensics, log correlation, or malware triage. - Familiarity with cloud, SaaS, or email forensics (e.g., M365, cloud platforms). - Scripting or automation experience (Python, PowerShell, Bash). - Certifications such as GCFA, GCIH, CHFI, EnCE, or equivalent. - Experience in regulated, enterprise, or government environments.

• Analyze, assess, reproduce, and triage incoming security vulnerability reports from the bug bounty program. • Communicate clearly and effectively with security researchers to follow up on unclear reports, drive report clarity, and increase engagement with top hackers. • Understand the root cause of security vulnerabilities to help product and engineering teams fix them, and advise on the right mitigation strategies. • Drive the lifecycle of submissions through to resolution, coordinating with product and engineering stakeholders. • Act as the security bridge between external researchers and internal teams to facilitate rapid and effective remediation. • Conduct in-depth data analysis on bug reports and vulnerability patterns to identify systemic risks and inform new security initiatives. • Provide tactical support for vulnerability management triage processes to augment the team as needed. • Prepare and implement improvements to the overall bug bounty program. • Provide feedback and requirements for tool development to enhance triage and security workflows, leveraging opportunities for automation.