Analog Devices · 5 hours ago
Sr. Analyst, Information Security
Wilmington, MA
Full-time
Onsite
Mid, Senior Level
$103K/yr - $141K/yrAnalog Devices, Inc. is a global semiconductor leader focused on bridging the physical and digital worlds. The Sr. Analyst in Information Security will play a critical role in protecting sensitive data, implementing data governance and security measures, and ensuring compliance with various regulations.
DSPElectronicsLightingSemiconductor
No H1B
U.S. Citizen Only
Responsibilities
Administer and optimize Varonis Data Security Platform to monitor file activity, permissions, and sensitive data exposure
Assist with onboarding data sources into the Varonis platform, working across IT teams including networking, and business as part of that process
Perform risk assessments on unstructured data repositories (NAS, SharePoint, OneDrive, cloud storage)
Identify and remediate excessive permissions, open shares, and data access vulnerabilities
Continuously monitor data access activity across our Data Security and Identity Governance toolsets, identify potential security risks, and maintain a clear audit trail of data access events
Ensure compliance with ITAR, EAR, DFARS 252.204‑7012, CUI handling requirements, and internal data governance policies
You will work closely with engineering, operations, quality, and compliance teams to maintain the integrity and security of technical data throughout its manufacturing lifecycle, including data discovery to locate sensitive files created by engineering and manufacturing systems
Manage and optimize the Varonis Data Security Platform to secure engineering designs, technical data, manufacturing documents, and quality records stored in on‑prem, NAS, and cloud environments
Conduct risk reviews on file shares and collaboration platforms used for product design, customer/vendor/external parties and supply chain communication
Remediate over-permissioned access and ensure least-privilege alignment for production, engineering, and support teams
Work with the Identity Governance team members in collaboration and enforcement of role-based access control (RBAC) to enforce least privilege access with each user and devices grant access only to the specific applications or data necessary for their roles, limiting potential exposure and minimizing the risk of data breaches or unauthorized access
Develop, validate, and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for Data Security & Protection technologies and processes
Assist in the support of Exception request process (ServiceNow enabled) for temporary data transfers or file uploads to external sites etc. Assess if the data transfer exceptions introduce potential risk into the ADI environment, ensure that these exception requests have export control team review and other levels of required approvals, as well as review and consideration of ADI’s Data Classification, and Information Security Policies and Standards
Collaborate across compliance, risk assessment, Legal and IT teams to ensure compliance with ADI’s regulatory and privacy requirements (e.g., SOX, CMM, TISAX, HIPAA)
Implement and manage Microsoft Purview Information Protection labels, policies, and auto‑classification rules
Maintain accurate and scalable data classification taxonomies covering confidential, regulated, export-controlled, and IP data types
Conduct data discovery and mapping across on-premises and cloud environments to identify sensitive or high-value assets
Collaborate with peer Cyber Security and IT teams who own or manage DLP platforms to refine, design, implement, and maintain DLP policies
Assist with investigations as needed for DLP alerts, remediation and policy tuning
Focus on data protection capabilities across Microsoft Purview, endpoint environments, and cloud applications to prevent unauthorized sharing or exfiltration. Such as, use cases related to USB use, printing of controlled drawings, cloud uploads, supplier communications, and external collaboration
Analyze data movement patterns to reduce false positives and improve rule accuracy
Contribute to the design and implementation of Zero Trust principles across network, identity, and data layers
Support Zero Trust initiatives across production, development, and administrative environments, including segmentation between operational technology (OT) and IT
Monitor user access to ensure compliance with government contract requirements around minimum necessary access
Support ZTNA enforcement using conditional access, identity-driven access controls, and segmentation strategies
Evaluate user access behaviors and strengthen access policies for high‑risk or sensitive data environments
Partner with Legal, HR, and Engineering to ensure data protection controls comply with ITAR, EAR, and other export regulations
Enforcement of controls to meet ITAR/EAR, DFARS, NIST SP 800-171, and CMMC requirements for handling technical data
Validate classification of export-controlled content and ensure access is restricted to U.S. persons where required
Support audits, assessments, and compliance reviews
Develop controls and monitoring processes to prevent unauthorized access, transmission, or storage of export‑controlled content
Use Varonis and Purview activity logs to detect anomalous behavior, insider threats, or data exfiltration attempts
Investigate and escalate data security incidents; contribute to remediation plans and root cause analysis
Build dashboards, reports, and KPIs demonstrating data security posture and risk trends
Support development and enforcement of data governance policies, data retention requirements, and secure collaboration standards
Provide guidance to business units on proper labeling, handling, and sharing of sensitive data, inclusive of export-controlled data
Deliver guidance to engineers, development, program managers, and supply chain staff on data protection expectations
Work with operational teams to integrate data security controls into daily manufacturing workflows
Contribute to continuous improvement of the data protection program
Producing and maintaining data reporting, analysis, dashboards, executive metrics and reports
Qualification
Required
Bachelor's degree in Cybersecurity, Computer Science, or related field
Hands-on experience with Varonis (DatAdvantage, DatAlert, Data Classification Engine)
Strong working knowledge of Microsoft Purview Information Protection (MIP), DLP, data lifecycle management, and insider risk
Understanding of export control regulations (ITAR, EAR) and how they apply data classification and access control
Experience designing and managing DLP policies across endpoints, cloud apps, and email
Zero Trust Network Access (ZTNA) concepts and tools, including conditional access and identity-driven controls
Experience with identity and access management principles (least privilege, entitlement reviews, access lifecycle)
Familiarity with cloud and hybrid environments, including Azure AD / Entra ID, SharePoint Online, OneDrive, and Teams
Ability to analyze logs, alerts, and user behavior to identify risk
Working knowledge of ITAR, EAR, DFARS 252.204‑7012, CMMC, NIST 800‑171, and CUI handling requirements
Strong analytical skills to interpret logs, alerts, and data trends
Excellent communication abilities to partner with legal, engineering, HR, and compliance stakeholders
Experience with audits and compliance processes in highly regulated environments
Preferred
CISSP, CISM, Security+, or equivalent certifications
Experience in highly regulated industries (aerospace/defense, manufacturing, biotech, etc.)
Scripting skills (PowerShell, Python) for automation and other tools such as Power BI for reporting
Benefits
Medical, vision and dental coverage
401k
Paid vacation
Holidays
Sick time
Other benefits
Company
Analog Devices
Analog Devices (NYSE: ADI) defines innovation and excellence in signal processing. ADI's analog, mixed-signal, and digital signal
Founded in 1965
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
$4.6MKey Investors
U.S. Department of Defense
2025-04-11Post Ipo Debt
2024-09-18Grant· $4.6M
2012-04-02IPO
Leadership Team
Vincent Roche
Chief Executive Officer
John Hassett
SVP Industrial & Consumer Group
Recent News
2026-02-06
2026-01-24
Company data provided by crunchbase